WatchGuard Cloud Platform Release Notes

Enhancements

• When you delete a tier-1 Service Provider user in WatchGuard cloud, a dialog box shows a warning message that if you continue, their WatchGuard.com access and any applicable certifications are revoked. [WCD-18645]

Resolved Issues

• Minor updates and bug fixes. [WCD-15720, WCD-22006]

Enhancements

• If you do not enable Multi-Factor Authentication (MFA) for your user account in WatchGuard cloud, you must reset your password every 90 days. [WCD-19328]

Resolved Issues

• A fix was made so that when a delegated tier-1 Subscriber account has an inactive EDR Core license (part of the Total Security Suite) and has activated a WatchGuard Endpoint Security license such as WatchGuard EPDR, their managing Service Provider account can successfully allocate an endpoint security module to them. [WCD-22168]
• Minor updates and bug fixes. [WCD-20943, WCD-20942]

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• When you create a new account, or edit an existing account in WatchGuard Cloud, the Company Name and Account Name must start and end with a letter or number, and can only contain letters, numbers, periods ".", hyphens "-", and underscores "_".

Resolved Issues

• When you create a new account in WatchGuard Cloud, you can now use Japanese characters without error. [WCD-21393]

Enhancements

• WatchGuard Cloud now deletes ThreatSync+ NDR data for an account when:
  • The ThreatSync+ NDR license expires
  • You deallocate the license to 0 users
  • You cancel an active ThreatSync+ NDR trial

A new message warns operators that the data will be deleted in seven days. After seven days, data is deleted and operators cannot access the ThreatSync+ NDR management UI. Deleted data cannot be restored. For more information, go to FAQs for ThreatSync+ NDR Licensing. [NDR-433, NDR-434, NDR-435, NDR-645, NDR-647, NDR-648, NDR-649, NDR-650]

Resolved Issues

• WatchGuard Cloud operators with the Helpdesk role can now add, edit, and delete users and groups in Directories and Domain Services. [WCD-20850, WCD-20863, WCD-20883]
• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes. [WCD-21334]

Enhancements

• On the Inventory > Licenses page for a WatchGuard Cloud product or service, you can now filter the list of licenses to show all licenses, expired licenses, or active licenses. [WCD-19344]

Resolved Issues

• Minor updates and bug fixes. [WCD-20872]

Resolved Issues

• If your WatchGuard user name contains unsupported characters, you can now change your email address in WatchGuard Cloud without error. [WCD-20186]
• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes.

New Features

ThreatSync+ NDR

ThreatSync+ NDR is a cloud-based, network-centric threat detection and response solution that helps organizations identify, detect, and respond to network-based cyberattacks. It uses advanced artificial intelligence and machine learning capabilities to deliver enterprise-level cyber defense across hybrid networks. To use ThreatSync+ NDR, you must purchase a ThreatSync+ NDR license. You can now manage ThreatSync+ NDR licenses in WatchGuard Cloud. ThreatSync+ NDR extends the existing ThreatSync functionality in WatchGuard Cloud and offers enhanced network detection and response, network device identification, and advanced reporting for Fireboxes, third-party firewalls, and LAN infrastructure. For more information, go to Quick Start – Set Up ThreatSync+ NDR.

WatchGuard Compliance Reporting

You can now manage Compliance Reporting licenses and generate compliance reports in WatchGuard Cloud. WatchGuard Compliance Reporting provides additional defense goal reports to help prove compliance for audit or cyber insurance purposes. ThreatSync+ NDR provides the network data required by these reports. To use Compliance Reporting, you require a ThreatSync+ NDR license and a Compliance Reporting license. For more information, go to About WatchGuard Compliance Reporting.

Shared Users and Groups for Directories and Domain Services

WatchGuard Cloud is centralizing user and group management in Directories and Domain Services (previously called Authentication Domains). As part of this change, you can now add WatchGuard Cloud-hosted users and groups to a new authentication domain called the WatchGuard Cloud Directory. Products in WatchGuard Cloud, such as AuthPoint, can use the users and groups that you add to the WatchGuard Cloud Directory.

When you add the WatchGuard Cloud Directory, your existing local AuthPoint users and groups automatically migrate to Directories and Domain Services in WatchGuard Cloud. This does not impact your AuthPoint configuration. You still view and manage the users and groups in AuthPoint.

We also added a new type of AuthPoint user account: non-MFA users. Non-MFA users are users that only authenticate with a password, such as a service account user. Non-MFA users do not consume an AuthPoint user license and cannot authenticate to resources that require MFA. They can only authenticate to protected resources if the non-MFA user account has a password only authentication policy for that resource. When you add new users to the WatchGuard Cloud Directory, you select whether to add non-MFA users or MFA users.

Resolved Issues

• Service Providers can now allocate the WatchGuard MDR module to delegated tier-1 Subscriber accounts. [WCD-19917]
• A fix was made to make sure that when a Service Provider makes an allocation change to Endpoint Security modules only (No Product Change), the audit logs and alerts only show changes to the modules. [WCD-19275]
• Minor updates and bug fixes.

Enhancements

• When you change or reset your password in WatchGuard Cloud, you must now enter a password that is at least 12 characters long and includes a lowercase letter, uppercase letter, number, and symbol. You cannot use <, >, or emojis. [WCD-19315, WCD-19318]

Resolved Issues

• In the Service Provider dashboard widget catalog, the title for the Total Identity Security Allocation widget is now Total Identity Security Usage. [WCD-17866]
• Minor updates and bug fixes.

Resolved Issues

• Tier-1 Service Provider accounts with an NFR license can now allocate the same product from a term license to their Subscriber account (My Account). Service Providers can also select No Product Change to allocate endpoint security modules separately from the core WatchGuard Endpoint Security product. [WCD-18281]
• Minor updates and bug fixes. [WCD-19397]

Resolved Issues

• A fix was made to make sure that a Service Provider account cannot disable delegation or support access for an account that is delegated to them. [WCD-19417]
• Minor updates and bug fixes. [WCD-18981, WCD-18999]

New Features

Enhanced Device Details

You can now view more information for Fireboxes and Access Points in WatchGuard Cloud, including new and enhanced dashboard widgets and summary pages. For more information, go to Configure Device Settings in WatchGuard Cloud in Help Center.

Resolved Issues

• Minor updates and bug fixes. [WCD-18633, WCD-19235, WCD-19236]

New Features

ThreatSync+ NDR (Beta)

ThreatSync+ NDR is a cloud-based, network-centric threat detection and response solution that helps organizations identify, detect, and respond to network-based cyberattacks. ThreatSync+ NDR uses advanced artificial intelligence and machine learning capabilities to deliver enterprise-level cyber defense across hybrid networks.

ThreatSync+ NDR extends the existing ThreatSync functionality in WatchGuard Cloud and offers enhanced network detection and response, network device identification, and advanced reporting for Fireboxes, third-party firewalls, and LAN infrastructure.

Start a beta and trial of ThreatSync+ NDR to monitor and analyze your network data flow. For more information or to report an issue, go to the ThreatSync+ NDR Beta test community.

WatchGuard Compliance Reporting (Beta)

You can now start a beta and trial of WatchGuard Compliance Reporting. WatchGuard Compliance Reporting provides additional defense goal reports to help prove compliance for audit or cyber insurance purposes. ThreatSync+ NDR provides the network data required by these reports. For more information or to report an issue, go to the ThreatSync+ NDR Beta test community.

Resolved Issues

• Minor updates and bug fixes. [WCD-19248, WCD-19288]

New Features

Enhanced Device Details (Beta)

With this beta feature, you can view more information for Fireboxes and Access Points in WatchGuard Cloud, including new and enhanced dashboard widgets and summary pages. To learn more or to report an issue, go to the WatchGuard Cloud Firebox Management Beta test community.

Enhancements

• Service Providers can now allocate endpoint security modules, including WatchGuard MDR, to a delegated tier-1 Subscriber account independent of the base endpoint security product. If the delegated tier-1 Subscriber account has an existing allocation, you can allocate the endpoint security module and select No Product Change to not make changes to the existing product allocation. The allocated module can also have a different expiration date than the endpoint security product. For information on endpoint security module requirements, go to Allocate Endpoint Security Licenses in Help Center . [WCD-17911]

Resolved Issues

• Minor updates and bug fixes. [WCD-18473]

Enhancements

• When you point to a widget on the Service Provider dashboard, the delete icon is now blue. [WCD-18495]
• Version 1.7.2 of the Product Order API for distributors adds an optional purchaseOrderNumber query parameter to the GET /Contracts endpoint. For more information, go to the WatchGuard API documentation. [WCD-18928]

Resolved Issues

• If your WatchGuard user name is your email address, you can now enter your email address to reset your password on the Reset Password page. [WCD-18457]
• You can export device log messages without error from a tier-2 Subscriber account that includes an umlaut or non-US ascii characters. [FCCM-7849]
• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes. [WCD-16914]

Enhancements

• When a tier-1 Subscriber delegates their account to a Service Provider, in addition to their inventory, the Service Provider can now manage trials for the tier-1 Subscriber account. [WCD-18397]
• To remove a widget from the Service Provider dashboard, you now point to the widget and click the delete icon. [WCD-17979, WCD-17988]
• When you select a date range for the data that shows in the Service Provider dashboard, the date range options are now Today, Yesterday, Last 24 Hours, Last 7 Days, and Custom. The custom date range is limited to the last seven days. [WCD-17972]

Resolved Issues

• Minor updates and bug fixes. [WCD-15824, WCD-15826]

Enhancements

• You can now create and manage customer accounts in WatchGuard Cloud up to five tiers (for example, tier-1 Service Provider > tier-2 Service Provider > tier-3 Service Provider > tier-4 Service Provider, tier-5 Subscriber). [WCD-11609]

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes.

New Features

Custom Dashboards for Service Providers in WatchGuard Cloud

With this feature, Service Providers can customize their dashboards in WatchGuard Cloud. You can add, remove, and reorganize widgets on your Overview and Service Provider dashboards.

In addition, you can select a date range for the data that shows in the dashboard widgets. For more information, go to About the Service Provider Dashboard.

Enhancements

• The default WatchGuard company logo and background image used by captive portal splash pages, reports and emails, AuthPoint IdP portal, and other features are updated on the WatchGuard Cloud account branding page. [WCD-16737]

Resolved Issues

• Minor updates and bug fixes. [WCD-16941]

Resolved Issues

• Minor updates and bug fixes. [WCD-14087, WCD-17250, WCD-16781]

New Features

Custom Dashboards for Service Providers in WatchGuard Cloud (Beta)

This beta feature enables Service Providers to customize their dashboards in WatchGuard Cloud. With this feature, you can add, remove, and reorganize widgets on your Overview and Service Provider dashboards.

In addition, you can select a date range for the data that shows in the dashboard widgets. To learn more or to report an issue, go to the WatchGuard Beta test community.

Enhancements

• To support ongoing improvements, the Service Provider dashboard no longer includes the Subscribers and Service Providers widgets. [WCD-16902]

Resolved Issues

• When a delegated Subscriber account revokes delegation to a Service Provider account, the Subscriber account no longer belongs to groups that the Service Provider account assigned it to. [WCD-16656]
• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• When you create a new WatchGuard account, you must now select your account type from a new Account Type drop-down list. [SSO-5574]

Resolved Issues

• A Service Provider can only allocate to a delegated tier-1 Subscriber account from their own inventory. Any allocations the tier-1 Subscriber has from WatchGuard are not included in the available inventory. If the Service Provider tries to allocate more inventory than is available, an error message informs the Service Provider that there is not enough inventory. [WCD-16229]

New Features

Firebox Reports API

The Firebox Reports API enables you to retrieve data from the Executive Dashboard and Security Dashboard reports for the specified Fireboxes.

