Introduction to

WatchGuard Dimension™ v2.1

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 2

Introduction to Dimension
 What is WatchGuard Dimension?
 Deploy WatchGuard Dimension
 Set Up WatchGuard Dimension
 Configure WatchGuard Dimension
 Use WatchGuard Dimension
 Support WatchGuard Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 3

What is Dimension?

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 4

What is WatchGuard Dimension?

 Secure and centralized logging, visibility, reporting, and
management for Fireboxes and WatchGuard servers
• New ways to visualize network data
• Dashboards with simple drill-down operation into log and report
information
• Customizable reports that can be emailed to different roles in the
organization
• Complements Fireware Web UI visibility tools for Fireware OS
v11.8.x and higher
• Reports available after the first summary report period (5
minutes)
• All reports are on-demand, all the time

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 5

What is WatchGuard Dimension?

 Cloud-ready zero-installation deployment
• Delivered as a virtual appliance for ESXi (.ova) and Hyper-V
(.vhd)
• Runs on 64-bit Linux
• Driven by PostgreSQL 9.2
• Web interface supports most desktop and mobile browsers

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 6

Dimension Architecture
 Log Collector
• Receives log messages
from Firebox devices
• Aggregates data
 Web Services
• Serves web application
to users and
administrators
• Interface for device
management and
visibility

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 7

Dimension Architecture
 Dimension Server
• Provides API for log
data, provisioning,
maintenance, and
configuration
 Database
• Persistent storage for:
– Log and report data
– Device configuration
files

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 8

Deploy Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 9

Deployment Requirements
 WatchGuard Dimension is distributed as an .ova file for
installation on VMware ESXi 5.x–6.x and a .vhd file for
installation on Hyper-V.
• Your VM host must support 64-bit guest operating systems
• WatchGuard Dimension has been primarily tested on VMWare
ESXi hypervisors and Microsoft Hyper-V. It can also be installed
in VMware Workstation, Player, Fusion environments, and other
Hyper-V platforms, which is a great option for training and
demonstration.

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 10

Deployment Requirements
 WatchGuard Dimension is available on the WatchGuard
website Software Downloads pages.
1. Log in to WatchGuard.com.
2. Select Support Home.
3. Click Software Downloads.
4. From the Show downloads for drop-down list, select
Dimension.
5. Download the current version of Dimension and the Release
Notes.

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 11

Deployment Notes
 The Dimension VM default data disk size is 40GB.
 If you use the built-in PostgreSQL database, the data disk is
fully reserved for the log database, the web service, and the
related overhead space required by PostgreSQL.
 After the Dimension VM is deployed, the data disk size cannot
be reduced.
 To limit the size to be less than 40GB and avoid data loss, you
must remove and add Hard disk 2 again, before you power on
the VM for the first time.
 After your VM is powered on, you see the IP address
assigned to Dimension through DHCP.

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 12

Deployment Notes
 If you do not have a
DHCP server, you must
make a console
connection to your
Dimension VM, and set a
static IP address.
 Use this IP address to
make an HTTPS
connection to Dimension
and start the Dimension
Setup Wizard.

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 13

Set Up Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 14

Dimension Requirements
 WatchGuard Dimension supports these web browsers:
• Firefox v22 and higher
• Internet Explorer 9 and higher
• Safari 5 and later
• Safari on iOS 6 and higher
• Chrome v29 and higher
Note: FireWatch requires browser versions that support HTML5.

 You should be able to successfully use WatchGuard

Dimension on most mobile phone and tablet devices.
 Connect to Dimension in a web browser at
https://<Dimension-IP-address>

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 15

WatchGuard Dimension Setup Wizard

 Accept the security
warning to continue
to connect to Dimension.

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 16

WatchGuard Dimension Setup Wizard

 Log in with these default
credentials:
• User Name — admin
• Password — readwrite

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 17

WatchGuard Dimension Setup Wizard

 Make sure you have this
information before you
start the Dimension
Setup Wizard:
• Host name
• IPv4 address and
settings for the Eth0
interface
• Administrator
passphrase
• Log Encryption Key

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 18

WatchGuard Dimension Setup Wizard

 Specify the host name
for Dimension
 Select the IP address
method:
• Static
• DHCP
 For a static IP address,
we recommend that you
specify an IPv4 address.

