1 / 254

What’s New in Fireware XTM v11.0

What’s New in Fireware XTM v11.0. Introducing Fireware XTM OS. Fireware XTM v11 is a new, unified OS – one OS that runs on Firebox X Edge e-Series, Firebox X Core and Peak e-Series, and the new XTM 1050 device

tulia
Download Presentation

What’s New in Fireware XTM v11.0

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What’s New in Fireware XTM v11.0

  2. Introducing Fireware XTM OS • Fireware XTM v11 is a new, unified OS – one OS that runs on Firebox X Edge e-Series, Firebox X Core and Peak e-Series, and the new XTM 1050 device • Manage your Fireware XTM device with your choice of three user interfaces: • WSM/Policy Manager • NEW! Fireware XTM Web UI • NEW! Command Line Interface (CLI) WatchGuard Training

  3. Fireware XTM with a Pro Upgrade WatchGuard Training

  4. Install Fireware XTM v11.0

  5. Install Fireware XTM v11.0 • Install Fireware XTM OS on your management computer • For Core/Peak devices, the file name is XTM_OS_Core_Peak_11_0.exe • For Edge devices, the file name is XTM_Edge_11_0.exe • For XTM 1050 devices, the file name is XTM_1050_11_0.exe • You must have this .exe file to upgrade devices using Policy Manager or the Web UI, or when you use the Quick Setup Wizard WatchGuard Training

  6. Install WSM v11.0 Servers install without interruption – no more toolbar activation required WatchGuard Training

  7. Firebox Setup Wizards

  8. Firebox Setup Wizards • For basic setup of your Firebox, use one of two enhanced wizards • Web Setup Wizard • Improved web-based wizard • Use with Edge, Core, Peak, or XTM 1050 • Includes new phone-home capability. If you have an Internet connection when you run the wizard, the wizard downloads and applies your Firebox feature key • WSM Quick Setup Wizard • Must have WSM installed to use the Quick Setup Wizard • Use with Edge, Core, Peak, or XTM 1050 • Includes new options described later in this presentation WatchGuard Training

  9. Web Setup Wizard

  10. Web Setup Wizard • Device must be in factory-default (safe) mode • To start the Web Setup Wizard: • For an Edge: https://192.168.111.1:8080 • For Core, Peak, or XTM 1050: https://10.0.1.1:8080 • You must log in with credentials: admin/readwrite WatchGuard Training

  11. Web Setup Wizard • Restore a configuration, or create a new one WatchGuard Training

  12. Web Setup Wizard • If you have an Internet connection when you run the wizard AND your Firebox does not already have a feature key, the wizard contacts the LiveSecurity web site and downloads and applies the feature key for you. WatchGuard Training

  13. Web Setup Wizard • If you already have a feature key loaded on your Firebox, the feature key steps do not appear in the wizard. The wizard shows the network setup pages only. WatchGuard Training

  14. Configure with the new Web Setup Wizard • Configure the external interface WatchGuard Training

  15. Configure with the new Web Setup Wizard • Configure Domain Name, DNS and WINS servers WatchGuard Training

  16. Configure with the new Web Setup Wizard • You can now enable DHCP on the trusted interface WatchGuard Training

  17. Configure with the new Web Setup Wizard • Configure the status and configuration passphrases WatchGuard Training

  18. Configure with the new Web Setup Wizard • As in existing Fireware v10.x, you can specify a single IP address for remote management WatchGuard Training

  19. Configure with the new Web Setup Wizard • Configure a device name and add contact information WatchGuard Training

  20. Configure using the new Web Setup Wizard • Set the time zone WatchGuard Training

  21. Configure using the new Web Setup Wizard • The wizard completes, and the configuration is saved to your Firebox WatchGuard Training

  22. WSM Quick Setup Wizard

  23. Quick Setup Wizard • After you install WSM v11.0, you can upgrade an existing Firebox with the Quick Setup Wizard • The same look and feel as the v10.x WSM Quick Setup Wizard, with some enhancements: • Management Server configuration settings • You can choose whether to enable DHCP on trusted interface • Edge can be discovered, upgraded, and configured WatchGuard Training

  24. Quick Setup Wizard • New step in the wizard designed for existing Management Server installations. The CA certificate comes from the Management Server. • Skip this step if you do not already have a Management Server configured. WatchGuard Training

  25. Quick Setup Wizard • You can now enable DHCP on the trusted interface. • DHCP scope and other DHCP settings cannot be configured in the wizard. WatchGuard Training

