Whats New in Watch Guard XCS v 9

What’s New in Watch. Guard XCS v 9. 1 Update 2

Watch. Guard XCS v 9. 1 Update 2 q Introduce New Features • • • Watch. Guard XCS Outlook Add-in Secure. Mail Email Encryption Intercept Component Report q Install Watch. Guard XCS v 9. 1 Update 2 Watch. Guard Training 2

Watch. Guard XCS Outlook Add-In Watch. Guard Training 3

Watch. Guard XCS Outlook Add-in q Adds special Spam and Not Spam buttons to your Microsoft Outlook client toolbar • • Spam: Report any spam messages that bypassed the spam filters and were delivered to your inbox Not Spam: Report false positives in which legitimate messages were classified as spam Watch. Guard Training 4

Watch. Guard XCS Outlook Add-in q When you click Spam: • • The message can remain in the inbox, be moved to the Junk folder, or deleted (configurable) The message is trained as spam by the Watch. Guard XCS The message is relayed to Watch. Guard servers for training Ø Sent to spam@mailsupport. watchguard. com The sender is added to your personal Blocked Senders List q When you click Not Spam: • • • The message is trained as legitimate mail (Not Spam) by the Watch. Guard XCS The message is relayed to Watch. Guard servers as legitimate mail training Ø Sent to notspam@mailsupport. watchguard. com The sender is added to your personal Trusted Senders List Watch. Guard Training 5

Watch. Guard XCS Outlook Add-in q Available for these software versions of Outlook: • • Outlook 2003 Outlook 2007 q Operating System Support • • • Windows XP Windows Vista Windows 7 q Supported locales: • • • English (default) French (fr) Spanish (es) Japanese (ja) Simplified Chinese (zh-CHS) Watch. Guard Training 6

Watch. Guard XCS Outlook Add-in Requirements q Software Requirements • . NET Framework 3. 5 or greater - Not included with the Outlook Add-in. zip file • • • Windows Installer 3. 1 Microsoft Office Primary Interop Assemblies (PIA) Visual Studio Tools for Office (VSTO) You must download the. NET Framework software from Microsoft q To download the Add-in for your version of Outlook • Select Support > Microsoft Outlook Add-ins on the XCS menu. The Watch. Guard Support Center appears. • • • From the Watch. Guard Support Center, select Download Software. Select Watch. Guard XCS. Select the download link for the Add-in for your version of Outlook. Watch. Guard Training 7

Install the Outlook Add-in To install the Watch. Guard XCS Outlook Add-in: 1. Close Microsoft Outlook if it is currently running. 2. Make sure you have downloaded and installed the. NET Framework (3. 5 or greater) software. 3. Unzip the download package. 4. Double-click the setup. exe installation file. 5. You are prompted to install each prerequisite software as required. 6. Follow the prompts to install the Watch. Guard XCS Outlook Add-in. Note: If you already have the prerequisite software installed, you can install the Watch. Guard XCS Outlook Add-in with the XCSOutlook 2003 Addin. Installer. msi or XCSOutlook 2007 Addin. Installer. msi file. Network administrators can use the. msi installation file to push the add-in to desktop workstations in an Active Directory domain, but the prerequisite software must already be installed on the desktop workstations or be pushed by the administrator before the add-in installation Watch. Guard Training 8

Configure the Outlook Add-in q When you launch Outlook, new buttons appear on the toolbar q Click Configure Watch. Guard Training 9

Configure the Outlook Add-in q To configure the Outlook Add-in options on your XCS device, go to Security > Content Control > Custom Actions q All options are enabled by default Watch. Guard Training 10

Advanced Training Options q Available for User Submitted messages at Security > Anti-Spam > Anti. Spam > Token Analysis > Advanced • • User Submitted Limit – Not Spam (Legitimate Mail) User Submitted Limit – Spam Ø Default = 2000 messages, 10% source weighting Watch. Guard Training 11

New Default Pattern Filters q New default Pattern Filters available for User Submitted messages • Security > Content Control > Pattern Filters Ø Sets training action for submitted messages sent to the notspam@mailsupport. watchguard. com and spam@mailsupport. watchguard. com addresses Watch. Guard Training 12

Secure. Mail Email Encryption Watch. Guard Training 13

Secure. Mail Email Encryption q Encrypt outbound messages directly from the Watch. Guard XCS without the need for a local encryption server or additional desktop software q Messages are secured until they are delivered and decrypted by the recipient of the message q Recipients open an attachment to the encrypted message that allows them to create an account on the Secure. Mail web site and log in to read the message Watch. Guard Training 14