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 19

WatchGuard Dimension Setup Wizard

 Select the location of the
Dimension database:
• Built-in
• External

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 20

WatchGuard Dimension Setup Wizard

 Specify whether
Dimension has a public
IP address or if it is
located behind a NAT
device (such
as a gateway
Firebox)

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 21

WatchGuard Dimension Setup Wizard

 Set the Administrator
Passphrase to use to
connect to Dimension
and manage the
Dimension server
 The Administrator
Passphrase must have a
minimum of 8 characters

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 22

WatchGuard Dimension Setup Wizard

 Set the Log Encryption
Key

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 23

WatchGuard Dimension Setup Wizard

 Review and confirm your
settings for Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 24

Send Log Messages to Dimension

 WatchGuard Dimension can accept log messages and
generate reports for any Firebox that runs Fireware OS
 WatchGuard Dimension can also accept log messages from a
WatchGuard Management Server or Quarantine Server
• When you configure the WatchGuard Log Server settings for
your Firebox, specify the IP address and Encryption Key for your
instance of Dimension
• On WatchGuard servers, use the same IP address and
Encryption Key in the Logging settings

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 25

Send Log Messages to Dimension

 In some environments, you might use NAT for the HTTPS and
WatchGuard logging connections through your Firebox. This
changes the IP address you use to connect to WatchGuard
Dimension and where you send WatchGuard logging
connections.
 For information about where to enable logging in your Firebox
configuration to see specific reports in Dimension, see the
Fireware Help

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 26

After the Wizard — Log In to Dimension

 Multiple super-
administrator users can
be logged in at the same
time
 Modes for configuration
pages:
• Locked (read-only)
• Unlocked (read-write)

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 27

Configure Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 28

Administration
 The (Administration)
menu includes options to
configure, manage, and
use Dimension:
• Manage Tasks
– Schedule Reports
– Back Up Database
– Restore Database
• Server Management
• Database
• Access Management
• System Settings
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 29

Administration — Lock & Unlock

 On the Administration
pages, you specify the
settings for your instance
of Dimension
 Before you can make
changes, you must
unlock the Dimension
configuration
 After you complete your
changes, you must lock
the configuration

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 30

Server Management — Status

 On the Status page:
• View the status of the
Dimension server
• Stop and start the
Dimension server
• View the server CPU,
Memory, and Database
Disk usage details
• Add feature keys for
Fireboxes that run
Fireware OS v11.10 or
lower, that you want to
manage with Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 31

Server Management — Configuration

 On the Configuration >
General page, configure these
settings for the Dimension
server:
• Public FQDN or IP address for
the public NAT device (gateway
Firebox) that Dimension is
behind
• Specify the log data
deletion settings
• Specify the database size and
automatic back up settings
• Specify the database location

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 32

Server Management — Configuration

 On the Configuration >
Visibility page, you can
change the Logging
Encryption Key for the
Dimension server,
enable Anonymized
Mode, specify settings
for Administrator logging
and logging connections,
and configure Dimension
to allow or deny
diagnostic log messages
from your Fireboxes

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 33

Server Management — Configuration

 When you enable
Anonymized Mode, the
user names, IP
addresses, host names,
and mobile device
names that appear in
reports and dashboards
are replaced with
anonymized text
 You can add a user with
Anonymization Officer
credentials who can log
in to temporarily show
the anonymized data
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 34

Server Management — Configuration

 Administrator Logging
• Generate an audit log
message when an
selects any page in
Dimension
• Generate a log
message only when
Anonymized Mode is
enabled, but temporarily
disabled by an
Anonymization Officer

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 35

Server Management — Configuration

 Logging Connections
• To make sure your
Fireboxes do not use
TLS v1.0 for
connections to
Dimension, select
the Disable TLS
1.0 check box
• To accept log messages
from Fireboxes that
have not been added to
Dimension, select
the Accept log
messages from a new
Firebox check box
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 36

Server Management — Configuration

 Diagnostic Log
Messages
• Configure Dimension to
accept or deny the
diagnostic log
messages that your
Fireboxes send
• You can specify a global
setting for all Fireboxes
and add individual
Firebox exceptions to
the global setting

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 37

Server Management — Configuration

 On the Configuration >
Command page, you
can specify the number
of device configuration
file revisions and the
amount of storage in MB
that Dimension saves for
each Firebox managed
by Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 38

Server Management — Configuration

 On the Configuration >
Notifications page,
configure email settings:
• Specify types of event
notifications to send:
– Failure Events
– Device or Server
Event
• Specify the email
addresses to send
notification messages to
and from, the subject of
notification messages,
and test the connection
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 39

