Applies To: FireCloud Internet Access
FireCloud is a beta product that is only available to participants in the WatchGuard FireCloud Beta program. To try FireCloud Internet Access, join the WatchGuard Beta test community.
FireCloud is a managed cloud-based firewall-as a-service. FireCloud protects your remote users against Internet-based security threats.
With FireCloud, you can configure these security settings to protect your users:
Content Scanning
Scanning engines protect against spyware, viruses, malicious applications, spam email, and data leakage. With FireCloud, you can enable content scanning with these services:
- Gateway AntiVirus — Protects your users from viruses. You can configure the action Gateway AntiVirus to drop connections when a virus is detected, an error occurs, scanned content exceeds the file size limit (10 MB), or scanned content is encrypted. No information is sent to the source of the connection.
- APT Blocker — Identifies the characteristics and behavior of Advanced Persistent Threat (APT) malware in files and email attachments that enter your network, and you can configure APT Blocker to drop connections for each threat level (High, Medium, Low).
Network Blocking
You can use FireCloud to monitor and block common security threats, such as botnets, spyware, SQL injections, cross-site scripting, and buffer overflows. With FireCloud, you can configure network blocking with these services:
- Botnet Detection — Adds a list of known botnet site IP addresses to the Blocked Sites List, which enables FireCloud to block these sites at the packet level.
- Intrusion Prevention Service — Uses signatures to provide real-time protection against network attacks, including spyware, SQL injections, cross-site scripting, and buffer overflows. You can specify the action IPS takes when it detects a threat, as well as the scan mode to use.
Geolocation
Geolocation is a security service that enables FireCloud to detect the geographic locations of connections to and from your protected devices. In FireCloud, you can enable and configure Geolocation to block access to and from specific locations.
Content Filtering
Content filtering uses the WebBlocker and Application Control security services to block specific content categories and applications.
- WebBlocker — Helps you control the websites that are available to your users. WebBlocker uses a database that groups website addresses into content categories. When a user tries to connect to a website, FireCloud looks up the address in the WebBlocker database and takes the action you specify for the content category.
- Application Control — Enables you to monitor and control the use of applications. Application Control uses over 1800 signatures that can identify and block over 1000 applications. You can use Application Control to block the usage of specific applications. For some applications, you can block specific application behaviors, such as file transfer.
By default, FireCloud has all security services enabled with the default configurations, and a default access rule is in place to handle which security services apply to user traffic. This means that you can deploy and use FireCloud immediately after you set up an identity provider.
You configure FireCloud in the WatchGuard Cloud platform, and end-users connect to the service with the WatchGuard Connection Manager. When end-users are connected to FireCloud, they are protected and can safely use their computer and browse the Internet.
Before you begin, we recommend that you familiarize yourself with these key terms related to FireCloud:
WatchGuard Connection Manager
The connection manager is an agent that you install on end-user computers. End-users use the connection manager to connect to FireCloud.
WatchGuard Agent
The WatchGuard Agent handles communication between managed computers on the same network and the WatchGuard server. The agent is installed on each endpoint or computer, and is used to deploy WatchGuard software, such as the WatchGuard connection manager and Endpoint Security software. It has low CPU, memory, and bandwidth usage and uses less than 2 MB of data each day.
When you download the connection manager installer from the FireCloud UI, you are downloading the WatchGuard Agent.
Point of Presence
A point of presence (PoP) is a physical location that enables users to connect to the Internet. When you connect to FireCloud, data from your device routes through the nearest WatchGuard PoP.
Identity Provider
An identity provider is an external system that you use to manage and authenticate your FireCloud users and groups. You can use any identity provider that supports SAML, such as AuthPoint, Microsoft Entra ID (Azure Active Directory), or Okta.
WatchGuard Cloud Directory
The WatchGuard Cloud Directory is an authentication domain in Directories and Domain Services where you can add users and groups that are hosted in WatchGuard Cloud. You can then use the users and groups from the WatchGuard Cloud Directgory with products such as FireCloud.
You can use the WatchGuard Cloud Directory instead of an identity provider to authenticate your FireCloud users and groups.
FireCloud Licenses
To use FireCloud, you must activate a FireCloud license in your WatchGuard account or contact a Service Provider. The FireCloud license determines the number of users that can use the FireCloud service.
When you activate your FireCloud license key, the user licenses are added to your account in WatchGuard Cloud. If you are a Service Provider, the user licenses are added to your WatchGuard Cloud inventory. You can allocate FireCloud user licenses to accounts you manage in WatchGuard Cloud.
To learn more, go to About FireCloud Licenses.
Get Started
To get started with FireCloud, refer to these help topics: