Nixadmins.net

After working with Watchguard
products for some time I decided to submit an short article about them.
Why I like working with them and some of the conns I find using them.

After working with Watchguard
products for some time I decided to submit an short article about them.
Why I like working with them and some of the conns I find using them.
As
I said I have been working with theese firewalls for a few years now
and I see myself fit to talk about them. The firewalls are quite nice
and they do work exactly like they should. They keep the bad stuff out
and have alot of nice features.

Mobile VPN

One
of the things I find not so good is that the Watchguard Mobile user VPN
client only works on a Windows workstation. I find myself using alot of
different operating systems and I work as an administrator for the
local security company. I like to use different operating systems for
different tasks and usually Linux seems to be very very cost effective
when it comes to running public servers. For my testing I run a
dualboot on my laptop and it would be nice to be able to connect to the
company network even from a *NIX workstation.
I guess it’s wrong to
call it a big problem since our company mostly use Windows, all
desktops are Windows and some of our servers so everyone who has the
need to connect to the company network over VPN has the chance to do
so. And it’s fairly easy to set up an mobile user. Even PocketPC users
are supported, though I have never tested this part. If anyone reading
this has, please contact me on how it turned out.

Logging

Logging
on theese firewalls are not as good as it could be, for example, the
default way of loggin is to use Watchguards own system, WSEP (
Watchguard Security Event Processor). To run a search in the log system
is not as good as, well for example Microsoft ISA server
that stores logs in an SQL database. You can search but the log files
are roled and it might be quite a hassel to find the record you are
looking for. The other minus on using WSEP is that you need a Windows
based workstation/server to run it.
A good thing about WSEP is
that you can and you should connect all the local firewalls to this
logger, and I usually even set the branch office ones to log to this
logger. This way I don’t have to connect to multiple log servers to
find a record.

Administration and configuration

This
is where I give a full ten to Watchguard. The administration utility is
very and I mean very simple to use. It has very nice features and you
can follow the firewall in real time to se connections and other
statistics. Also adding rules and settings is very easy. There are a
whole bunch of ready rules and packet filters by default but you can
easily add you own to the list. The configuration wizard finishes in
about ten minutes depending on you speed and the default settings are
good enough to use while setting the rest up.
Even publishing
servers from the DMZ is easy, the wizard asks for the IP:s of a few
standard servers like http and mailserver. So they are published as
soon as the wizard finishes, if you want it to.

After the wizard
you need to manually tweek services and the first thing I usually do is
deny the default "outgoing any" policy. After that just start opening
ports from the inside out as you see fit.

No related posts.