Server Management — Configuration

 On the Configuration >
Reporting page, configure the
settings for reports:
• Add Custom Report Templates
for report PDFs to specify the:
– Header
– Footer
– Logo
• Specify the FTP servers where
you can send reports
• Configure settings for
ConnectWise Integration

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 40

Server Management — Configuration

 On the Configuration >
Logging page:
• Enable logging for the
Dimension server.
• Select the Log Level
for the log messages:
– Error
– Warning
– Info
– Debug

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 41

Server Management — IP Address Mapping

 On the IP Address
Mapping page,
configure IP address
resolution for
dynamically or statically
addressed Fireboxes
 Some Dimension
Dashboards and reports
show a name instead of
the IP address for the
Firebox

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 42

Server Management — IP Address Mapping

 Enable Dynamic IP
Address Resolution for
Fireboxes with dynamic
IP addresses
 Add an IP address/name
pair to the
Static IP Address Map
list for Fireboxes with
static IP addresses

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 43

Server Management — Diagnostics

 On the Diagnostics
page, you can use these
diagnostic tools:
• Purge diagnostic log
messages
• View Process List
• View Log Messages:
– Log Server
– Log Collector
– Dimension Server

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 44

System Settings — Status

 On the System Settings
> Status page, you can:
• Review Dimension
system and network
settings
• Manage certificates
– Generate a Web
Server CSR
– Import a Web Server
Certificate
– Manage Trusted CA
Certificates

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 45

System Settings — Status

• System Maintenance
– Reboot
– Upgrade
– Restore
– Shut down
Powers off the VM
• View & log out connected
users

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 46

System Settings — Manage CA Certificates

 On the System Settings >
Status page, Certificate
Management section, select
Manage Trusted CA
Certificates.
• Import certificates
• View certificates in the list
• Remove certificates from the
list

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 47

System Settings — Configuration

 On the System Settings
> Configuration page,
you can:
• Change the system
interface and static
route settings
• Enable Dimension to
send feedback to
WatchGuard
• Specify the domain
settings
• Specify the NTP
settings and NTP
servers for Dimension
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 48

System Settings — Configuration

• Enable Dimension to
send email notifications
and specify the email
server information and
credentials
• Enable Dimension to
create backup files of
log data on an SFTP
server

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 49

System Settings — Configuration

 On the System Settings
> Audit Report page,
users with Super
Administrator privileges
can use the Audit Report
to see the audit log
messages generated by
Dimension
• Specify the date and
time range for the report
• Filter by event type
• Export log messages as
a .CSV file

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 50

System Settings — Diagnostics

 On the System Settings >
Diagnostics page, you can
run diagnostic tasks for the
Dimension operating system,
Dimension server, and
Dimension email system

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 51

System Settings — Diagnostics

 Operating System tasks:
• Ping, traceroute, DNS lookup
• System Diagnostics
• Support Access for
Diagnostics
• System Package Update
• Status Report

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 52

System Settings — Diagnostics

 Dimension Server
tasks:
• Process Information
• Task History
• Log Messages

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 53

System Settings — Diagnostics

 Email system tasks:
• Email status
• Flush email queue
Send all email
messages in the queue
• Purge Email queue
Remove all email
messages in the queue
• Test email
• Review log messages
from the Dimension
email system

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 54

Database — Status
 On the Database >
Status page, you can
monitor the status of the
Dimension database
 Database Status
• Current database status
• Stop & start the
database processes

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 55

Database — Status
 Database Backup
• Create or restore a
backup file of the
database
• Does not include
historical data
 Log Rate
• Review the last 24
hours of database
activity

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 56

Database — Configuration
 On the Database >
Configuration page,
you can change the
location of the
Dimension database.
• Built-in database
• External PostgreSQL
database

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 57

Database — Diagnostics
 On the Database >
Diagnostics page, you
can monitor the status of
the Dimension database.
• Database Process List
– See all the active
database processes
• Log Messages
– View the log
messages generated
each day

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 58

Database — Diagnostics
• Status Report
– See statistics for the
devices connected to
Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 59

Manage Tasks
 From the Manage Tasks
page, you can add, edit,
or remove these tasks:
• Schedule Reports
• Back Up Historical Data
• Restore Historical Data
 Schedule reports to
generate repeatedly, but
back up & restore of
historical data is a one-
time task

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 60

Manage Tasks — Schedule Reports

 Report Schedules
• Configuration locked — You can view scheduled reports
• Configuration unlocked — You can add a new report schedule,
and edit or remove scheduled reports
 Before scheduled reports can be sent to a destination, you
must configure the settings in Dimension for that destination:
• Send in email — Email Settings (System Settings >
Configuration)
• Send to a directory — FTP Servers (Server Management >
Configuration > Reporting)
• Send to ConnectWise — ConnectWise Settings (Server
Management > Configuration > Reporting)

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 61

Manage Tasks — Schedule Reports

 Add a report schedule:
• Select Add > Schedule
Reports
 Create Schedule >
Name & Description
settings:
• Schedule Name
• Description (optional)

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 62

Manage Tasks — Schedule Reports

 Resource Selection
• Devices:
– All Devices
– Specify Devices
• Servers:
– All Servers
– Specify Servers

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 63

Manage Tasks — Schedule Reports

 Destination Selection
• Must add at least one
destination for the
report
• Send reports in email
• Send reports to a
directory on an SFTP
server
• Send reports to
ConnectWise

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 64

Manage Tasks — Schedule Reports

 Report Selection
• Report Types
• Time Zone
– Web-based reports appear
in the browser time zone
• Report Template
– Use any Custom Template
• Report Output Options
– Single
– Combined
– Single & Combined

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 65

Manage Tasks — Schedule Reports

• Run Reports
– Daily
– Weekly
– Monthly
– Now (Run once)
• Start Time

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 66

Executive Summary Report

 Executive Summary
Report
• Sent as a PDF file
• Specify a logo, header,
and footer to customize
the report

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 67

Web Traffic Summary Report

 Web Traffic Summary
report
• Sent as a PDF file
• Specify a logo, header,
and footer to customize
the report
• Report includes the Top
Domains chart with the
Web Categories (in a
pie chart), and removes
any byte counts or
tabular information

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 68

Manage Tasks — Back Up Historical Data

 Historical data includes, this information for the Firebox
devices, FireClusters, and WatchGuard servers that are
connected to Dimension:
• Device information records
• Log messages
• Summary report data
• Device health statistics
• Managed VPN statistics

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 69

Manage Tasks — Back Up Historical Data

 Before you can back up the historical data in the Dimension
database, you must configure Dimension to use a remote
backup server and then specify the location of that remote
server in the Database Backup Settings
 Select Administration > System Settings > Configuration
and complete the Remote Backup settings

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 70

Manage Tasks — Back Up Historical Data

 Add a task to back up
historical data:
• Select Add > Back Up
Historical Data
• Specify the Task Name and
an optional Description of
the task
• Specify the Start date and
End date for the data to
include in the backup file
• Select whether to send a
notification to the
administrator when the
backup is created or fails
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 71

Manage Tasks — Restore Historical Data

 Add a task to restore
historical data to the
Dimension database:
• Select Add > Restore
Historical Data
• Specify the Task Name
and an optional
Description of the task
• Specify the Start date
and time and End date
and time for the data to
restore to the database

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 72

Manage Tasks — Restore Historical Data

• Select whether to send
an email notification to
the administrator when
the backup file is
successfully restored or
when the restore fails

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 73

Access Management
 On the Access Management pages, you can:
• Manage the local user accounts to specify who can connect to
Dimension
• Configure settings to authentication servers for connections to
Dimension
• Run diagnostic tasks to test the connection to your
authentication servers

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 74

Access Management — Users & Groups

 On the Users & Groups
page, you can manage
the local users who can
connect to Dimension
 Add users and assign
roles to each user to
specify what parts of
Dimension each user
can get access to and
which Fireboxes each
user can see in
Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 75

Access Management — Users & Groups

 Dimension includes these roles for role-based administration
that you can assign to local users:
• User:
– Local authentication
– Active Directory User
– Active Directory Group
• Devices:
– List of devices that send log messages to Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 76

Access Management — Users & Groups

• Roles that apply to all devices:
– Super Administrator (All access)
– Report Administrator (Schedule reports, manage groups, view logs,
view reports)
– Anonymization Officer (Only available when Anonymized Mode is
enabled)
• Roles that can be applied to individual devices and groups:
– Device Administrator
– Device Monitor
– VPN Administrator
– VPN Monitor
– View Logs
– View Reports
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 77

Access Management — Users & Groups

 Role policies function as they do in WSM:
• User + List of roles + List of Devices
 User authentication is similar to WSM:
• Local user, AD user, AD group
• AD requires DNS to resolve DCs by internal domain name
 Built-in roles only
• You cannot add custom roles
 Applied to a list of devices

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 78

Access Management — Users & Groups

 Add a User or Group
• Select the Type of user (the
location of the user account):
– Local User
– AD User
– AD Group
– RADIUS User
– RADIUS Group
• Specify the user Name
– Use the format specified for
the user type you selected
• Set the Passphrase
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 79

Access Management — Users & Groups

 Configure the role
Policies settings:
• Select the Group
Membership for the
user or group
• Specify one or more
Role(s) for the user or
group
• Select one or more
Devices for the user or
group

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 80

Access Management — Users & Groups

 Select a role for the user:
• Roles for All Devices:
– Super Administrator
– Global Administrator
– Global Monitor
– Report Administrator
– View All Logs
– View All Reports
– Anonymization Officer
(Only available if
Anonymized Mode is
enabled)

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 81

Access Management — Users & Groups

• Roles for Specific
Devices:
– Device Administrator
– Device Monitor
– VPN Administrator
– VPN Monitor
– View Logs
– View Reports

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 82

Access Management — Users & Groups

 Select devices for the
user or group:
• Add any Firebox in the
Available list to the
Selected list
• Use the Search text
box to find a Firebox in
the list of available
devices
• The user or group can
then only see the
specified devices in
Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 83

Access Management — Users & Groups

 Select Access Control
restrictions for the user
or group:
• Add any host name or
network address to the
Host or Network list
• The user or group can
then only connect to
Dimension from the
host name or network
address you specified

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 84

Access Management — Configuration

 On the Configuration pages,
specify the authentication server,
user lockout settings, and access
control settings for Dimension
• Authentication
– Use your Active Directory or
RADIUS server to get user
credentials and group details
• Lockout
– Configure settings for user
lockout
• Access
– Specify which addresses can
connect to Dimension
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 85

Access Management — Configuration

 Authentication
• Select whether to use your
existing Active Directory
server or RADIUS server for
authentication
• Select Enable Active
Directory Authentication
– Enable Dimension to
connect to your Active
Directory server so you can
add users to Dimension
from your Active Directory
server
– LDAPS must be enabled on
your Active Directory server
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 86

Access Management — Configuration

• Select Enable RADIUS
Authentication
– Enable Dimension to
connect to your RADIUS
server so you can add
users to Dimension from
your RADIUS server

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 87

Access Management — Configuration

 Configure the Lockout
Settings to enable user
lockout and specify the global
settings for how long users
are locked out
• Users can be locked out for a
number of minutes
• Users can be locked out after
a number of unsuccessful
attempts to log in
• Users can be locked out
permanently after a number
of unsuccessful log in
attempts
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 88

Access Management — Configuration

 Configure the Access Control
settings to specify the host
name or network address that
can be used to connect to
Dimension
• Add any host name or network
address to the Host or Network
list
• Users can then only connect to
Dimension from the specified
host or network addresses
• Make sure to add the host name
or IP address that you use to
administer Dimension
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 89

Access Management — Diagnostics

 From the Diagnostics
page, you can run these
authentication tests:
• Active Directory
Server Connection
– Verifies that
Dimension can contact
your Active Directory
Server at the specified
Domain Name

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 90

Access Management — Diagnostics

• Active Directory
User Credentials
or
RADIUS Server User
Credentials
– Verifies the specified
user credentials are
available on the
specified server

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 91

Use Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 92

Use WatchGuard Dimension

 WatchGuard Dimension is a virtual visibility and management
solution you can use to capture the log data from your
Fireboxes, FireClusters, and WatchGuard servers, and
manage your Fireboxes and FireClusters.
 Management from Dimension
• To use the Dimension management features, each Firebox or
FireCluster must have a feature key with the LiveSecurity
Service and Dimension Command features enabled
• Add your Fireboxes and FireClusters to Dimension to centrally
manage and control the configurations and settings of each
Firebox
• Create managed VPNs between Fireboxes and FireClusters
managed by Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 93

Use WatchGuard Dimension

 Logging & Reporting from Dimension
• To use the logging & reporting features in Dimension, each
Firebox or FireCluster must have a feature key with the
LiveSecurity Service feature enabled
• See log data in real-time
• Track traffic across your network
• View the source and destination of traffic
• View log message details of the traffic
• Monitor threats to your network
• View reports of the traffic

