Configuring Watchguard Proxies: A Guideline to Supplementing Virus Protection and Policy Enforcement

This paper focuses upon the layered use of the Watchguard Live Security System (LSS) proxy services to mitigate the risks of, and reduce exposure to, viral outbreaks and data compromises. The key to properly configuring LSS proxy services without hampering system function is a strong understanding of organizational policies and these risks. A discussion of the effects and ramifications of using proxied services on the Watchguard and methods of minimizing these effects and weaknesses of the approach are included. The configuration of commonly used stateful proxy filters on the current Watchguard Firebox II and III appliances using LSS 6.2 SP1 are described. Watchguard released 7.0 during the writing of this paper; changes in this version are not covered. Other Watchguard appliances are not discussed since they lack proxy services or vendor support. Emphasis is placed upon the use of content filters and egress policies that enhance defenses against viral code and support AUPs. Defenses that effectively reduce the impact from new attacks using exploits such as those used by Nimda, Klez, and other blended threats are presented. Other functionality of the Firebox is included for comparative purposes; details of those functions are not topics for this paper.