For more information, go to the Firebox Reports API documentation.

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• The icons in WatchGuard Cloud have been updated to provide a cleaner user experience.

Resolved Issues

• Minor updates and bug fixes.

New Features

Add NAT to a BOVPN Tunnel (Beta)

• With this beta, you can now add NAT to the cloud-managed endpoint or network resource of a Branch Office VPN (BOVPN) tunnel. To learn more or to report an issue, go to the WatchGuard Beta test community.

Tier-1 Operator Management in WatchGuard Cloud

Tier-1 accounts can now manage their operators in WatchGuard Cloud. With this feature, administrators can now complete these actions in WatchGuard Cloud:

• Add, edit, and delete tier-1 account operators.
• Resend an operator invitation.
• Enable MFA for tier-1 account operators and resend an MFA token activation email.
• Configure SAML single sign-on (SSO) for your account.
• Allow a tier-1 account operator to log in with SAML SSO.

In addition, all account operators can now change their email address and password from WatchGuard Cloud.

Resolved Issues

• Minor updates and bug fixes.

New Features

Tier-1 Operator Management in WatchGuard Cloud (Beta)

This beta feature enables tier-1 accounts to manage their operators in WatchGuard Cloud. With this feature, administrators can now complete these actions in WatchGuard Cloud:

• Add, edit, and delete tier-1 account operators.
• Resend an operator invitation.
• Enable MFA for tier-1 account operators and resend an MFA token activation email.
• Configure SAML single sign-on (SSO) for your account.
• Allow a tier-1 account operator to log in with SAML SSO.

In addition, all account operators can now change their email address and password from WatchGuard Cloud. To learn more or to report an issue, go to the WatchGuard Beta test community.

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• When you add a managed account, you can now select the account group you want to add the account to. [WCD-10042]
• When a scheduled report is too large (>10MB) and cannot be emailed to the recipient, an email message directs the recipient to download the report. The email message now lists the managed account associated with the large report. [WCD-15710]

Resolved Issues

• A fix was included to make sure that you can add more inventory to an existing allocation. [WCD-16245]
• Minor updates and bug fixes.

Resolved Issues

• When a Service Provider allocates Fireboxes or access points to a delegated tier-1 Subscriber account, the Service Provider can view the allocation. [WCD-15789 ]
• On the Trials page, the title for AuthPoint trials has been changed from Multi-Factor Authentication to AuthPoint. [WCD-15540]
• The help link on the AuthPoint Licenses page in your Service Provider inventory now opens the correct online help topic. [WCD-16102]

Enhancements

• On the Inventory > Licenses page, the table now includes a sortable License Name column. [WCD-15100]

Resolved Issues

• Minor updates and bug fixes. [WCD-15576]

New Features

Manage Inventory Allocation for Delegated Accounts

Services Providers can now manage inventory allocation for delegated Subscribers with a WatchGuard account (tier-1 Subscribers).

Resolved Issues

• Minor updates and bug fixes.

Import Configuration Improvements

You can now import aliases, exceptions, routes, blocked sites and ports, syslog and Dimension servers, and ConnectWise and Autotask configurations from the XML configuration file of a locally-managed Firebox. For more information, go to Import Configuration Settings From a Locally-Managed Firebox.

Enhancements

• Deployments in the Deployment History page can now have a status of Staged. When a configuration update is Staged, WatchGuard Cloud holds the configuration update until deployment. This status shows for devices that you change from locally-managed to cloud-managed until you deploy the configuration. For more information, go to Manage Device Configuration Deployment.

Resolved Issues

• Minor updates and bug fixes.

New Features

WatchGuard Endpoint Risk Assessment

The WatchGuard Endpoint Risk Assessment is now available from WatchGuard Cloud for partners and customers with a trial of WatchGuard EPDR or WatchGuard Advanced EPDR. Partners can use the WatchGuard Endpoint Risk Assessment to evaluate the cybersecurity posture of managed accounts that use a third-party endpoint security solution. The assessment enables partners and customers to identify threats, vulnerabilities, and other security risks. It is not available for partners or customers with an existing Endpoint Security product or EDR Core license. For more information, go to WatchGuard Endpoint Risk Assessment.

Enhancements

• Approved partners with an activated WatchGuard MDR license can now enroll customers in WatchGuard MDR from the WatchGuard Endpoint Security management UI (Configure > Endpoints). For more information, go to Configure WatchGuard MDR.

Resolved Issues

• On the Administration > Account Groups page for a delegated account, Service Providers can only view account groups. They cannot edit or delete account groups for a delegated account. [WCD-13611]
• Minor updates and bug fixes.

New Features

Import Configuration Improvements (Beta)

With this beta, you can import aliases, exceptions, routes, blocked sites and ports, syslog and Dimension servers, and ConnectWise and Autotask configurations from the XML configuration file of a locally-managed Firebox. To learn more or to report an issue, go to the WatchGuard Beta test community.

Manage Inventory Allocation for Delegated Accounts (Beta)

This beta feature enables Services Providers to manage inventory allocation for delegated Subscribers with a WatchGuard account (tier-1 Subscribers). To learn more or to report an issue, go to the WatchGuard Beta test community.

Threat Detection & Response End of Life — 30 September 2023

Threat Detection & Response (TDR) is now end of life. The TDR UI in WatchGuard Cloud is no longer available. Host Sensors continue to function, but remediation and report generation is disabled. To upgrade your Host Sensors to Endpoint Security, go to the Host Sensor Upgrade to Endpoint Security Knowledge Base article.

Enhancements

• Service Providers can now see the inventory of delegated Service Provider and Subscriber accounts as read-only. [WCD-13993, WCD-14042]]

Resolved Issues

• Minor updates and bug fixes.

WatchGuard MDR

Approved partners can now manage licenses in WatchGuard Cloud for MDR. For more information about WatchGuard MDR, go to About WatchGuard MDR.

Enhancements

• On the Administration > Managed Access page, the account delegation feature was updated to remove the ability to limit account access to a specified period of time. By default, account delegation continues until the Service Provider or Subscriber account revokes access. [WCD-13805, WCD-14069]

Resolved Issues

• Minor updates and bug fixes. [WCD-15526]

New Features

Allocations API v2.1.0

For software products, these endpoints now include a usage response parameter, which shows the number of users or endpoints used by the account:

• GET /{v2}/{accountid}/assets/summary/{resourceType}[WCD-14707]
• GET /{v2}/{accountid}/assets/allocations/{resourceType}[WCD-14475]

Resolved Issues

• When you allocate EDR Core licenses, the Administration > License Details > Endpoints tab now shows the correct number of allocated endpoints. [WCD-15083]
• A permissions error no longer occurs when you edit aliases in a Service Provider template. [FCCM-6944
• Minor updates and bug fixes.

New Features

Fireware v12.10

Fireware v12.10 firmware is publicly available for Fireboxes in WatchGuard Cloud. This release includes a number of new features and enhancements. For more information, go to What's New in Fireware in Help Center.

Resolved Issues

• The Administration > Upgrade TDR to Endpoint Security wizard now recognizes WatchGuard Advanced EPDR licenses. [TDR-492]
• The Activations API no longer returns truncated text in the errorType response parameter. [ITPRD-5678]
• Minor updates and bug fixes.

Resolved Issues

• In Log Search, device log searches are no longer case-sensitive. [WCD-13523]
• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes [WCD-13833, WCD-15144].

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• After a WatchGuard account is merged into another account, audit logs from both accounts are now available in the merged account. [WCD-14888]
• Minor updates and bug fixes.

Resolved Issues

• Version 1.0.1 of the Activations API specification file now includes the parentSerialNumber parameter in the example to activate a license for a 4-hr Replacement Device. [ITPRD-5677]

Resolved Issues

• Minor updates and bug fixes.

New Features

Activations API v1.0.0

This new public API enables you to activate WatchGuard hardware devices and software licenses, retrieve activation status, and get a list of recent activations for your account. The Activations API includes these endpoints:

• POST/v1/activate — Activates one or more hardware devices and software licenses.
• GET/v1/recentactivations — Returns the last 30 days of activations for the account.
• GET/v1/activationbatchstatuses/{batchId} — Returns the activation status of items in the specified activation batch.

For more information, go to the Activations API documentation. [WCD-14982]

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• Version 1.5.2 of the Endpoint Security Management API and version 1.6.2 of the Aether Endpoint Security Management API include these new endpoints:
  • GET /api/v1/accounts/{accountId}/patchavailability - Retrieves published patches not installed on computers on the network.
  • GET /api/v1/accounts/{accountId}/softwareinventory - Retrieves software installed on the computers on the network.
  • GET /api/v1/accounts/{accountId}/devices/{deviceId}/hardwareinventory - Retrieves information of a device BIOS.
  • GET /api/v1/accounts/{accountId}/tasks - Retrieves a list of all tasks created.
  • GET /api/v1/accounts/{accountId}/tasks/{type}/{taskId}/jobs - Retrieves task repetitions for the specified task.
  • GET /api/v1/accounts/{accountId}/tasks/{type}/{taskId}/jobs - Retrieves the status of task repetitions for the specified task.
  • GET /api/v1/accounts/{accountId}/tasks/{type}/{taskId}/jobs/{jobId}/results - Retrieves the results of the specified task repetition.
  • GET /api/v1/accounts/{accountId}/taskdetails/{type}/{taskId} - Retrieves details of the specified task.
    
    
    
    For more information, go to the Endpoint Security Management API and Aether Endpoint Security Management API documentation.
• When you copy settings from another cloud-managed Firebox configuration, the copy now warns you if the copy will not succeed. [FCCM-6788]

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes.

New Features

Fireware v12.10 (Beta)

New Fireware v12.10 beta firmware is available for Fireboxes in WatchGuard Cloud. This beta release includes a number of new features and enhancements. To learn more or to report an issue, go to the Fireware v12.10 Beta test community.

Resolved Issues

• Minor updates and bug fixes. [WCD-13697]

Resolved Issues

• Minor updates and bug fixes. [WCD-13709]

Enhancements

• To facilitate clear usage reporting and to enable Service Providers to better control the license from which they allocate users or endpoints, you can no longer create a new mixed allocation in WatchGuard Cloud. Removal of the mixed allocation type makes sure that licenses can be more easily traced down to the tenant level. [WCD-14159, WCD-14161]
• In v2.0.2 of the Allocations API, you can no longer use the POST or PUT endpoints to create or update allocations with an allocation type of mixed. [WCD-14194]

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• On the Administration > License Details > Endpoints tab, the total number of endpoints now includes endpoints from subscription and term licenses. The total does not include the number of endpoint security modules in the license. [WCD-13157]
• Minor updates and bug fixes.

New Features

Allocations API v2.0.1

• You can now use the Allocations API to allocate and manage Advanced EPDR licenses. [WCD-12474]
• GET endpoints now return allocation information for NFR licenses. [WCD-14092]

Enhancements

• The WatchGuard End-User License Agreement (EULA) is updated. [SSO-5212]

Resolved Issues

• When you configure directory sync for a WatchGuard Cloud authentication domain, you can now successfully add advanced filters that include special characters. [WCD-14198]
• Updated the descriptive text on the Devices tab for authentication domains. [WCD-13853]
• For the authentication domain Users list, text in the User Name column no longer overlaps the text in other columns. [WCD-14099]
• When you configure and start a directory sync for authentication domains, the synchronization progress bar now displays for only five minutes. [WCD-13891]
• Resolved an issue that required you to reselect the host when you made edits to an existing directory sync for an authentication domain. [WCD-13702]
• Minor updates and bug fixes.

Resolved Issues

• The Endpoint Security License Details tile for the Subscriber account no longer shows Expired when the Endpoint Security license is not expired. [WCD-13969]

New Features

WatchGuard Advanced EPDR

You can now manage licenses and inventory allocation for the new Endpoint Security product, WatchGuard Advanced EPDR, in WatchGuard Cloud. You can start a trial of Advanced EPDR from the Administration > Trials page. Advanced EPDR includes advanced detection and response features such as Advanced Indicators of Attack (IOAs) and events, centralized management of Indicators of Compromise (IOCs) compatible with STIX and Yara rules, Advanced Security Policies, and remote access to detect, contain, and remediate incidents. For more information, go to the presentation, Introduction to WatchGuard Advanced EPDR.

Resolved Issues

• Log Search no longer returns an internal error when you try to navigate to the next page of search results after you sort the data in a column. [WCD-13462]
• After you successfully change your WatchGuard password, the Return to Login Page button now correctly opens the login page. [SSO-5130]
• Minor updates and bug fixes.

New Features

Operator Management API v1.1.2

New endpoint to update operators in WatchGuard accounts. [SSO-4682]

• PATCH /{v1}/Operators

Version 1.0.1 of the Operator Management API no longer accepts requests. Update to the latest version of the API.

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• The number of endpoints available with Endpoint Security trials has changed:

  • If the account has EDR Core (Total Security Suite) with fewer than 250 endpoints, then the trial includes a maximum of 250 endpoints.
  • If the account has EDR Core (Total Security Suite) with more than 250 endpoints, then the trial includes a maximum number of endpoints that matches the Total Security Suite license.
  • If the account has an existing Endpoint Security product such as WatchGuard EDR for fewer than 250 endpoints, then the trial includes a maximum of 250 endpoints.
  • If the account has an existing Endpoint Security product such as WatchGuard EDR for more than 250 endpoints, then the trial includes a maximum number of endpoints that matches the product license.

Resolved Issues

• Minor updates and bug fixes. [XDR-1894]

New Features

Multi-Tier Template Support

Multi-tier template support is now publicly available. With this feature, when Tier-1 Service Providers create a template, it is now available to managed accounts and devices in all tiers below them. Devices allocated to accounts below more than one Service Provider can subscribe to templates at any tier above them.

Enhancements

• Improved warning text was added to the Delete Account dialog box to make sure that users are aware that when they delete a managed account, any accounts, data, and services in or managed by the account are removed. All operator sessions will end. [WCD-12985]

Resolved Issues

• Log Search and Log Manager now return the correct results when you select Today or Yesterday as a date range. [WCD-13632]
• When a subscription allocation is overallocated, it now shows 0 Subscription Endpoints or Users and red Overallocated Endpoints or Overallocated Users on the dashboard and Inventory > Allocation page. [WCD-13737]
• Block IP action status for IOAs now updates correctly. [XDR-1287]
• ThreatSync remediation actions now support legacy device IDs. [XDR-1819, XDR-1864]
• Archive automation policies now auto-archive risk level 1 incidents as expected. [XDR-1652]
• Minor updates and bug fixes. [XDR-1888, XDR-1889, XDR-1895]

New Features

WatchGuard Advanced EPDR (Beta)

WatchGuard Advanced EPDR is now available for beta testing in WatchGuard Cloud. Advanced EPDR expands the capabilities of WatchGuard EPDR with advanced detection and response features such as Advanced Indicators of Attack (IOAs) and events, centralized management of Indicators of Compromise (IOCs) compatible with STIX and Yara rules, Advanced Security Policies, and remote access to detect, contain, and remediate incidents.

To get started, enable the beta toggle in WatchGuard Cloud and then start a trial of Advanced EPDR. To learn more or to report an issue, go to the WatchGuard Endpoint Security beta test community.

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• The License Details section in the Device Summary and Device Settings pages now shows the number of days of Log Data Retention and Report Data Retention for the device.

Resolved Issues

• Minor updates and bug fixes.

New Features

Operator Management API v1.0.2

• New endpoint to delete operators from WatchGuard accounts. [SSO-4683]
  • POST /{v1}/DeleteOperators
• The Operator Management API URL has changed. [SSO-4949]
  • Previous URL (v1.0.1): https://{base API URL}/rest/portal/operator-mgmt/
  • New URL (v1.0.2): https://{base API URL}/rest/platform/operator-mgmt/

  This change updates the URLs of all Operator Management API endpoints.

• Version 1.0.1 of the Operator Management API is deprecated. Although v1.0.1 endpoints continue to accept requests, we strongly recommend that you use the latest version of the API.

Enhancements

• On the Administration > Notifications > Announcements page, there is a new link to the WatchGuard Cloud Release Notes. [WCD-13327]

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• When a tier-1 Service Provider has allocated multiple allocation types to tenant accounts and then deletes a term or subscription license, tenant accounts can become overallocated. When the Service Provider deletes a term license, only tenant accounts with a term allocation are affected. When the Service Provider deletes a subscription license, only tenant accounts with a subscription or mixed allocation are affected. When a term license is added, overallocated accounts with term allocation are updated. When a subscription license is added, overallocated accounts with a subscription or mixed allocation are updated. [WCD-12850, WCD-13339]
• The Network Connection Details section on the Incident Details page now includes additional Firebox log details. [XDR-935]

Resolved Issues

• Log Manager now correctly shows messages when you select Today for a date range. [WCD-13545]
• Log Search no longer returns an internal error when you include the * wildcard in your search query. [WCD-13468]
• Minor updates and bug fixes. [XDR-1617]

Resolved Issues

• Minor updates and bug fixes. [WCD-13299, WCD-13605]

New Features

Traffic Shaping and QoS Marking

You can now guarantee or limit bandwidth for different types of traffic and mark the packets to prioritize on the network.

With the Traffic Shaping feature, you can:

• Configure traffic shaping rules for policies.
• Configure traffic shaping rules for Application Control.
• Configure QoS (Quality of Service) markings for policies.
• Monitor traffic shaping rules.

For more information, go to Traffic Shaping and QoS Marking in Help Center.

Enhancements

• For Service Providers, when you choose to set a custom expiration date for an AuthPoint allocation, the default expiration date is now 1 year from the current date. [WCD-13141]
• When a Tier-2 Service Provider account deallocates users or endpoints from a subscription license, the managed accounts become overallocated. The Inventory > Summary page shows the subscription availability as 0. [WCD-13041]
• On the Overview > Inventory > Summary page, when a subscription license becomes overallocated from a managed account allocation, the Summary page now shows Overallocated. [WCD-13042]
• When a Service Provider selects the Overview account, and then selects Inventory > Allocation for a product, the allocation table shows the accounts that have product allocated and the quantity. When you click the options button next to an account name, the Deallocate License option was renamed to Remove License. When you select Remove License, it removes the entire license from the account. The account is no longer able to use or access the product. [WCD-12876]
• On the Inventory > Licenses page for a product, when there is an unlimited subscription license, the Quantity column now shows Unlimited. [WCD-13072]
• You can now use this URL to create a WatchGuard account: https://accountmanager.cloud.watchguard.com/create-account

Resolved Issues

• A fix was made to make sure that WatchGuard Cloud accounts with expired Endpoint Security modules do not unexpectedly replace WatchGuard EPP, EDR, or EPDR with EDR Core. [WCD-13283]
• Minor updates and bug fixes. [WCD-9538, WCD-13546]

New Features

Operator Management API

This new public API enables you to manage and get information about WatchGuard operators. The Operator Management API includes these endpoints:

• POST/{v1}/operators — Create new WatchGuard operators.
• GET/{v1}/Transaction Status — Retrieve the status of a transaction.
• GET/{v1}/OperatorsByAccountId — Retrieve details of the operators for a WatchGuard account.

For more information, go to the Operator Management API documentation.

New Features

Log Search Notifications

Log Search Notifications are publicly available. This feature provides Log Search and Log Manager improvements:

• You can now click a link to be notified when your log search completes.
• The Log Search page now provides a list of your recent searches and examples of search queries.
• If you select a folder, the search results include Device and Serial Number columns.
• When you export log messages from Log Search or Log Manager, the maximum number of logs that can be exported is now 20,000.

This feature updates the data retention periods for log data:

• For a Firebox with the Total Security Suite, the data retention period for log data for Log Manager and Log Search is 1 year. 10 days of log data (plus the number of days associated with the Data Retention license assigned to the Firebox) is available for fast searches.
• For a Firebox with the Basic Security Suite, the data retention period for Log Manager and Log Search is 90 days. Fast search is not available with Basic Security Suite unless you purchase a Data Retention license.
• WatchGuard implemented the extended data retention period for log data in October 2022. Log data prior to 20 October 2022 is not available.

For more information, go to Log Search (WatchGuard Cloud) and Log Manager (WatchGuard Cloud) in Help Center.

Enhancements

• Version 1.4.5 of the Endpoint Security Management API and version 1.5.5 of the Aether Endpoint Security Management API include these updates:
  • New endpoints:
    • GET /api/{v1}/accounts/{accountId}/riskassessment/companyrisksummary — Retrieve a summary of the company risk status.
    • GET /api/{v1}/accounts/{accountId}/riskassessment/detectedrisks — Retrieve a count of detected devices for each type of risk.
    • GET /api/{v1}/accounts/{accountId}/riskassessment/devicesrisk — Retrieve a count of risks detected on each device by risk level.
    • GET /api/{v1}/accounts/{accountId}/riskassessment/statisticsbydate/{period} — Retrieve an overview of the number and types of risks detected over time.
    • GET /api/{v1}/accounts/{accountId}/riskassessment/configuration/ — Retrieve the risk configuration.
    • PATCH /api/{v1}/accounts/{accountId}/riskassessment/updateconfiguration/ — Modify the risk configuration.
  • Deleted endpoints:
    • GET /api/{v1}/accounts/{accountId}/patchmanagementstatistics — Retrieve a count of available security patches by type.
    • GET /api/{v1}/accounts/{accountId}/datacontrolstatistics — Retrieve a count of files and devices that Data Control identified.
    • GET /api/{v1}/accounts/{accountId}/encryptionstatistics — Retrieve a count of devices associated with each encryption status type.

  For more information, go to the Endpoint Security Management API and Aether Endpoint Security Management API documentation.

Resolved Issues

• When operators are limited by an account group, they cannot see the audit logs for accounts they do not have access to. [WCD-12052]
• The Administration > Upgrade TDR to Endpoint Security wizard can now upgrade endpoints when the number of installed Host Sensors is the same as the number of endpoints available in the EDR Core or Endpoint Security license. [TDR-454]
• Minor updates and bug fixes. [WCD-9375]

Enhancements

• You can now use these URLs to retrieve your WatchGuard account user name or reset your password:
  • Retrieve user name: https://accountmanager.cloud.watchguard.com/retrieve-user-name
  • Reset password: https://accountmanager.cloud.watchguard.com/reset-password

Resolved Issues

• Minor updates and bug fixes.

Traffic Shaping and QoS Marking (Beta)

With this beta, you can now guarantee or limit bandwidth for different types of traffic and mark packets to prioritize on the network. For more information, go to Traffic Shaping and QoS Marking in Help Center.

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes.

New Features

ThreatSync

ThreatSync is a WatchGuard Cloud service that provides eXtended Detection and Response (XDR) technology for WatchGuard Network and Endpoint Security products. The ThreatSync UI in WatchGuard Cloud enables you to monitor incidents and manually perform remediation actions. For more information about ThreatSync, go to Introduction to ThreatSync in Help Center.

Enhancements

• Version 2.0.0 of the Allocations API includes these new endpoints [WCD-11482]:
  • POST /{v2}/{accountid}/assets — Allocates an asset
  • DELETE /{v2}/{accountid}/assets — Deallocates an asset
  • PUT /{v2}/{accountid}/assets/productName/{productName}/allocationType/{allocationType} — Updates an existing software allocation
  • PUT /{v2}/{accountid}/assets/productName/{productName}/serialOrLicense/{serialOrLicense} — Updates an existing hardware allocation
  • GET /{v2}/{accountid}/assets/summary/{resourceType} — Gets an inventory summary for a Service Provider account
  • GET /{v2}/{accountid}/assets/allocations/{resourceType} — Gets a list of assets allocated to accounts managed by a Service Provider
  • GET /{v2}/{accountid}/assets/licenses/{resourceType} — Gets a list of assets owned by a specific account
  • GET /{v2}/{accountid}/assets/assigned/{resourceType} — Gets a list of assets allocated to a specific account

  Version 1 endpoints are deprecated but continue to accept requests. We recommend that you use version 2 of the Allocations API. For more information, go to the Allocations API documentation.

Resolved Issues

• Minor updates and bug fixes.

New Features

WatchGuard EDR Core

WatchGuard EDR Core is a new solution available with a Firebox Total Security Suite license. EDR Core includes EDR features and adds XDR capabilities through ThreatSync. It is a replacement for the TDR Host Sensor in WatchGuard Cloud. When a Service Provider activates a Total Security Suite license, the EDR Core license and the number of available endpoints now appear in the Inventory page in WatchGuard Cloud. For more information on EDR Core, you can review the PowerPoint presentation, Introduction to WatchGuard EDR Core, or go to WatchGuard EDR Core Features in Help Center.

TDR Upgrade to Endpoint Security Tool

TDR users can upgrade their Host Sensors to EDR Core or another endpoint security license from WatchGuard Cloud. The upgrade process is available for Windows and macOS endpoints only. It automatically installs the WatchGuard Endpoint Agent on the endpoints of the account. You do not have to reinstall the agent or protection software.

Enhancements

• WatchGuard now supports up to 200,000 API requests a day for each API key. [WCD-12976]

Resolved Issues

• Minor updates and bug fixes. [WCD-11821]

Enhancements

• Service Providers now must select an allocation type (term, subscription, or mixed) when they allocate endpoints or users to managed accounts. Inventory tiles on the Overview dashboard and the Inventory Summary page now include usage information that reflects the allocation type.
• Only Partner accounts or Tier-1 Service Provider accounts can allocate to a Tier-2 Service Provider or Subscriber account as a mixed allocation type.
  • With a mixed allocation, endpoints or users from the term license are used first, then when no available endpoints or users remain in the term license, endpoints or users from the subscription license are used.
  • A mixed allocation shows as a subscription in the managed account. [WCD-10671]

Resolved Issues

• Minor updates and bug fixes. [WCD-13014]

Enhancements

• Version 1.20.0 of the Firebox Management API adds new versions of these GET endpoints to support pagination:
  • GET /v2/configuration/{accountid}/exceptions
  • GET /v2/configuration/{accountid}/exceptions/blockedsite
  • GET /v2/configuration/{accountid}/exceptions/botnet
  • GET /v2/configuration/{accountid}/exceptions/file
  • GET /v2/configuration/{accountid}/exceptions/ips
  • GET /v2/configuration/{accountid}/exceptions/geolocation
  • GET /v2/configuration/{accountid}/exceptions/webblocker

Version 1 of these endpoints are deprecated but continue to accept requests. For more information, go to the Firebox Management API documentation.

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• On the Administration > Account Groups page, Service Providers can drag and drop an account into an account group. A new Move to Group dialog box is now available to move an account to an account group. Click the more options menu next to the account you want to move and select Move to Group. [WCD-9708]

Resolved Issues

• Minor updates and bug fixes.

New Features

ThreatSync (Beta)

ThreatSync is a new WatchGuard Cloud service that provides eXtended Detection and Response (XDR) technology for WatchGuard Network and Endpoint Security products. The ThreatSync UI in WatchGuard Cloud enables you to monitor incidents and manually perform remediation actions. To learn more or to report an issue, go to the ThreatSync Beta test community.

Enhancements

• On the Administration > Managed Access > Support Access page, you can now see the date when support access was enabled. [WCD-11875]

Resolved Issues

• Minor updates and bug fixes. [WCD-11866, WCD-12317]

Enhancements

• In the Accounts API, the /{v1}/accounts/{accountid}/children endpoint includes these updates:
  • A new includeDelegatedAccounts request parameter. Specify true to include delegated accounts in the response.
  • The response now includes a new relationName response parameter.

For more information, see the WatchGuard API Documentation.

Resolved Issues

• When you view the AuthPoint allocation for a managed account, the Number of Users field now shows the correct value. [WCD-12203]
• Resolved an issue that occurred when you delete a server from an authentication domain. [WCD-12383]
• Minor updates and bug fixes.

New Features

Access Point RADIUS Accounting Server (Beta)

This feature enables you to configure a RADIUS accounting server for use with Authentication Domains and Enterprise authentication on your access point. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

• A fix was made to filter out default exceptions when you import configuration settings from a locally-managed Firebox to a cloud-managed Firebox. [FCCM-5546]
• Minor updates and bug fixes. [FCCM-5581, FCCM-5582]

New Features

New Firebox NV5 devices with a Standard Support license can now connect to WatchGuard Cloud.

Import Configuration Settings

You can now import aliases and exceptions from a locally-managed Firebox to a cloud-managed Firebox. For more information, see Import Configuration Settings in Help Center.

Resolved Issues

• A fix was made to the Monitor > Devices > Traffic > Packet Filter Traffic graph to correct the Hits and Bytes display information. [FCCM-5551]
• The System Policies list now shows the Allow DNS-Forwarding system policy. This policy allows DNS traffic from internal networks to the Firebox. You can disable the policy on the Allow DNS-Forwarding policy page. [FCCM-5510]
• Minor updates and bug fixes. [FCCM-5456, WCD-11976, WCD-11679, WCD-11680]

Enhancements

• On the Inventory > Endpoints > Allocation page, when you click Allocate Endpoints, the number of available modules (limited or unlimited) shows next to the check box you select to add modules to the account. [WCD-12028]

Resolved Issues

• Minor updates and bug fixes.

New Features

Import Configuration Settings (Beta)

With this beta, you can import aliases and exceptions from a locally-managed Firebox to a cloud-managed Firebox. To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Standard Support for WatchGuard Cloud

You can now add Fireboxes with a Standard Support license to WatchGuard Cloud as locally-managed or cloud-managed through the Add Device Wizard. For more information, see About Firebox WatchGuard Cloud Licenses.

Resolved Issues

• WatchGuard Cloud reports now generate in Chromium browsers when the language is set to Latin American Spanish [FCCM-5341]
• Minor updates and bug fixes. [WCD-11876, WIFI-7736, FCCM-5516]

New Features

Keeping Children Safe in Education (KCSiE)

You can now configure rules to send alerts when users search for keywords in a list published by the Internet Watch Foundation (IWF). For more information, see Safeguarding in Help Center.

Access Point MAC Address Import

You can now import a list of addresses for MAC address access control on an SSID. To support a maximum of 256 MAC addresses, you must upgrade to access point firmware 1.1.24 or higher. Lower firmware versions only allow a maximum of 32 MAC addresses. For more information, see Configure Access Point SSID Settings in Help Center.

Enhancements

• The Add License button on the Inventory > AuthPoint > Allocation page was renamed to Add Users. The Add License button on the Inventory > Endpoints > Allocation page was renamed to Add Endpoints. [WCD-12063]

Resolved Issues

• Minor updates and bug fixes. [WCD-12119, FCCM-5152]

New Features

Standard Support for WatchGuard Cloud (Beta)

With this beta, you can now add Fireboxes with a Standard Support license to WatchGuard Cloud as locally-managed or cloud-managed through the Add Device Wizard. To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Access Point MAC Address Import (Beta)

This feature enables you to import a list of MAC addresses for access control features. To support a maximum of 256 MAC addresses, you must upgrade to access point firmware 1.1.24 or higher. Lower firmware versions only allow a maximum of 32 MAC addresses. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

• Minor updates and bug fixes. [WCD-11876]

Enhancements

• WatchGuard Endpoint Security now shows inside the WatchGuard Cloud user interface, instead of in a separate tab. When you move from account to account in Account Manager, the user interface updates to show endpoint security information for the selected account.

New Features

TCP MTU Probing

You can now enable TCP MTU Probing. With this global option enabled, the Firebox can automatically change the size of its data packets to make sure PMTU discovery succeeds and avoid reduced performance caused by fragmentation. For more information, see Configure Firebox System Settings in Help Center.

Access Point SNMP Monitoring

You can now monitor your access point status with SNMP (Simple Network Management Protocol). SNMP monitoring requires a WatchGuard USP Wi-Fi management license, and an upgrade to access point firmware 1.1.24-0 or higher. For more information, see Configure SNMP for Access Points in Help Center.

Access Point Firmware Update 1.1.24-0.B670120

New firmware is available for Wi-Fi in WatchGuard Cloud access points. This update is required for the SNMP Monitoring feature. For a list of new features, enhancements, and resolved issues in firmware releases, see Access Point Firmware Releases.

Keeping Children Safe in Education (KCSiE) (Beta)

You can now configure rules to send alerts when users search for keywords in a list published by the Internet Watch Foundation (IWF). To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Resolved Issues

• For Firebox templates with a large number of subscribed devices, when the user selects the Subscribed Devices tab, the list of devices on the tab now populates quickly. [FCCM-5381]
• Minor updates and bug fixes. [WCD-8152, WCD-11493, WCD-12011]

New Features

Device List for Authentication Domains

When you configure directory sync for a WatchGuard Cloud authentication domain, the sync now includes devices that belong to the Active Directory domain.

Access Point Firmware Update 1.1.23-0.B669258 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. This update replaces the current 1.1.22 beta firmware, and resolves an issue where SSIDs failed to broadcast after the installation of firmware version 1.1.22 on the AP130. For a list of new features, enhancements, and resolved issues in firmware releases, see Access Point Firmware Releases.

Enhancements

• On the Administration > License Details page, the table now includes a License Key column. [WCD-11581]

Resolved Issues

• Minor updates and bug fixes. [WCD-10864]

New Features

TCP MTU Probing (Beta)

You can now enable TCP MTU Probing. With this global option enabled, the Firebox can automatically change the size of its data packets to make sure PMTU discovery succeeds and avoid reduced performance caused by fragmentation. To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Enhancements

• The Firebox Management API device and devices request parameters now accept both integers and strings. For standalone Fireboxes, specify only the numbers from the device ID (12345). For FireClusters, specify the full device ID (FBCL-12345). For more information, see the WatchGuard API documentation. [FCCM-3027]

Resolved Issues

• Minor updates and bug fixes. [FCCM-4982]

New Features

Support Access to WatchGuard Cloud Accounts

Subscriber and Service Provider accounts can now allow WatchGuard Support to connect to their WatchGuard Cloud account to help troubleshoot issues. The permissions given to Support depend on the access role you select when you enable Support Access. You can revoke Support Access at any time. For more information, see Support Access to WatchGuard Cloud Accounts in Help Center.

Resolved Issues

• Minor updates and bug fixes.

Resolved Issues

• Minor updates and bug fixes. [FCCM-5281, WCD-9793]

New Features

Access Point SNMP Monitoring (Beta)

This feature enables you to monitor your access point status with SNMP (Simple Network Management Protocol). SNMP monitoring requires a WatchGuard USP Wi-Fi management license, and an upgrade to access point beta firmware 1.1.22-0. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update 1.1.22-0.B667558 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. This update is required for the SNMP Monitoring beta feature. For a list of new features, enhancements, and resolved issues in firmware releases, see Access Point Firmware Releases.