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 94

Management with
Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 95

Management with Dimension

 After you add your Fireboxes and FireClusters to Dimension,
you can manage them with Dimension.
 Manage the device configuration file for each Firebox or
FireCluster
 Manage VPN tunnels between Fireboxes managed by
Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 96

Management with Dimension — Devices

 Open Fireware Web
UI for managed
devices directly from
Dimension
• Normal
configuration and
device
management
– Select Actions >
Open Fireware
Web UI

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 97

Management with Dimension — Devices

• Resolve issues
identified in
Dashboard pages,
log messages, and
reports
– Click a link on a
Dashboard page
to open Fireware
Web UI and
resolve the issue

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 98

Management with Dimension — Devices

 Dimension stores the
configuration files for
the Fireboxes and
FireClusters it
manages
• Each time you change
the configuration file,
even if the changes
are made outside of
Dimension, a new
revision is stored and
appears in the
Configuration
History list

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 99

Management with Dimension — VPNs

 On the VPNs page,
you can create
managed hub-and-
spoke VPNs between
managed devices
1. Select Home > VPNs
2. Click Add to start the
Create VPN wizard

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 100

Management with Dimension —VPNs

3. Select the Hub
Device
• This is a Firebox
managed by
Dimension
4. Select a BOVPN
Type
• Traditional BOVPN
(Recommended)
• Virtual Interface
BOVPN

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 101

Management with Dimension — VPNs

5. Specify a VPN Name
for the managed VPN
• This is the name that
appears on the VPNs
page, in the
Dashboard pages,
and in the reports for
VPNs
• You cannot change
the VPN Name after
the VPN is created

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 102

Management with Dimension — VPNs

6. Specify the External
Interfaces to use for
the managed VPN
• You can add more
than one interface to
use for failover
• If you add more than
one external interface,
make sure the first
interface in the list is
the primary external
interface of the
Firebox you selected
as the Hub device

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 103

Management with Dimension — VPNs

7. Specify the VPN
Resources to use
for the managed
VPN
• Specify the IP
addresses that the
Spoke devices can
use to connect to
tunnel routes
• Specify the Direction
of the traffic through
the BOVPN tunnel
• (Optional) Enable 1:1
NAT

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 104

Management with Dimension — VPNs

 After you add the Hub
device to the VPN, you
can edit the Hub
device settings to
configure the security
settings for the VPN
1. Click Edit Hub
Settings

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 105

Management with Dimension — VPNs

2. Specify Phase 1
Settings:
• Select whether to use
NAT Traversal and
specify the Keep-alive
interval in seconds
• Select whether to use
IKE Keep-Alive and
configure the related
settings
• Select whether to use
Dead Peer Detection
and configure the
related settings

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 106

Management with Dimension — VPNs

3. Specify Phase 1
Transform settings:
• Select an
Authentication method
• Select an Encryption
method
• Specify the SA Lifetime
(hours)
• Select a
Diffie-Hellman
Key Group

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 107

Management with Dimension — VPNs

4. Specify Phase 2
Settings:
• Enable PFS and select
a Diffie-Hellman group
• Select an
Authentication method
• Select an Encryption
method
• Select a Force key
expiration option:
– By Time (in hours)
– By Traffic (in number
of kilobytes sent
through the VPN)
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 108

Management with Dimension — VPNs

 After you add the Hub
device to the VPN, add
one or more Spoke
devices to the VPN
1. In the Spokes section,
click Add

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 109

Management with Dimension — VPNs

2. In the Add Spoke
Gateway wizard, select
a Firebox to add as the
Spoke device
• This can be any Firebox
managed by
Dimension, except for
the Hub device

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 110

Management with Dimension — VPNs

3. Add the External
Interfaces on the
Spoke device to use for
traffic through the VPN
tunnel
• By default, the list
includes the external
interface configured on
the Firebox you
specified as the Spoke
device

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 111

Management with Dimension — VPNs

• If you add more than
one external interface to
the list, make sure the
first interface in the list
is the primary external
interface on the
Firebox.