  26. Quick Setup Wizard • You can use the wizard to upgrade a Firebox X Edge v10.2.or higher to Fireware XTM v11 • Make sure Fireware XTM v11.0 for the Edge (XTM_OS_Edge_11_0.exe) is installed on your management computer before you start the wizard WatchGuard Training

  27. Upgrade a Firebox X Edge e-Series to Fireware XTM

  28. Upgrade an Edge to Fireware XTM • End-to-end conversion tool • Self-extracting executable: edge_11_0.exe • Supports local and remote upgrades • Default values from the default.xml file are merged with converted features to generate a Fireware XTM configuration file WatchGuard Training

  29. Upgrade an Edge to Fireware XTM • The Update Wizard performs all steps necessary to migrate an Edge v10.x device to Fireware XTM v11.0. • Download the edge_11_0.exe file from the WatchGuard Software Downloads page to your computer. Run the executable file on the computer you want to update the Edge from. WatchGuard Training

  30. Upgrade an Edge to Fireware XTM Features that are not converted: • ACLs (MAC address Filtering) • Traffic control settings • VLANs • Modem settings • Mobile User VPN • IPSec • SSL • PPTP • SNMP • Single Sign-on WatchGuard Training

  31. Upgrade an Edge to Fireware XTM • Choose whether you want to perform a local or remote install. WatchGuard Training

  32. Upgrade an Edge to Fireware XTM • Type the appropriate IP address, user name, and passphrase valid on your existing v10.x Edge configuration. WatchGuard Training

  33. Upgrade an Edge to Fireware XTM • Configure the new status and configuration passphrase for the XTM Edge. WatchGuard Training

  34. Upgrade an Edge to Fireware XTM • The wizard uploads the OS to the Edge. WatchGuard Training

  35. Upgrade an Edge to Fireware XTM • Do not disconnect the power or Ethernet cable during the update process WatchGuard Training

  36. Upgrade an Edge to Fireware XTM • The upgrade completes in about 5 minutes. WatchGuard Training

  37. Upgrade an Edge to Fireware XTM • You can now connect to the Edge with the Web UI. WatchGuard Training

  38. Upgrade an Edge to Fireware XTM • You can also connect with WSM v11.0. WatchGuard Training

  39. Upgrade an Edge to Fireware XTM • You can upgrade from a remote computer. WatchGuard Training

  40. Upgrade an Edge to Fireware XTM • You must enable WSM access on the Edge v10.2 device before you do a remote upgrade. • Status and Configuration passphrases must match what you enter in the Edge Update wizard. WatchGuard Training

  41. Upgrade an Edge to Fireware XTM • Remote upgrades take longer than local upgrades. • Configuration is uploaded before the OS during a remote upgrade. WatchGuard Training

  42. Fireware XTM Web UI Overview

  43. New Web UI • Replacement for Edge web interface • Edge style of configuration retained • Fireware feature set migrated to Edge hardware platform WatchGuard Training

  44. Flex technology underlying new Web UI • Cross-browser support “out of the box” • Flash version 9.024 required • Over 99% of installed web browsers already run this version • Default look and feel • User interface and charting components are packaged with Flex WatchGuard Training

  45. Web UI Connections • Web UI connections are made by default on port 8080 over HTTPS. • Web UI port can be configured in System > Global Settings menu. • Scheduled reboot option in the Global Settings. WatchGuard Training WatchGuard Training 45

  46. Web UI Connections • Users can log in to Web UI with either the status or admin account. • Status login provides read-only functionality. • Admin login gives full read-write configuration privileges. WatchGuard Training WatchGuard Training 46

  47. Web UI Connections • After login, Web UI shows the type of access permitted along with a Dashboard display of performance statistics. WatchGuard Training WatchGuard Training 47

  48. Web UI Connections • Web UI has familiar left-side menu navigation and Dashboard status information. WatchGuard Training WatchGuard Training 48

  49. Policy Manager Web UI configuration • New configurations and configurations created by the Quick Setup Wizard include a “WatchGuard Web UI” policy used to control access to the device over port 8080. • Connections restricted to the Trusted and Optional networks by default. WatchGuard Training WatchGuard Training 49

  50. Web UI Help System • Integrated on every page • Unique URL for each help link • No client-side URL ... help system is always loaded from Internet, not local client files WatchGuard Training

More Related