Secure. Mail Email Encryption q When encryption is enabled, you can use these features to scan for specific patterns in email messages that indicate the message must be encrypted • • • Pattern Filters Objectionable Content Filter Content Scanning Content Rules Document Fingerprinting q For example, you can create a Pattern Filter to search for the word “[Encrypt]” in the subject field of a message. • An end user can add this phrase to their message subject header to indicate the message must be encrypted before it is delivered. Watch. Guard Training 15

Replaces Post. X/CRES Encryption q Secure. Mail Email Encryption subscription replaces the existing Watch. Guard XCS Email Encryption technology powered by Post. X/CRES (Cisco Registered Envelope Service) q Current Post. X/CRES customers can continue to use and receive support for Post. X Encryption until their current license expires Watch. Guard Training 16

How Secure. Mail Works • • • When a user sends a message, the Watch. Guard XCS uses pattern and content filters to determine if a specific encryption policy applies to the message. The Secure. Mail engine communicates with the Secure. Mail service to generate encryption keys, any branding data, and creates the notification message. Secure. Mail uses IBE (Identity-Based Encryption), which generates encryption keys based on the sender and recipient email addresses. The message is signed with the sender's public key and delivered to the recipient as a message attachment. The recipient opens the attachment that allows them to register (if this is the first encrypted message received) and authenticate their email address to the Secure. Mail web site. The Secure. Mail web site uses the recipient's private session key to allow the recipient to read the unencrypted message. Watch. Guard Training 17

Read an Encrypted Message q When you receive an encrypted Secure. Mail message, open the message attachment “message_zdm. html” q Click Read Message Watch. Guard Training 18

Read an Encrypted Message q If this is the first encrypted message you receive, you are prompted to register with the Secure. Mail service to create an account and establish a password. q You must respond to a verification email message before you can open the encrypted message. Watch. Guard Training 19

Read an Encrypted Message q You must type your password to verify your identity q When you are authenticated, the secure message is decrypted and displayed Watch. Guard Training 20

Reply to an Encrypted Message q You can securely reply to or forward encrypted messages with the same web-based service that allows you to read the encrypted message • Click Reply • • Type your reply, and click Send Secure An encrypted reply is sent to the sender of the original encrypted message Watch. Guard Training 21

Reply to an Encrypted Message • • • The Secure. Mail server sends secure replies on behalf of your organization's email domain, and the email message appears to originate from a Secure. Mail domain. In certain cases, mail security devices may block these messages because they originate from a different domain than your own. You must make sure that your mail security devices are configured to allow messages from Secure. Mail servers when secure replies are sent back to your email domain. On the Watch. Guard XCS, you can set up a Pattern Filter to Accept these Secure. Mail server IP addresses: Ø mail 1. vsn. voltage. com 165. 193. 228. 181, 205. 140. 196. 245* replaces mail 1 address soon Ø mail 2. vsn. voltage. com 165. 193. 228. 186, 205. 140. 196. 250* replaces mail 2 address soon Ø mail 3. vsn. voltage. com 165. 193. 91. 245 Ø mail 4. vsn. voltage. com 165. 193. 91. 250 Watch. Guard Training 22

Activate Secure. Mail q When you purchase Secure. Mail Email Encryption, you must activate the subscription from the Live. Security activation page. • From the Watch. Guard Support page, select Activate a Product. • Log in, select your XCS product, then enter your activation key for Secure. Mail Email Encryption. Watch. Guard Training 23

Activate Secure. Mail q You must provide information about your organization: • • Email Domains – The email domains from which your users will send encrypted messages (example. com, example 1. com, etc. ) Gateway IP addresses – The public IP addresses from which your Watch. Guard XCS device connects to the Secure. Mail servers. Ø This is required to authorize only your organization's IP addresses to establish a • connection with the Secure. Mail service. Authorization Code – Authorizes Secure. Mail Email Encryption for use with your Watch. Guard XCS device. Ø This code is entered in your Secure. Mail configuration on the Watch. Guard XCS. Ø The Authorization Code must be 15 -20 alphanumeric characters in length and cannot contain symbols or spaces. Watch. Guard Training 24

Activate Secure. Mail q You will receive your Secure. Mail account information and confirmation from Watch. Guard customer care in 24 -36 hours. Watch. Guard Training 25

Secure. Mail Branding q You can display custom logos and branding text for your organization on encrypted message envelopes q You must purchase and activate the subscription from the Live. Security activation page Watch. Guard Training 26