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 112

Management with Dimension — VPNs

4. Select the Tunnel
Mode:
• Specify Traffic Routes
Over VPN
(Recommended)
• Send All Traffic Over
VPN

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 113

Management with Dimension — VPNs

5. Add routes to the Route
From list:
• Specify the IP address
of the external interface
on the Spoke device
• Select the direction of
traffic over this IP
address:
– Bi-directional
(Recommended)
– Hub-to-Spoke
– Spoke-to-Hub

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 114

Management with Dimension — VPNs

• (Optional) Select the
Enable 1:1 NAT check
box and type the host
address or network
address to use

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 115

Management with Dimension —VPNs

6. If you selected Specify
Traffic Routes Over
VPN:
• In the Route To list, the
external IP addresses
of the Hub device
appear
• You can change which
external IP addresses
on the Hub device the
Spoke device can
connect to

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 116

Management with Dimension — VPNs

7. Select the Firewall
Policies in your Spoke
device configuration file
to apply to the traffic
through the managed
VPN:
• Default options:
– Any (Recommended)
— The default Any
policy included in your
device configuration
file

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 117

Management with Dimension — VPNs

– None — No policy will
be applied to the traffic
through the managed
VPN
• You can also select
another firewall policy
from your Firebox
configuration that
appears in the Firewall
Policies list

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 118

Management with Dimension —VPNs

 The Spoke device
appears in the Hub and
Spoke VPN map and in
the Spokes list:
• Hub device — Round
• Spoke device — Hub
Square Spoke
Inactive Connection
• Line between icons
shows the connection
status:
– Solid — Active
– Dotted — Inactive

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 119

Management with Dimension — VPNs

• Icon color shows the
tunnel status:
– Green frame — At
least one active tunnel
– Green solid — All
tunnels are active
– Grey — No VPN
health data Hub

– Red — No active Spoke

Inactive Connection
tunnels

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 120

Logging & Reporting with

Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 121

Logging & Reporting with Dimension

 To get the most out of the logging and reporting features of
Dimension, make sure to:
• Select Enable logging for reports in proxy actions on your
Fireboxes
• Enable logging of Allowed Packets in all policies on your
Fireboxes
• Enable logging for Subscription Services and other features on
your Fireboxes
• Configure your Fireboxes and WatchGuard servers to send all
log messages to your instance of Dimension
 A list of where to enable logging in your Firebox configuration
to see specific reports in Dimension is available in Fireware
Help
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 122

Logging & Reporting with Dimension

 When logging is enabled on your Firebox, and your Firebox is
configured to send log messages to Dimension, you can see
details from the log messages in the Dimension dashboards
and reports
• Dashboards only include the widgets for available data
• Reports only appear for available data

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 123

Executive Dashboard
 Executive Dashboard
Widgets
• Top Zero-Day Malware
(APT)
• Top Clients
• Top Domains
• Top URL Categories
• Top Destinations
• Top Applications
• Top Application
Categories
• Top Protocols
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 124

Executive Dashboard
 Click a summary widget
to expand it and see
more detail

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 125

Security Dashboard
 Security Dashboard
Widgets
• Top Blocked Advanced
Malware (APT)
• Top Blocked Clients
• Top Blocked Destinations
• Top Blocked URL
Categories
• Top Blocked Applications
• Top Blocked Application
Categories
• Top Blocked Protocols

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 126

Security Dashboard
 IPS Signatures
 Gateway AntiVirus
 Click a summary widget
to expand it and see
more detail

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 127

Subscription Services
 Subscription Services
Dashboard Widgets:
• Blocked Websites
• Virus (GAV)
• Intrusions (IPS)
• Malware (APT)
• Reputation Enabled
Defense
• Data Loss Violations (DLP)
• spam
• Botnet Detection

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 128

Subscription Services
 Move your cursor over
the chart in each widget
to see more details
 View Summary — See
a summary report of the
data included in each
widget

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 129

Threat Map
 Denied Packets
(Blocked)
 Intrusion Prevention
Service
 Web Traffic
 Application Control
 All Traffic

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 130

FireWatch
 Shows IPv4 & IPv6
addresses
 Sort by:
• Source
• Destination
• Domains
• Application
• Web Audit
• Protocol

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 131

FireWatch
 Pivot on:
• Bytes
(Only for packet filter
traffic for Fireware OS
v11.8 or higher)
• Connections
 Hover for more detail:
• Filter further
• Show connections
 Full screen mode

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 132

Policy Map
 An interactive tool that
aggregates the traffic
through your Firebox
devices and shows the
traffic in a visualization of
the traffic flows
 Traffic flows appear as
ribbons that flow through
the connections the
traffic makes

