what’s new in watchguard dimension v1.3

What’s New in What’s New in WatchGuard Dimension v1.3WatchGuard Dimension v1.3

WatchGuard Training

What’s New in Dimension v1.3

Dashboards• New Top Zero-Day Malware (APT) widget in the Executive Dashboard

• All Security Dashboard widget names changed to begin with “Top Blocked”

• New Policy Map dashboard enables interactive policy audit and aggregated traffic flow analysis

• Threat Map supports IPv6 addresses Reports• New reports on Zero-Day Malware (APT) and Per-Client Detail (URL

Audit Detail report and WebAudit by Category Detail report)

• Summary reports for some Subscription Services include Allowed and Denied connections

• Updated names for some Dimension reports

• Collapsible report categories list

• Per Client reports separated into Summary and Detail categories with context-sensitive, collapsible search criteria

WatchGuard Training 22

What’s New in Dimension v1.3

Installation Updates• Add a VHDX hard disk for Hyper-V deployments

System Tasks• Consolidate the management of CA certificates trusted by Dimension

for outbound connections

• Option for easy shutdown of Dimension VM from Web UI

• Support for user names in Dimension Task History


DashboardsDashboards


Top Zero-Day Malware (APT) Widget

New Top Zero-Day Malware (APT) widget in the Executive Dashboard

Top Zero-Day Malware (APT) widget includes threats that were identified by APT Blocker as zero-day malware after they passed through the firewall.

These threats should be reviewed to determine whether they require action.


New Security Dashboard Widget Names


Security Dashboard widget names changed to begin with “Top Blocked”

New widget names:• Top Blocked Advanced

Malware (APT)

• Top Blocked Clients

• Top Blocked Destinations

• Top Blocked URL Categories

• Top Blocked Applications

• Top Blocked Application Categories

• Top Blocked Protocols

• Top Blocked Attacks

Policy Map — See Traffic Flow

Policy Map is an interactive report tool that aggregates and visualizes the traffic through your Firebox or XTM devices, FireClusters, and device groups to facilitate policy audits and traffic analysis.

Each traffic flow is defined by the unique path a connection takes internally through the device as it is processed by policies and configuration settings on the device.



To change the information in the map, from the map type drop-down list at the top-right of the page, select an option:• Policy Audit

• Subscription Services

• Web Audit

• Application Control

• Intrusions (IPS)

• Advanced Malware (APT)

• Data Loss Violations (DLP)

• Virus (GAV) From the pivot drop-down list at the top right of the page, select

an available pivot option:• Bytes (only available for some map types)

• Connections



Place your cursor over the traffic flow ribbon or columns to see the name of the node, number of flows, and number of connections.



Click the traffic flow ribbon or columns to:• See the number of bytes and connections for the node.

• Filter Policy Map on the node.

• View connections for the Policy Map node.



The filtered view of Policy Map only shows the connections passing through the selected node.



In the breadcrumbs, select Policy Map to remove the filters and return to the complete Policy Map view.


IPv6 Addresses in Threat Map


You can now see IPv6 addresses in the Threat Map Dashboard

IPv6 addresses only appear in the map if there are connections from IPv6 addresses

ReportsReports


Report Enhancements


Zero-Day Malware (APT) reports are available in the Services, Detail, and PCI report categories

These reports include threats that were identified for each category by APT Blocker as zero-day malware after they passed through the firewall.

These threats should be reviewed to determine whether they require action.

Report Enhancements

Summary reports for some Subscription Services include Allowed and Denied connections• Gateway AntiVirus, APT Blocker, Data Loss Prevention, and Intrusion

Prevention Service Subscription Services reports include new columns to show data for both Allowed and Denied connections.

Updated names for some Dimension reports


Report Enhancements

On the Dimension Reports tab, you can now expand and collapse the report categories to see or hide the list of reports in each category.


Report Enhancements


Select a report category to expand or collapse that category.

Select Expand All or Collapse All to expand or collapse all the available categories

Report Enhancements


Per Client reports separated into Summary and Detail categories.

Search criteria section is collapsible and context-sensitive

Two new Per-Client reports (under Detail)• URL Audit Detail

• Web Audit by Category Detail

Installation UpdatesInstallation Updates


VHDX Support for Hyper-V

When you add a data disk to Dimension in Hyper-V 2012 and 2012 R2, you can now add a VHDX disk.

VHDX disks offer increased stability for your Hyper-V deployment. The VHDX disk can take slightly longer to deploy than the VHD

disk.


System TasksSystem Tasks


New Dimension System Tasks

Consolidate the management of CA certificates trusted by Dimension for outbound connections • From the Dimension System Settings > Status page, you can

generate a CSR file, import a web certificate, or manage all the CA certificates in Dimension.

Option to Shut Down Dimension VM from Web UI• From the System Settings > Status page, you can click Shut Down

to complete a clean shut down of the Dimension VM.


New Dimension System Tasks


Dimension Task History list now includes the user name for the user account that modifies the Dimension system settings.

Thank You!Thank You!


what’s new in watchguard dimension v1.3

Documents

policy map node

view of policy map

traffic flowpolicy map

filter policy map

traffic analysis

traffic flowclick

traffic flowplace

traffic flowthe