Activate Secure. Mail Branding q Provide the following information: • • Branding Profile code Ø Identifies your branding profile (logo and branding text) on the Secure. Mail service Ø The branding profile value is entered in your Secure. Mail configuration on the Watch. Guard XCS Ø Can be up to 20 alphanumeric characters, must start with a letter, and cannot contain symbols or spaces Logo Ø After activation, you will be contacted by customer care. Ø You can send a custom logo to customer care to display on your encrypted message envelopes Ø Must be 370 pixels wide and 70 pixels high on a transparent background in gif, jpg or png format Watch. Guard Training 27

Configure Secure. Mail q Go to Security > Encryption > Secure. Mail and select the Enable Secure. Mail Encryption check box q In the Authorization Code text box, you must type your authorization code to authorize Secure. Mail Email Encryption for use with this Watch. Guard device q In the Branding Profile text box, type an optional branding profile value that corresponds to your branding profile (logo and text) configured with the Secure. Mail service • If you type an incorrect Branding Profile value, the default Watch. Guard branding appears on the encrypted message envelope q From the User List drop-down list, select the list that contains the users allowed to use Secure. Mail encryption Watch. Guard Training 28

Troubleshoot Secure. Mail Configuration q When you apply the Secure. Mail configuration, the Watch. Guard XCS connects to the Secure. Mail server and tests your configuration. q If you receive an error that the Watch. Guard XCS cannot contact the Secure. Mail server, check the following: • • The Watch. Guard XCS requires an outbound HTTPS connection on port 443 to connect to the Secure. Mail server. Make sure this connection is allowed by your network firewall. The Secure. Mail service returns an XML-based configuration file. Make sure your network firewall or content filter allows XML files. q If the connection to the Secure. Mail server completes, but you receive an error that the Message Encryption verification test failed, check the following: • • Confirm that you correctly entered your Authorization Code. Check the gateway IP addresses you activated with Secure. Mail to make sure you are connecting from the public IP address of the Watch. Guard XCS. Watch. Guard Training 29

Configure Secure. Mail – Upload Users q You must upload a list of user email addresses that are permitted to encrypt messages with Secure. Mail encryption. • If the user does not appear in the list, the message is rejected with the error code "550 Error: content rejected". q Create a text file containing a list of user email addresses with one address per line. For example: user 1@example. com user 2@example. com user 3@example. com user 4@example. com q Click Manage User Lists. (You can also select Security > Content Control > Dictionaries & Lists on the menu) Watch. Guard Training 30

Configure Secure. Mail – Upload Users (continued) q Click Browse to select your list of users to upload. q From the Character set drop-down list, select the encoding used in the uploaded file. For example, select ASCII. q Click Continue. Watch. Guard Training 31

Configure Secure. Mail – Upload Users (continued) q In the Name text box, type a descriptive name for the list. q From the Type drop-down list, select email. q Click Continue to finish uploading the file. Watch. Guard Training 32

Configure Secure. Mail – Upload Users (continued) q The Secure. Mail configuration page displays: • • A summary of users in your encryption list The total number of users in the list and the license limit Watch. Guard Training 33

Configure Secure. Mail – Create Content Filters q Use the following features to create content filters to determine messages to encrypt: • • • Pattern Filters Objectionable Content Filter Content Scanning Content Rules Document Fingerprinting Watch. Guard Training 34

Intercept Component Report Watch. Guard Training 35

Intercept Component Report q Reports on Intercept Anti-Spam component processing q Includes the frequency of spam received based on each spam category, the Token Analysis score of messages received, and the Intercept component contribution • • • Spam Frequency – This graph displays the frequency of Certainly Spam, Probably Spam, and Maybe Spam, received over a period of time Token Analysis Score – This graph displays the number of messages received based on their Token Analysis score Intercept Component Contributions – This table displays statistics on identified spam for each Intercept component that contributed to the overall Intercept score Watch. Guard Training 36

Install XCS v 9. 1 Update 2

Install XCS v 9. 1 Update 2 q If enabled, Security Connection automatically downloads update releases • • Install the update in Administration > Software Updates > Updates The update appears in the Available Updates section • • Select the update, then click Install The device restarts This process can take several minutes to complete! Watch. Guard Training 38

Install XCS v 9. 1 Update 2 (continued) q You can also download the update software from the Live. Security site • From the Software Downloads page, download the XCS v 9. 1 Update 2 software [xcs 91_update_2. pf] to your local computer Click to download Watch. Guard Training 39

Install XCS v 9. 1 Update 2 (continued) q Upload the software update in Administration > Software Updates > Updates • • Click Browse to find the downloaded file on your computer Click Upload Watch. Guard Training 40

Install XCS v 9. 1 Update 2 (continued) q The update appears in the Available Updates section q Select the update, then click Install q The device restarts This process can take several minutes to complete! Watch. Guard Training 41

Thank You!