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 133

Policy Map
 Policy Map shows the
number of flows, bytes,
and connections that are
included in the traffic
flow

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 134

Policy Map
 Filter Policy Map on: • Interfaces in use
• Subscription Services • Connections between active
activity interfaces
• Application activity through
policies
• Policies in use
• Users in policy flows
• Policies that use the most
bandwidth
• Connections between the
Trusted and Optional
interfaces

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 135

Policy Map
 Pivot Policy Map on:
• Bytes
• Connections
(Not available for the
Web Audit filter)

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 136

Policy Map
 See the traffic flow
 The traffic flow ribbon
passes through the
connection columns in
Policy Map

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 137

Policy Map
 Click a column to see the
traffic flow details
• Number of connections
• Filter Policy Map on the
selected traffic flow
• View connections in
Policy Map for the
selected traffic flow

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 138

Policy Map
 Filtered view of the
selected traffic flow

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 139

Policy Map
 View connections from
the selected traffic flow

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 140

AP Devices
 AP Devices Dashboard
shows a summary of the
WatchGuard AP devices
connected to the Firebox
 Shows the number of
clients for each AP
device over the selected
time range

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 141

AP Devices
 Hover to see more
information about a
section of the graph

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 142

AP Devices
 Pivot to change data:
• By Bytes
• By Clients

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 143

AP Devices
 Filter on:
• All AP Devices
• All SSIDs
• All Bands

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 144

Mobile Devices
 The Mobile Devices
Dashboard shows
summary information for
all mobile devices
connected to your
Firebox
 Details include:
• Mobile Device name
• Last User name
• Device Type
• VPN Name
• Update Time

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 145

Mobile Devices
 Mobile Devices
Widgets:
• Compliance Check
• Device Type
• VPN
 Hover over a section of
a Widget for more
information
 Click the ? adjacent to
the Widget title for
details about the
information in the
Widget
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 146

Log Manager
 Log messages are
stored in UTC time
 Appears in your web
browser’s local time

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 147

Log Search
 Run simple or complex
search queries to refine
the list of log messages
for the selected Firebox
 Filter search results by
log message type:
• Traffic
• Alarm
• Event
• Diagnostic
• Statistic
• All
WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 148

Per Client Reports

 Summary & Detail
reports
 Includes information
from proxy log messages
about an authenticated
user, host name, or an IP
address
 Detailed activity
summary for the
selected client and the
time range

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 149

Per Client Reports

 Collapse and expand the selection criteria section
 Specify at least one of these options:
• User name or ID
• IP address
• Host name
 For a Data Loss Prevention report, you can also specify these
options:
• Policy name
• Rule name (required)

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 150

View Reports
 On the Reports tab for a
Firebox, group, or server,
you can expand a report
type and select many of
the same reports that are
available on your
WatchGuard Report
Server

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 151

View Reports
 On a report, select
options to pivot
on from the pivot
drop-down list
 Export the report to
a PDF file

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 152

Use Dimension in Another Language

 The Dimension user interface is available in these languages:
• English (United States)
• French (France)
• Japanese
• Spanish (Latin America)

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 153

Use Dimension in Another Language

 Explanatory text included in the Executive Summary and
Compliance reports is also localized, when you view them in
your web browser, or generate a PDF from a web browser
view
 PDF reports that are generated from a schedule do not
include localized text

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 154

Support for WatchGuard

Dimension

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 155

Dimension Support — Console Access

 Console shows command line access
 Log in with the wgsupport/readwrite credentials
• Change the password on initial login
• Account restricted to only find or change the IP address
 To set a static IP address, use the command wg_ip_addr.sh,
located in /opt/watchguard/dimension/bin.
• For example, to set a static IP address of 192.168.24.101 on
network 192.168.24.0/24 with gateway 192.168.24.1, type:
– /opt/watchguard/dimension/bin/wg_ip_addr.sh -i 192.168.24.101 -
m 24 -g 192.168.24.1
• When given without any options, or with the option --help, the
command displays help text.

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 156

Dimension Support — Console Access

 To find the external IP address, run the ifconfig command
 To find the Eth0 IP address and interface configuration details,
run the ip addr show command
 To find the route information for Eth0, run the ip route
show command
 Support access for diagnostics is available with a connection
restricted by a client-side certificate

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
 157

Dimension Support — Known Limitations

 Cannot import log files to Dimension
 Certificates must use CSR
• No external private key

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved
Thank You!

WatchGuard Training
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved