260 likes | 391 Views
What’s New in WatchGuard Dimension v1.3. What’s New in Dimension v1.3. Dashboards New Top Zero-Day Malware (APT) widget in the Executive Dashboard All Security Dashboard widget names changed to begin with “Top Blocked”
E N D
What’s New in Dimension v1.3 • Dashboards • New Top Zero-Day Malware (APT) widget in the Executive Dashboard • All Security Dashboard widget names changed to begin with “Top Blocked” • New Policy Map dashboard enables interactive policy audit and aggregated traffic flow analysis • Threat Map supports IPv6 addresses • Reports • New reports on Zero-Day Malware (APT) and Per-Client Detail (URL Audit Detail report and WebAudit by Category Detail report) • Summary reports for some Subscription Services include Allowed and Denied connections • Updated names for some Dimension reports • Collapsible report categories list • Per Client reports separated into Summary and Detail categories with context-sensitive, collapsible search criteria
What’s New in Dimension v1.3 • Installation Updates • Add a VHDX hard disk for Hyper-V deployments • System Tasks • Consolidate the management of CA certificates trusted by Dimension for outbound connections • Option for easy shutdown of Dimension VM from Web UI • Support for user names in Dimension Task History
Top Zero-Day Malware (APT) Widget • New Top Zero-Day Malware (APT) widget in the Executive Dashboard • Top Zero-Day Malware (APT) widget includes threats that were identified by APT Blocker as zero-day malware after they passed through the firewall. • These threats should be reviewed to determine whether they require action.
New Security Dashboard Widget Names • Security Dashboard widget names changed to begin with “Top Blocked” • New widget names: • Top Blocked Advanced Malware (APT) • Top Blocked Clients • Top Blocked Destinations • Top Blocked URL Categories • Top Blocked Applications • Top Blocked Application Categories • Top Blocked Protocols • Top Blocked Attacks
Policy Map — See Traffic Flow • Policy Map is an interactive report tool that aggregates and visualizes the traffic through your Firebox or XTM devices, FireClusters, and device groups to facilitate policy audits and traffic analysis. • Each traffic flow is defined by the unique path a connection takes internally through the device as it is processed by policies and configuration settings on the device.
Policy Map — See Traffic Flow • To change the information in the map, from the map type drop-down list at the top-right of the page, select an option: • Policy Audit • Subscription Services • Web Audit • Application Control • Intrusions (IPS) • Advanced Malware (APT) • Data Loss Violations (DLP) • Virus (GAV) • From the pivot drop-down list at the top right of the page, select an available pivot option: • Bytes (only available for some map types) • Connections
Policy Map — See Traffic Flow • Place your cursor over the traffic flow ribbon or columns to see the name of the node, number of flows, and number of connections.
Policy Map — See Traffic Flow • Click the traffic flow ribbon or columns to: • See the number of bytes and connections for the node. • Filter Policy Map on the node. • View connections for the Policy Map node.
Policy Map — See Traffic Flow • The filtered view of Policy Map only shows the connections passing through the selected node.
Policy Map — See Traffic Flow • In the breadcrumbs, select Policy Map to remove the filters and return to the complete Policy Map view.
IPv6 Addresses in Threat Map • You can now see IPv6 addresses in the Threat Map Dashboard • IPv6 addresses only appear in the map if there are connections from IPv6 addresses
Report Enhancements • Zero-Day Malware (APT) reports are available in the Services, Detail, and PCI report categories • These reports include threats that were identified for each category by APT Blocker as zero-day malware after they passed through the firewall. • These threats should be reviewed to determine whether they require action.
Report Enhancements • Summary reports for some Subscription Services include Allowed and Denied connections • Gateway AntiVirus, APT Blocker, Data Loss Prevention, and Intrusion Prevention Service Subscription Services reports include new columns to show data for both Allowed and Denied connections. • Updated names for some Dimension reports
Report Enhancements • On the Dimension Reports tab, you can now expand and collapse the report categories to see or hide the list of reports in each category.
Report Enhancements • Select a report category to expand or collapse that category. • Select Expand All or Collapse All to expand or collapse all the available categories
Report Enhancements • Per Client reports separated into Summary and Detail categories. • Search criteria section is collapsible and context-sensitive • Two new Per-Client reports (under Detail) • URL Audit Detail • Web Audit by Category Detail
VHDX Support for Hyper-V • When you add a data disk to Dimension in Hyper-V 2012 and 2012 R2, you can now add a VHDX disk. • VHDX disks offer increased stability for your Hyper-V deployment. • The VHDX disk can take slightly longer to deploy than the VHD disk.
New Dimension System Tasks • Consolidate the management of CA certificates trusted by Dimension for outbound connections • From the Dimension System Settings > Status page, you can generate a CSR file, import a web certificate, or manage all the CA certificates in Dimension. • Option to Shut Down Dimension VM from Web UI • From the System Settings > Status page, you can click Shut Down to complete a clean shut down of the Dimension VM.
New Dimension System Tasks • Dimension Task History list now includes the user name for the user account that modifies the Dimension system settings.