Fireware v12.5.4 is a feature release for Firebox T Series (except T20, T40, T80), Firebox M Series, FireboxV,
and Firebox Cloud appliances.
This release introduces new features and many feature enhancements, including:
TDR Host Sensor Enforcement for Mobile VPN
Adds integrity checks to make sure endpoints that connect to corporate networks follow corporate policy
and are not likely to be compromised by malware.
VPN Feature Enhancements
lHex-based pre-shared keys for BOVPNs — Required for compliance with Commercial Solutions for
Classified (CSfC), an NSA program
lMTU setting for BOVPN virtual interfaces — You can now specify a custom MTU value to ensure VPN
connectivity between a Firebox and a third-party VPN endpoint
lMobile VPN with SSL Client Download page — You can use a new CLI option to disable the download
page if it does not comply with your corporate security policy
spamBlocker Engine Update
spamBlocker now uses Cloudmark, a cloud-based service from Proofpoint, to improve spam detection.
Note that spamBlocker now sends the full email body over TLS to the cloud for scoring, not only an
email hash. For a complete overview of the new service, see the What's New in Fireware v12.5.4
PowerPoint presentation and product documentation.
lSupport for dynamic DNS through Cloudflare
lDefault multi-WAN method changes from Routing Table to Failover
lSD-WAN metrics have new default values to prevent early failover
lRADIUS server failover improvements
lSupport for a new Microsoft API for communication with SSO Event Log Monitor
lFirebox Configuration Report updates
For a full list of the enhancements in this release, see Enhancements and Resolved Issues in Fireware v12.5.4
or review the What's New in Fireware v12.5.4 PowerPoint.
There is no WSM v12.5.4. Use WSM v12.6.1 to manage Fireboxes that run Fireware v12.5.4.
2 WatchGuard Technologies, Inc.