February 23, 2022 – The CSIA, National Security Agency, and FBI released a Joint Cyber Security Announcement today indicating that Cyclops Blink has been deployed to WatchGuard protected devices. This particularly insidious malware is thought to emanate from Sandworm, also known as Voodoo Bear, and said to originate from the Russian Main Center for Special Technologies.
A common question that we have been receiving from clients and students alike is the difference between a cloud-managed Firebox, and a locally-managed Firebox with WatchGuard Cloud enabled. Ultimately, these two Firebox types are completely different; their only similarity is that they can both access report & log data through WatchGuard Cloud.
WatchGuard now supports Remote Access Points! This method of configuration allows for quick deployments of multiple RAP’s using the WatchGuard Cloud Access Point Sites that store configuration settings. The infrastructure requirements for this implementation are WatchGuard Cloud supported access point models, and a Cloud Managed Firebox.
February 23, 2022 – The CSIA, National Security Agency, and FBI released a Joint Cyber Security Announcement today indicating that Cyclops Blink has been deployed to WatchGuard protected devices. This particularly insidious malware is thought to emanate from Sandworm, also known as Voodoo Bear, and said to originate from the Russian Main Center for Special Technologies.
Interface types on WatchGuard firewalls are not something to configure without planning and thought. The reason behind this is due to the system-generated aliases (blue font indicates system-generated items). When you create multiple interfaces with the same type, it is possible to overlap interfaces in your firewall policies.
One of the many subscription services that WatchGuard offers is Reputation Enabled Defense (RED). This subscription service ‘scores’ websites based on reports from devices all over the Earth. The score system for RED ranks from 1-100, with 100 being the worst URL, and 1 being a clean URL. WatchGuard houses a backend server that receives reports and sends reputation scores to Fireboxes that submit requests.
One thing that you have to be mindful of as an AuthPoint user is that your log-in capabilities are tied to your smart device, should you choose to use that instead of a hardware token. The good news is that migrating your token from one device to another does not take very long, but it requires some review before you begin.
DNS settings are a configuration item that is set, confirmed to work, and then not discussed further. One issue that we see occurring regularly are Guest networks that have DNS settings for internal servers. The settings shown below are how to set the global DNS settings for each interface on your firewall:
Charlotte, NC - HQ • Columbia, SC • Raleigh, NC • Kansas City, MO • Philadelphia, PA • Tampa, FL