Resolved Issues

• A third-party CA selected as the proxy authority certificate now installs correctly after you re-add a device to WatchGuard Cloud. [FCCM-4982]
• The progress bar for device firmware upgrades now appears consistent with other progress bars. [FCCM-5093]
• The access point configuration report shows the correct access point site name after you change the name of the site. [WIFI-7272]
• You can now enter space characters in the device name when you add an access point to WatchGuard Cloud. [WIFI-7578]
• Minor updates and bug fixes. [WCD-11683, WCD-11742]

Resolved Issues

• On the SD-WAN Live Status page, network status indicators for SD-WAN actions or Global Multi-WAN are now gray for networks that are not active because of physical disconnection or failed link monitor probes. [FCCM-5176]

• On the Dashboard page, the AuthPoint License Details tile now shows the number of licenses correctly when a Subscriber account has NFR licenses allocated. [WCD-11658]

• Minor updates and bug fixes.

Resolved Issues

• To improve performance, some audit logs and alerts no longer include the WatchGuard Cloud account ID and account name. The operator ID no longer shows in the User field in the Audit Log Details dialog box. [WCD-10651]
• Minor updates and bug fixes.

Enhancements

• The redesigned Live Status page for SD-WAN and Global Multi-WAN now includes more data visualization and information. You can also save loss, latency, and jitter graphs as .PNG or .SVG files. [FCCM-4663]
• To delete a managed account, the Delete Account dialog box now requires you to type DELETE before you can click the Delete button. [WCD-2464]

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• The Deployment History page now includes a View Pending Changes link that shows the changes in an undeployed configuration compared to the last deployed configuration. The Compare Versions button is now always available to compare the undeployed pending changes to the current deployed configuration. If there are no pending changes, you can compare the last two deployed configurations. [FCCM-5083]
• When you add a device to WatchGuard Cloud, you can now select a device folder where you want to add the Firebox or access point. [WIFI-6569]
• WPA2 Enterprise and WPA3 Enterprise wireless security options now appear for an SSID even if you do not have a RADIUS server configured. To be able to select a RADIUS server for Enterprise authentication, you must add a RADIUS server in Shared Configurations > Authentication Domains. [WIFI-7219]

Resolved Issues

• The Configure Devices page now shows the total number of FireClusters. [FCCM-4945]
• In the FireCluster settings, you can now change the Communication IP addresses to addresses not included in the DHCP pool that you configured in the Firebox DHCP server settings for that network. You can no longer change the Communication IP addresses to addresses included in the DHCP pool. [FCCM-5108]
• Minor updates and bug fixes.

New Features

FireCluster Management

You can now manage a FireCluster in WatchGuard Cloud. To add a cloud-managed FireCluster, you can start with factory-default Fireboxes or an existing locally-managed FireCluster. After you add a cloud-managed FireCluster, you manage the configuration exclusively in WatchGuard Cloud. For more information, see Add a Cloud-Managed FireCluster in Help Center.

Enhancements

• Some audit logs and alerts now include the WatchGuard Cloud account ID and account name. The operator ID also shows in the User field in the Audit Log Details dialog box. [WCD-10646]

Resolved Issues

• Minor updates and bug fixes. [WCD-11411, WCD-11154]

Resolved Issues

• Minor updates and bug fixes.

New Features

Access Point Description

You can now add a description for an access point to help you identify the device in WatchGuard Cloud. You can add a description for existing access points in the Device Settings configuration. You can also add the description when you add a new device to WatchGuard Cloud. This feature requires an upgrade to access point firmware 1.1.18-0.

Access Point Radio Details

Additional radio details are available for an access point on the Device Settings and Device Summary pages that show the current channel and transmit power for each radio. This feature requires an upgrade to access point firmware 1.1.18-0. Radio details do not appear for access points with lower firmware versions, or if an SSID is not configured on the radio.

Resolved Issues

• Minor updates and bug fixes.

New Features

Access Point Firmware Update 1.1.18-0.B665427

New access point firmware is available for Wi-Fi in WatchGuard Cloud access points. For a list of resolved issues, see Access Point Firmware Releases.

New Features

Certificate Management

Certificate Management in WatchGuard Cloud is now publicly available. For more information, see Manage Certificates in Help Center.

Resolved Issues

• Minor updates and bug fixes.

Enhancements

• On the Administration > Trials page, Subscribers with the Analyst or Helpdesk role can now start, stop, upgrade, or extend a trial. [WCD-11288]
• An alert is generated when an access point cannot communicate with the configured NTP server. [WIFI-7505]

Resolved Issues

• When you change the pagination for the table on the Inventory > Allocation > Endpoints or Administration > Trials page to show more than 25 rows per page, the table now updates to show the selected number of rows per page. [WCD-11268, WCD-11303]
• Minor updates and bug fixes. [FCCM-4924, FCCM-4925]

New Features

FireCluster Management (Beta)

With this beta, you can now manage a FireCluster in WatchGuard Cloud. To add a cloud-managed FireCluster, you can start with factory-default Fireboxes or an existing locally-managed FireCluster. After you add a cloud-managed FireCluster, you manage the configuration exclusively in WatchGuard Cloud. To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Enhancements

• You can now disable these system policies in WatchGuard Cloud:
  • WatchGuard SSLVPN
  • Allow-IKE-to-Firebox
  • BOVPN-Allow-Any.in
  • BOVPN-Allow-Any.out
  • Allow SSLVPN-Users
  • Allow IKEv2-Users
  • Allow RADIUS SSO Service
  • Allow RADIUS SSO Users

For more information, see System Firewall Policies in Help Center.

Resolved Issues

• Details for a report scheduled between midnight and 00:59 AM now show as expected in the Schedule section. [WCD-11229]
• Minor updates and bug fixes. [FCCM-4765]

New Features

Certificate Management (Beta)

With this beta, you can manage account-level certificates and Firebox certificates for cloud-managed devices in WatchGuard Cloud. You can generate Certificate Signing Requests (CSRs) and upload custom certificates for TLS decryption and mobile VPN. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Enhancements

• New icons in the Account Manager (Service Provider accounts) or Device Manager (Subscriber accounts) indicate whether a device is cloud-managed or locally-managed and whether it is online, offline or never connected to WatchGuard Cloud. [FCCM-4341]

Resolved Issues

• You can now correctly schedule an access point report if the account only contains access point devices. [WIFI-7478]
• Access Point Sites no longer display errors when you apply site settings or view a list of sites. [WIFI-7472, WIFI-7474, WIFI-7477]
• Minor updates and bug fixes. [FCCM-4818]

Resolved Issues

• In Dark Web Scan, you can now search for an email address that includes a hyphen (-). [WCD-11120]
• A Service Provider account can see the device firmware information for a delegated account. [FCCM-4559]
• Minor bug fixes and enhancements.

New Features

Tor Exit Node Support

The Tor Exit Node Blocking service for cloud-managed Fireboxes is now publicly available. For more information, see Configure Network Blocking in WatchGuard Cloud in Help Center.

Resolved Issues

• Minor bug fixes and enhancements.

Resolved Issues

• Minor bug fixes and enhancements.

New Features

Firebox Diagnostic Tools and Snapshot

You can now run diagnostic tools (Ping, TCP Dump, and DNS Lookup) for a Firebox in WatchGuard Cloud. You can also download a diagnostic snapshot file from the Firebox. For more information, see Run Network Diagnostic Tasks in Help Center.

SAML SSO for WatchGuard Accounts

You can now configure SAML single sign-on (SSO) to use an external identity provider to authenticate your users when they log in to WatchGuard accounts, including WatchGuard Cloud. This keeps logins secure and enables users to use the same login credentials across multiple platforms.

Resolved Issues

• Minor bug fixes and enhancements.

Resolved Issues

• Minor bug fixes and enhancements. [WCD-10778]

New Features

Endpoint Security Plug-in for N-able N-central

With the new Endpoint Security plug-in for N-able N-central, you can protect devices on your network, review detected security incidents, and develop prevention and remediation plans against unknown and advanced persistent threats. For more information, see About the WatchGuard Endpoint Security Plug-in for N-able N-central in Help Center.

Resolved Issues

• In the BOVPN configuration, you can now add a Class C network resource that overlaps with an unselected Class C network resource. [FCCM-4318]
• Minor bug fixes and enhancements. [WCD-10805]

New Features

Tor Exit Node Support (Beta)

With this beta, you can configure the Tor Exit Node Blocking service for cloud-managed Fireboxes. The service is available to Fireboxes that run Fireware v12.8.1 (Beta) or Fireware v12.5.10 (Beta). To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Enhancements

• On the Administration > Account Groups page, you can now search for an account or account group. [WCD-10041]

Resolved Issues

• You can now correctly deploy an access point configuration with syslog settings. [WIFI-7389]
• The radio settings page now correctly displays the name of the 2.4 and 5 GHz radios. [WIFI-7384]
• Minor bug fixes and enhancements.

New Features

Aliases in Firebox Templates

The Aliases in Firebox Templates feature is now publicly available. For more information, see to Manage Firebox Templates in Help Center.

Log Server Management in Firebox Templates

This feature is now publicly available. You can configure Dimension or Syslog servers in templates for cloud-managed Fireboxes. For more information, see to Manage Firebox Templates in Help Center.

Enhancements

• When tier-1 users log in to WatchGuard.com, they must read and accept a new end-user license agreement (EULA). The EULA appears the first time that partners log in as well as any time the agreement changes. After a user accepts the EULA for a tier-1 account, it does not appear for other account users. The Manage Profile page in Support Center shows the status of the EULA for your company.

Resolved Issues

• Minor bug fixes and enhancements. [DC-3827, WCD-9580, WCD-10718]

Enhancements

• The WatchGuard Cloud user interface is now available in German and Spanish (Spain). The interface automatically reflects the language selected in the browser. [WCD-9206]
• When you create a scheduled report, from the Language drop-down list, you can now select German or Spanish (Spain) for the report. [WCD-10286]

Resolved Issues

• On the Administration > Managed Access page, you can now enter a RESTful API password for readwrite or readonly access that includes the plus (+) sign and minus (-) sign. [WCD-10740]
• In Audit Log and Alert Details, AuthPoint now shows as Multi-Factor Authentication. [WCD-10415]
• Minor bug fixes and enhancements.

New Features

Log Server Management in Firebox Templates (Beta)

With this beta, you can configure Dimension or Syslog servers in templates for cloud-managed Fireboxes. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Resolved Issues

• The default dynamic NAT rules now appear on the dynamic NAT configuration page. An error message no longer appears when you add a dynamic NAT rule. [FCCM-4573]

New Features

Aliases in Firebox Templates (Beta)

With this beta, you can configure aliases in Firebox templates for cloud-managed Fireboxes. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Resolved Issues

• The Zero-Day Malware (APT) and Advanced Malware (APT) reports in Monitor > Devices > Services no longer include a pivot for Malicious Activity. [FCCM-4513]
• In the rare case that a deployed configuration would cause issues if it were restored, an error message now appears if you try to revert the configuration. [FCCM-4561]
• Minor bug fixes and enhancements.

Enhancements

• When you start a trial of a WatchGuard Endpoint Security product or module, the license can now be used for up to 250 endpoints.
• Access point device settings are now separated into general device settings and advanced settings. You can now configure the advanced device settings (Syslog Server) in Access Point Sites.

Resolved Issues

• Minor bug fixes and enhancements.

New Features

Authentication Domains: Active Directory Sync

With the directory sync feature, you can sync users and groups from your Active Directory or LDAP database to a WatchGuard Cloud authentication domain. In WatchGuard Cloud, you can add an authentication domain to the Firebox so that you can specify users and groups from your authentication server in firewall policies, aliases, and mobile VPN settings.

Resolved Issues

• Minor bug fixes and enhancements.

New Features

Change Firebox to Cloud Management

Change Firebox to Cloud Management is now publicly available. With this feature, you can change locally-managed Fireboxes with cloud reporting to cloud management. For more information, see Change a Locally-Managed Firebox to Cloud Management.

Resolved Issues

• If your cloud-managed Firebox does not include a BOVPN configuration, you can now re-apply a previous deployment that includes a BOVPN configuration. [FCCM-3223, FCCM-4397]

Resolved Issues

• Minor bug fixes and enhancements. [FCCM-4398]

New Features

Change Firebox to Cloud Management (Beta)

With this feature, you can change locally-managed Fireboxes with cloud reporting to cloud management. When a Firebox is cloud-managed, you manage the device configuration in WatchGuard Cloud. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Bridged WAN

For increased network design flexibility, you can now configure an external VLAN to have more than one interface member. External VLAN interface members can now be untagged. An interface can now simultaneously belong to both an external and internal VLAN. Intra-VLAN inspection is enabled automatically for external interfaces. With these enhancements, you can now bridge a VLAN between interfaces and create policies that apply to traffic between the interfaces.

SD-WAN Round Robin

With this feature, you can configure SD-WAN actions that use the Round-Robin load balancing method.

Firebox Integration with ConnectWise and Autotask

The ability to integrate a Firebox with ConnectWise and Autotask is now publicly available. This feature enables you to automatically synchronize your Firebox information with these professional service automation tools for more efficient device management and monitoring. For more information, see About Firebox Technology Integrations.

Resolved Issues

• Minor bug fixes and enhancements. [WCD-10463]

Resolved Issues

• Minor bug fixes and enhancements.

New Features

Firebox Integration with ConnectWise and Autotask (Beta)

This feature enables you to integrate a Firebox with ConnectWise and Autotask. You can automatically synchronize your Firebox information with these professional service automation tools for more efficient device management and monitoring. To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Access Point Diagnostic Tools and Support Snapshot

You can now run diagnostic tools (Ping, Traceroute, and DNS Lookup) from an access point to troubleshoot network connectivity. You can also download a support snapshot diagnostic file from the access point. This feature requires an upgrade to access point firmware 1.1.7-0. For more information, see Access Point Diagnostic Tools.

Access Point Firmware Update 1.1.7-0.B655161

New access point firmware is available for Wi-Fi in WatchGuard Cloud access points. The access point LED indicator status is enhanced to provide more granular status for the device connection to WatchGuard Cloud. This update is also required to use the Diagnostic Tools and Support Snapshot features.

For more information and resolved issues, see Access Point Firmware Releases.

Resolved Issues

• Minor bug fixes and enhancements. [DC-3838, FCCM-4189]

Resolved Issues

• Undeployed device configuration changes to network interfaces no longer appear when there has been no change to the configuration. [FCCM-4307, WIFI-7161]

New Features

WatchGuard Cloud Cyclops Blink Detector

You can now use the WatchGuard Cloud Cyclops Blink Detector to determine if your Fireboxes are affected by Cyclops Blink. This tool can scan multiple Fireboxes in your account and the accounts you manage. To scan a Firebox, the device must be connected to WatchGuard Cloud. For more information, see WatchGuard Cloud Cyclops Blink Detector in WatchGuard Cloud Help. [FCCM-4181]

WatchGuard also provides Cyclops Blink detection tools online and in WSM. For more information about these tools and Cyclops Blink, see this Knowledge Base article.

On-Demand System Integrity Checks

The local Fireware Web UI for a cloud-managed Firebox now includes an option on the Diagnostics page to run an on-demand system integrity check. For more information, see Run an On-Demand System Integrity Check on a Cloud-Managed Firebox in WatchGuard Cloud Help. [FBX-22660]

Enhancements

• The Activity Trend pivot in the Services > Virus report now includes IntelligentAV statistics. [DC-3037]
• When a device is connected, you can now click Live Status in the upper-right corner of Monitor and Configure pages to open a live feed of Firebox and FireCluster messages in a separate window. [FCCM-4278]

Resolved Issues

• The Access Point VPN configuration no longer allows you to select an SSID that has a VLAN enabled. [WIFI-7022]
• Minor bug fixes and enhancements.

New Features

Authentication Domains: Active Directory Sync (Beta)

With the directory sync feature, you can sync users and groups from your Active Directory or LDAP database to a WatchGuard Cloud authentication domain. In WatchGuard Cloud, you can add an authentication domain to the Firebox so that you can specify users and groups from your authentication server in firewall policies, aliases, and mobile VPN settings. To get started, log in to your WatchGuard Cloud account and enable the Authentication Domains: Active Directory Sync beta feature toggle.

To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Resolved Issues

• Minor bug fixes and enhancements.

Enhancements

• An updated version of the Allocations API includes an updated endpoint to retrieve a list of all assets for managed accounts, and a new endpoint to retrieve a hierarchy of all allocated assets for managed and delegated accounts. For more information, see the WatchGuard API documentation. [WIFI-6849, WIFI-7038]

Resolved Issues

• Minor bug fixes and enhancements. [WCD-9940, FCCM-3334]

New Features

WatchGuard SIEMFeeder

You can now manage WatchGuard SIEMFeeder licenses in WatchGuard Cloud. SIEMFeeder is a endpoint security module available for use with WatchGuard EPDR and WatchGuard EDR. With SIEMFeeder, you can integrate security intelligence and context of processes executed in your workstations and servers into your corporate SIEM. For more information, see About SIEMFeeder.

New Features

Access Point Compare Configuration Versions

You can now compare two consecutive access point configuration deployments in the deployment history to see what changed between versions. For more information, see Compare Configuration Versions.

Enhancements

Access Point Firmware Update 1.1.6-0.B652914 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points that replaces the current 1.1.4 beta firmware. This update contains resolved issues and is required to use the Diagnostic Tools and Support Snapshot beta features. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

• Minor bug fixes and enhancements. [WCD-9627, WCD-10119]

Enhancements

• To improve search performance, Log Search now includes a refined list of searchable fields. [FCCM-4174]

Resolved Issues

• Minor bug fixes and enhancements. [FCCM-4062, FCCM-4177, WCD-2257, WCD-9978, WCD-10085, WCD-10086, WCD-10016, WIFI-6765]

New Features

Access Point Diagnostic Tools and Support Snapshot (Beta)

You can now run diagnostic tools (Ping, Traceroute, and DNS Lookup) from an access point to troubleshoot network connectivity. You can also download a support snapshot diagnostic file from the access point. This feature requires an upgrade to access point beta firmware 1.1.4-0. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Compare Configuration Versions (Beta)

You can now compare two consecutive access point configuration deployments in the deployment history to see what has changed between versions. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update 1.1.4-0.B652086 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. This update is required to use the Diagnostic Tools and Support Snapshot beta features. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Upgrade Firmware for Multiple Subscribers

The Upgrade Firmware for Multiple Subscribers feature is now publicly available. With this feature, Service Providers can see the Fireware version installed on their Subscriber devices and upgrade the firmware for selected devices. For more information, see Upgrade Firmware from WatchGuard Cloud.

Resolved Issues

• Minor bug fixes and enhancements. [WCD-9436, WCD-9979, WIFI-7062]

New Features

Bridged WAN (Beta)

For increased network design flexibility, you can now configure an external VLAN to have more than one interface member. External VLAN interface members can now be untagged. An interface can now simultaneously belong to both an external and internal VLAN. Intra-VLAN inspection is enabled automatically for external interfaces. With these enhancements, you can now bridge a VLAN between interfaces and create policies that apply to traffic between the interfaces.

To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Resolved Issues

• Minor bug fixes and enhancements. [FCCM-3979]

New Features

IPv6 Support

IPv6 support is now publicly available. Several features now support IPv6: Networks (internal and external), BOVPN, DHCP, DNS, static routes, policies, SSO, aliases, network blocking (Blocked Sites), and exceptions (Geolocation and Blocked Sites). You can also see IPv6 information for these features in logs and reports, and on monitoring pages. For more information, see About IPv6 Support in WatchGuard Cloud.

Access Points: Use VPN Tunnel for RADIUS Authentication

The Use VPN Tunnel for RADIUS Authentication feature is now publicly available. This feature adds the ability to use the Access Point VPN tunnel for RADIUS authentication traffic to a RADIUS server located behind the Firebox tunnel endpoint. For more information, see Configure an Access Point VPN.

Access Point Firmware Update 1.0.4-0.B650418

New firmware is available for Wi-Fi in WatchGuard Cloud access points that resolves these issues:

• Access Point VPN now correctly connects when the Firebox VPN settings use a domain name of 16 characters or greater. [AP-1105]
• Minor bug fixes and enhancements. [AP-1077, AP-1085, AP-1086]

Enhancements

• New tiles that display information on the endpoint security modules (Patch Management, Full Encryption, and Data Control) are available on the Service Provider and Subscriber dashboards. For more information, see Service Provider Dashboard or About the Dashboard in Help Center. [WCD-9372]
• On 17 December 2021, the WatchGuard Cloud Audit Log message retention policy will change to allow a maximum retention period of 12 months. The change in log message retention policy applies to WatchGuard Cloud Audit Log messages only. Application log messages, such as those generated for Firebox and Access Points, as well as Endpoint and AuthPoint events, maintain their own data retention periods. For more information on audit logs, see Audit Logs in Help Center. [WCD-9870]

Resolved Issues

• Access Portal authentication session information now displays on the Monitor > Devices, Live Status > Authentication page. [FCCM-4099]
• Minor bug fixes and enhancements. [DC-3850, WCD-9888, WCD-9893, WCD-9931]

New Features

IPv6 Support (Beta)

With this beta, several features now support IPv6: Networks (internal and external), BOVPN, DHCP, DNS, static routes, policies, SSO, aliases, network blocking (Blocked Sites), and exceptions (Geolocation and Blocked Sites). You can also see IPv6 information for these features in logs and reports, and on monitoring pages.

To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Upgrade Firmware for Multiple Subscribers (Beta)

With this beta, Service Providers can see the Fireware version installed on their Subscriber devices and upgrade the firmware for selected devices.

To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Enhancements

• An updated version of the Endpoint Security Management API includes new endpoints to retrieve module status for Full Encryption, Patch Management, and Data Control. For more information, see the WatchGuard API documentation.

• An updated version of the Aether Endpoint Security API includes new endpoints to retrieve module status for Full Encryption, Patch Management, and Data Control. For more information, see the WatchGuard API documentation.

Resolved Issues

• An Access Point VPN now successfully connects when Firebox-DB is not the default authentication server in the Firebox Mobile VPN configuration. [WIFI-7033]
• Minor bug fixes and enhancements. [WIFI-7030]

New Features

SD-WAN Round Robin (Beta)

With this beta feature, you can configure SD-WAN actions that use the Round-Robin load balancing method. To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Access Points: Use VPN Tunnel for RADIUS Authentication (Beta)

This feature adds the ability to use the Access Point VPN tunnel for RADIUS authentication traffic to a RADIUS server located behind the Firebox tunnel endpoint. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update 1.0.4-0.B650418 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. To learn more or to report an issue, go to the Wi-Fi in the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Scheduled Reports

The ability to generate access point reports in the existing scheduled reports feature in WatchGuard Cloud is now publicly available. You can schedule the Connection Issues, Network Usage, Performance Issues, and Top Clients reports for access points. For more information, go to Schedule WatchGuard Cloud Reports in Help Center.

Resolved Issues

• Access Point VPN now correctly connects when the Firebox VPN settings use a domain name of 16 characters or greater. [AP-1044]
• Access Point scheduled report details now display "Access Points" instead of "Fireboxes". [WIFI-6999, WIFI-7006]
• Minor bug fixes and enhancements. [AP-1077, AP-1085, AP-1086, FCCM-4042, FCCM-3140, WIFI-6995]

Resolved Issues

• The Live Status > Traffic Monitor > Live Logs page now includes log messages for both cluster members. [FCCM-3810]
• When you view the deployment history for a Firebox in WatchGuard Cloud, configuration reports now include information about the authentication settings. [FCCM-3201]
• Minor bug fixes and enhancements. [FCCM-3985]

New Features

Access Point Scheduled Reports (Beta)

You can now generate access point reports in the existing scheduled reports feature in WatchGuard Cloud. You can schedule the Connection Issues, Network Usage, Performance Issues, and Top Clients reports for access points. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

• To support access point feature key updates, *.watchguard.io is added to the Blocked Site Exceptions and HTTPS Decryption Exceptions lists. [WIFI-6726]
• In the Administration > Branding page, splash page Landing Page URLs can now include hyphen (-) characters. [WIFI-6972]
• Minor bug fixes and enhancements. [WCD-9592, WCD-9729, WIFI-6960]

New Features

Endpoint Security Modules

You can now manage WatchGuard Endpoint Security modules in WatchGuard Cloud. These modules are available for WatchGuard EPDR, EDR, or EPP:

• WatchGuard Full Encryption
• WatchGuard Patch Management
• WatchGuard Data Control
• WatchGuard Advanced Reporting Tool

For more information, see WatchGuard Endpoint Security Modules.

New Features

Mobile VPN with SSL

Mobile VPN with SSL is now publicly available. You can now enable and configure Mobile VPN with SSL in WatchGuard Cloud. You can also download the WatchGuard Mobile VPN with SSL client in WatchGuard Cloud. For more information, see About Mobile VPN for a Cloud-Managed Firebox.

MFA for WatchGuard Cloud Operators

MFA for WatchGuard Cloud Operators is now publicly available. You can now require multi-factor authentication (MFA) when operators log in to WatchGuard Cloud. You can enable MFA for any operator in your WatchGuard Cloud account or an account that you manage. All operators can also enable MFA for their own WatchGuard Cloud operator account. For more information, see Enable MFA for WatchGuard Cloud Operators.

AuthPoint Integration

AuthPoint Integration is now publicly available. With this feature, you can configure Firebox resources in AuthPoint for cloud-managed Fireboxes.

Resolved Issues

• Minor bug fixes and enhancements.

Release Date: 4 November 2021

Enhancements

• The Accounts API now includes an endpoint to update managed accounts. For more information, see the WatchGuard API documentation. [WCD-3919]

Resolved Issues

• Minor bug fixes and enhancements. [FCCM-3328, FCCM-3696]

New Features

Wi-Fi in WatchGuard Cloud

Wi-Fi in WatchGuard Cloud is now publicly available. You can now manage new WatchGuard Wi-Fi 6 access points in WatchGuard Cloud to monitor and configure your devices. For more information, see About Wi-Fi in WatchGuard Cloud.

New Features

MFA for WatchGuard Cloud Operators (Beta)

You can now require multi-factor authentication (MFA) when operators log in to WatchGuard Cloud. With this beta feature, you can enable MFA for any operator in your WatchGuard Cloud account or an account that you manage. All operators can also enable MFA for their own WatchGuard Cloud operator account. To get started, join the WatchGuard Beta test community.

AuthPoint Integration (Beta)

You can now configure Firebox resources in AuthPoint for cloud-managed Fireboxes. To test this feature, on the Administration > Beta Features page, enable the AuthPoint Integration beta toggle for your WatchGuard Cloud account.

Mobile VPN with SSL (Beta)

With this beta feature, you can enable and configure Mobile VPN with SSL in WatchGuard Cloud. You can also download the WatchGuard Mobile VPN with SSL client in WatchGuard Cloud. To learn more or to report an issue, go to the WatchGuard Cloud Beta test community.

Enhancements

• When you add a new operator email address and click Save, WatchGuard Cloud verifies that the email address does not duplicate an existing address. If the email address is a duplicate, an error message now prompts you to change the address. [WCD-9465]
• You can now see information about FireCluster failover and reboot actions on the Audit Log Detail dialog box. [FCCM-3485]

Resolved Issues

• Minor bug fixes and enhancements. [FCCM-3734, FCCM-3958, WCD-9606]

Resolved Issues

• Minor bug fixes and enhancements.

New Features

spamBlocker for Cloud-Managed Fireboxes

spamBlocker for cloud-managed Fireboxes is now publicly available. You can configure cloud-managed Fireboxes to use the spamBlocker security service to identify and block spam messages before they reach your email server. For more information, see Configure spamBlocker.

Resolved Issues

• Minor bug fixes and enhancements [DC-3821, FCCM-3913].

New Features

Compare Configuration Versions

The Compare Configuration Versions feature is now publicly available. With this feature, you can compare two Firebox configuration versions to see what has changed between them. For more information, see Compare Configuration Versions.

Send Device Feedback to WatchGuard

The Send Device Feedback to WatchGuard feature is now publicly available. With this feature, you can configure options to send device feedback and daily fault reports to WatchGuard. For more information, see Configure Device Feedback Settings.

Live Status for Locally-Managed Fireboxes with Cloud Reporting and FireClusters

The Live Status for Locally-Managed Fireboxes and FireClusters feature is now publicly available. With this feature, you can enable live status and usage monitoring of locally-managed Fireboxes with cloud reporting and FireCluster devices. For more information, see Monitor Live Status for Fireboxes and FireClusters.

Endpoint Security Modules (Beta)

With this beta feature, you can start, extend, upgrade, and cancel trials for these endpoint security modules in WatchGuard Cloud:

• WatchGuard Full Encryption
• WatchGuard Patch Management
• WatchGuard Data Control
• WatchGuard Advanced Reporting Tool

To learn more or to report an issue, go to WatchGuard Endpoint Security Beta test community.

Enhancements

• An updated version of the Endpoint Security Management API includes new endpoints to retrieve security events and to initiate an action on a device. For more information, see the WatchGuard API documentation. [API-551]

Resolved Issues

• Minor bug fixes and enhancements.

New Features

spamBlocker (Beta)

With this beta feature, you can configure cloud-managed Fireboxes to use the spamBlocker security service to identify and block spam messages before they reach your email server. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Enhancements

• When you add a new operator or an account and operators and click Save, WatchGuard Cloud verifies that the new operator does not duplicate an existing operator. If the new name is a duplicate, an error message now prompts you to change the name. [WCD-6869]

Resolved Issues

• Minor bug fixes and enhancements.

New Features

Compare Configuration Versions (Beta)

With this beta feature, you can compare two Firebox configuration versions to see what has changed between them. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Send Device Feedback to WatchGuard (Beta)

With this beta feature, you can configure options to send device feedback and daily fault reports to WatchGuard. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Live Status for Locally-Managed Fireboxes with Cloud Reporting and FireClusters (Beta)

With this beta feature, you can enable live status and usage monitoring of locally-managed Fireboxes with cloud reporting and FireCluster devices. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Resolved Issues

• In the NIC settings for an interface, the Link Speed list now includes only options supported by the hardware model. [FCCM-3745]
• Minor bug fixes and enhancements. [DC-3789, WCD-9306]

Resolved Issues

• Minor bug fixes and enhancements.

New Features

Single Sign-On

Active Directory Single Sign-On and RADIUS Single Sign-On for cloud-managed Fireboxes is now publicly available. For information on how to enable and configure single sign-on, see Enable Active Directory SSO for a Cloud-Managed Firebox and Enable RADIUS SSO for a Cloud-Managed Firebox.

Enhancements

• The Accounts API now includes an endpoint that creates a new managed account and an endpoint that deletes a managed account. For more information, see the WatchGuard API documentation. [WCD-3918, WCD-3921]

• On the Administration > Trials page, you can now extend a trial that has expired. You can only extend the trial once within 60 days of the start date. [WCD-8716]

Resolved Issues

• Minor bug fixes and enhancements. [WCD-9183]

New Features

Log Server Management

Log server management in WatchGuard Cloud is now publicly available. You can now configure a cloud-managed Firebox to send log messages to Dimension or Syslog servers in order to retain log messages longer than the normal data retention period in WatchGuard Cloud. For more information, see Configure Log Server Settings for Cloud-Managed Fireboxes.

Dynamic DNS

Dynamic DNS for cloud-managed Fireboxes is now publicly available. With this feature, you can configure a cloud-managed Firebox to connect to a supported dynamic DNS provider. For more information, see Configure Dynamic DNS.

Resolved Issues

• Minor bug fixes and enhancements. [WCD-9107]

New Features

Cloud Management of Firebox with LTE Modem

Cloud management support for the new Firebox T80 LTE Interface module is now publicly available. The LTE interface module enables you to install a SIM card and use the cellular connection as an external interface on the Firebox T80. For more information, see Configure a Firebox 4G LTE Modem.

Single Sign-On (Beta)

You can now enable and configure Active Directory Single Sign-On and RADIUS Single Sign-On for cloud-managed Fireboxes. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Resolved Issues

• You can now add secondary networks that use the netmasks /31 and /32. [FCCM-3504]
• Minor bug fixes and enhancements. [DC-3726, DC-3735, DC-3753, DC-3755]

New Features

Log Server Management (Beta)

The Log Server Management beta release enables configuration and management of Dimension and Syslog servers for cloud-managed Fireboxes. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Dynamic DNS (Beta)

With this beta, you can now configure a cloud-managed Firebox to connect to a supported dynamic DNS provider. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Resolved Issues

• Minor bug fixes and enhancements.

New Features

Cloud Management of Firebox with LTE Modem (Beta)

Cloud management support for the new Firebox T80 LTE Interface module is now available for beta participants. The LTE interface module enables you to install a SIM card and use the cellular connection as an external interface on the Firebox T80. To learn more or to report an issue, go to the Firebox T80 LTE Module Beta test community.

Resolved Issues

• Minor bug fixes and enhancements. [WCD-7251]

New Features

Cloud Management for Virtual Fireboxes

Cloud Management for Virtual Fireboxes is now publicly available. You can now use WatchGuard Cloud to manage virtual Fireboxes, including FireboxV and Firebox Cloud.

Resolved Issues

• Minor bug fixes and enhancements. [FCCM-3523]

New Features

System Actions for FireCluster

System actions for FireCluster are now publicly available. You can upgrade, reboot, and fail over your locally-managed FireCluster in WatchGuard Cloud. For more information, see About FireCluster in WatchGuard Cloud.

Enhancements

• On the Inventory > Endpoints > Allocation page, to deallocate a license, next to the account you want to deallocate endpoint security licenses from, click the more options button and select Deallocate License. [WCD-8635]

Resolved Issues

• Minor bug fixes and enhancements. [WCD-8527, WCD-8968]

New Features

Cloud Management for Virtual Fireboxes Beta

With this beta, you can now use WatchGuard Cloud to manage virtual Fireboxes, including FireboxV and Firebox Cloud. To learn more or to report an issue, go to WatchGuard Cloud Beta test community.

Enhancements

• On the Administration > Branding page, the toggle was removed. You do not need to enable a toggle to apply custom branding. Custom branding is applied automatically when you click Save. After you save changes to the branding page, you can click Restore Default Settings to restore the settings to the WatchGuard default settings. [WIFI-6448]

Resolved Issues

• You can now successfully delete the default authentication domain associated with the authentication portal when the authentication portal is disabled. [FCCM-3412]
• Minor bug fixes and enhancements.

Resolved Issues

• For cloud-managed Fireboxes, when a Service Provider account applies policies to a Firebox, the Configure > Devices > Device Configuration > Firewall Policies tile lists the applied policies. The Firewall Policies page correctly reflects the same applied policies. [FCCM-3488]
• When you add an operator and assign the operator to an account group, the operator has access to account sub-groups in the account group. [WCD-8443]
• Minor bug fixes and enhancements. [WCD-8581, WCD-8687, WCD-8728, WCD-8888, WESS-1187]

New Features

System Actions for FireCluster (Beta)

With the System Actions for FireCluster beta, you can now upgrade, reboot, and fail over your FireCluster in WatchGuard Cloud. You must first upgrade cluster members to Fireware v12.7.1 Beta or v12.5.8 Beta in Policy Manager or Fireware Web UI. For information on the System Actions for FireCluster Beta, visit the WatchGuard Beta test community. [FCCM-3370]

Resolved Issues

• Minor bug fixes and enhancements. [FCCM-3513, WCD-8579, WCD-8587]

Resolved Issues

• Minor bug fixes and enhancements. [WCD-7908, WCD-8625, WCD-8691]

Resolved Issues

• Minor bug fixes and enhancements. [WCD-8690]

Enhancements

• The Monitor > Devices > Traffic > Top Clients report can help identify the top users or hosts on your network by bandwidth or connections (hits). When there is no value in the User column, the Host column is the first column. The Host column includes a link to the corresponding details page. [WIFI-6381]

Resolved Issues

• Minor bug fixes and enhancements. [WCD-8578]

Resolved Issues

• Minor bug fixes and enhancements. [WCD-7753, WCD-8520, WCD-8590, WCD-8605, WESS-1154]

Enhancements

• On the Inventory > Firebox > Allocation page, you can now specify an expiration date of Never. [WCD-8476]

Resolved Issues

• Minor bug fixes and enhancements. [FCCM-2973, FCCM-3401]

New Features

• WatchGuard Endpoint Security products (WatchGuard EPDR, EDR, and EPP) are publicly available. You can now manage endpoint security licenses in WatchGuard Cloud. For more information on endpoint security licenses and allocation, see About Endpoint Security Licenses in Help Center. [WESS-2, WESS-4, WESS-291, WESS-588]

  You can also start a 30-day trial of these products from the Administration > Trials page. For more information on trials, see Endpoint Security Trials – Service Providers or Manage Endpoint Security Trials – Subscribers in Help Center. [WESS-250]

• For Service Providers, a new Administration > Account Groups page enables you to create and organize groups of accounts. You can use account groups to configure and assign endpoint security settings to a group of accounts and to control account access in WatchGuard Cloud. For more information, see Manage Account Groups in Help Center. [WESS-148]

• Service Providers with an active endpoint security trial, term, or subscription license can use Service Provider Endpoint Manager to configure and assign security settings to the computers and devices on their network. For more information, see About Service Provider Endpoint Manager in Help Center. [WESS-3]

Enhancements

• On the Administration > License Details tabs for Fireboxes, AuthPoint users, and Host Sensors, a new Activate License button directs Tier-1 Subscriber accounts to the Inventory > Allocation page where they can allocate a license or, if there are no licenses available, to Support Center where they can activate a new license. A message prompts Tier-N Subscriber accounts to contact their Service Provider. [WCD-7195, WCD-7197]

Resolved Issues

• In Subscriber view, on the Administration > License Details > Firebox tab, when you select a license name in the table, the License Details page opens. [WCD-8445]
• WatchGuard Cloud now correctly generates audit logs for Dark Web Scan actions. [WCD-8475, WCD-8481]
• Minor bug fixes and enhancements [FCCM-3088, FCCM-3379, FCCM-3392, FCCM-3400, WCD-8464]

Resolved Issues

• The shared secret setting for RADIUS authentication servers in WatchGuard Cloud is now restricted to 64 characters. [FCCM-3164]
• Minor bug fixes and enhancements

Resolved Issues

• Minor bug fixes and enhancements

Resolved Issues

• A fix was included to make sure that only the Fireboxes you select in the Firmware Upgrade wizard are upgraded. [FCCM-3351]
• Minor bug fixes and enhancements [FCCM-3325, FCCM-3333, WCD-8298, WCD-8355]

Enhancements

• For cloud-managed Fireboxes, on the Configure > Devices > Deployment History page, when the configuration version included shared settings, you can now point to the Template label to display the name of the template that was applied. [FCCM-3084]

Resolved Issues

• Minor bug fixes and enhancements

Enhancements

• New public API to manage devices that run WatchGuard endpoint security software. For more information, see the WatchGuard API documentation. [API-548]

Resolved Issues

• Minor bug fixes and enhancements

Resolved Issues

• Minor bug fixes and enhancements

New Features

WatchGuard Endpoint Security (Beta)

With the WatchGuard Endpoint Security Beta, you can now manage endpoint security with these products in WatchGuard Cloud:

• WatchGuard Endpoint Protection Platform (EPP) – Centralized, advanced protection for desktops, laptops, and servers.
• WatchGuard Endpoint Detection and Response (EDR) – EDR capabilities to automate the detection, containment, and response to any advanced threat.
• WatchGuard Endpoint Protection Detection and Response (EPDR) – Combination of the widest range of protection (EPP) technologies with EDR capabilities, as well as Zero-Trust Application and Threat Hunting Services.

This Beta also introduces self-service Endpoint Security Trials and Account Groups in WatchGuard Cloud.

For information on the WatchGuard Endpoint Security Beta, visit the beta management site.

Resolved Issues

• Minor bug fixes and enhancements [FCCM-3312, FCCM-3105, GPD-43521]

Resolved Issues

• When a Subscriber logs in to WatchGuard Cloud, the dashboard now shows an Add Device button when a device is available to add. [WCD-7880]
• Minor bug fixes and enhancements

Resolved Issues

• Minor bug fixes and enhancements [FCCM-3187, FCCM-3211, FCCM-3275]

Resolved Issues

• On the Device Configuration > Authentication Settings page, when you enable the Authentication Portal, the Save button now redirects to the Device Configuration page. [FCCM-3194]
• Minor bug fixes and enhancements [FCCM-2909, FCCM-3169, WCD-7543, WCD-7853]

New Features

Active Directory Authentication Domains (Beta)

• WatchGuard Cloud now supports Active Directory authentication domains. With this feature, you can add an Active Directory authentication server and configure Active Directory users and groups for authentication. To get started, log in to your WatchGuard Cloud account and enable the Authentication Domain With Active Directory beta toggle.

Enhancements

• On Monitor > Devices > Live Status > Geolocation page, the map now includes a color-coded legend to indicate the number of connections. Dark green represents a high number of connections, light green represents a medium number of connections, and gray represents no connections. [FCCM-2778]

Resolved Issues

• If you enabled Mobile VPN, the IKEv2-Users group now appears when you add or edit a user on the Firebox Database page. [FCCM-2699]

• To improve clarity, when you want to restore the configuration settings for a cloud-managed Firebox to a previous configuration version, the Revert Changes link was updated to Revert Undeployed Changes. [FCCM-3259]
• Minor bug fixes and enhancements [FCCM-3192, FCCM-3245, FCCM-3250]

Enhancements

Aether Endpoint Security Management API

• Added an endpoint that retrieves a security overview for the specified time period. For more information, see the WatchGuard Public API documentation. [API-539]

Resolved Issues

• When you add a Firebox to WatchGuard Cloud and configure the external interface to use PPPoE, you can download a connection settings file to configure the device. The connection settings file (rapid_ip.csv) now includes the password to connect to the PPPoE server. [FCCM-3145]
• Minor bug fixes and enhancements [FCCM-2924, FCCM-3113, FCCM-3161, FCCM-3225]

Enhancements

• For Service Providers, on the Configure > Firebox Templates page, information on the lower half of the page now explains how each Firebox can subscribe to multiple templates. A flowchart illustrates how the settings from Template A and Template B are applied to subscribed accounts. [FCCM-3185]
• WatchGuard automatically allocates an RMA replacement device to the same WatchGuard Cloud account as the original cloud-managed device. You can configure the replacement device with the same settings as the original device and add it to the same WatchGuard Cloud account as the original cloud-managed device. [WCD-7215, WCD-7306]
• An updated version of Japanese online help is now available from WatchGuard Help Center. To switch between languages in Help Center, in the top-right of the page, click the language icon and select a language from the drop-down list.

Resolved Issues

• Minor bug fixes and enhancements [FCCM-3207, FCCM-3142]

Resolved Issues

• Minor bug fixes and enhancements [WCD-6569, WCD-7306, WCD-7633, DC-3466]

New Features

WatchGuard Cloud Firebox Management

WatchGuard Cloud Firebox Management is now available publicly. Benefits of cloud management include:

• Single management interface for multiple Fireboxes
• Simplified service and policy settings
• Network configuration is focused on networks instead of interfaces
• Easy VPN configuration between cloud-managed Fireboxes
• Policy templates for easy and repeatable deployment across clients
• Schedule configuration deployments to the Firebox from the cloud

For information about how to get started, see Quick Start — Set Up a Cloud-Managed Firebox in WatchGuard Help Center.

Enhancements

• New public API to manage devices that run Panda endpoint security software. For more information, see the WatchGuard API documentation. [API-533]
• An updated version of Spanish online help is now available from WatchGuard Help Center. To switch between languages in Help Center, in the top-right of the page, click the language icon and select a language from the drop-down list.

Resolved Issues

• WatchGuard Cloud Visibility
  • When there is too much data to display for today or yesterday in the Top Clients or Top Destinations tile on the Executive Dashboard or Security Dashboard, a new message prompts the user to select a shorter time range. [ DC-3475]

  • A fix was included to ensure that when the user changes the date in the Monitor > Devices > Health > Interface Summary report, the report displays correctly. [WCD-7338]

  • On the Monitor > Devices > Log Manager page, the Last Month and This Month shortcuts were removed as options from the date selector. [DC-3465]

Enhancements

• When a newer version of WatchGuard Cloud UI is deployed, active users are prompted to reload the page they are on. [WCD-7347]

• When you generate a verification code to request access to an account, the default expiration date for the delegation is now one year. [WCD-2724]

Resolved Issues

• Minor bug fixes and improvements [WCD-7214, WCD-7470]

Enhancements

• WatchGuard Cloud Visibility

  • In the DHCP Lease Activity report, the Start Time and End Time columns were updated to First Use and Last Use. [DC-3347]
• An updated version of French online help is now available from WatchGuard Help Center. To switch between languages in Help Center, in the top-right of the page, click the language icon and select a language from the drop-down list.

Resolved Issues

• Minor bug fixes and improvements

Resolved Issues

• WatchGuard Cloud Visibility
  • A fix was included so that the CSV download for an Authentication report now includes all of the records. [DC-3455]
  • On the Monitor > Devices > Logs > Log Search page, you can now click the page number at the top of the table to move from page to page. [WCD-7283]

Resolved Issues

• WatchGuard Cloud Visibility
  • A fix was included to ensure that reports with a large amount of data do not time out while they generate. [DC-3399, DC-3428]
  • The Monitor > Devices > Device > Authentication report now includes paging at the bottom of the window. [DC-3438]
• WatchGuard Cloud TDR
  • The TDR General Settings page is now available in WatchGuard Cloud. [GPD-43030]
  • The Migrate TDR page now prevents more than one user from saving and processing multiple items. [GPD-43018]
• Other minor bug fixes and UI improvements [WCD-6350, WCD-7227]

Features

Threat Detection and Response Integration

Threat Detection and Response (TDR) is now available in WatchGuard Cloud in the Asia Pacific, North American and European regions. With TDR integration, you no longer have to maintain two different account structures between WatchGuard Cloud and TDR. For more information on the changes to WatchGuard Cloud with TDR integration, see the TDR Release Notes.

Resolved Issues

• Minor bug fixes and improvements [DC-3269, DC-3445, WCD-7259]