Watchguard has released 11.6 for both physical and virtual appliances.
As well as the usual minor fixes and improvements, there are a few things of note- you can see the release notes at https://www.watchguard.com/support/release-notes/xtm/11/en-US/EN_ReleaseNotes_FirewareXTM_11_6/index.html but perhaps the most significant things are below. These are my highlights and my own comments are in italics.
- Single Sign-On support for Citrix and Terminal Services environments (Long requested, and confirmed to work in test environment)
- Authentication portal support for mobile devices
- Easy access to HIPAA and PCI Compliance Reporting on new Compliance reporting tab
- Automatic WebBlocker database updates (a common complaint, previously requiring manual intervention or scripting)
- New VPN Diagnostics Report
- HTTP proxy default deny message layout and text improvements (this is additional customisation of the “Denied by webblocker” message)
- More data sources for Reputation Enabled Defense (RED)
- PCAP file download option from Firebox System Manager Diagnostic Tasks (i.e. firebox can do packet captures to help diagnose problems)
- Help updated to HTML5, with improved search results
New! Feature Preview
Fireware XTM v11.6 introduces a preview of three new features, all developed to help you with policy review and troubleshooting. Now available in the WebUI and CLI only, we will make these features available in WSM and include further development work in future releases.
- Policy Checker — lets you simulate and understand how traffic is handled through your XTM device
- XTM Configuration Report — offers an easy to read, printable report of many key configuration settings for your XTM device
- Authentication Server Connection Tool — Test and diagnose Active Directory and LDAP connections and verify group membership
This version of firmware is available for all XTM devices (so excludes appliances such as the e-series, which will no longer take feature releases, but will still get core security and bug-fix patches). There is also an improved 11.6 management suite, which still seems to be backwards compatible; providing centralised management and reporting for e-series, edge, core and XTM appliances.
Don’t forget – even if you have a legacy e-series appliance, you’ll still receive bug fixes and major security updates, and you’ll benefit from management server updates. Watchguard’s end of life products are listed here (http://www.watchguard.com/products/resources/end-of-life-policy.asp); please contact us for some great Watchguard upgrade deals.