WatchGuard XTM 505

地址：深圳市福田区燕南路404栋605室我们刚从厂家拿回来一台设备时是没有经过配置的，虽然有默认ip ，但是没有默认的密码。

所以我们还是不能用管理软件来配置并管理这台设备。

在这种情况下，我们使用快速安装向导来进行初始的配置。

首先安装WSM 管理软件。

接着使用快速安装向导。

点击下一步，将会出现一下窗口。

按照你的情况选择，没有多大关系。

在接下来的窗口中，选择你的防火墙的型号。

地址：深圳市福田区燕南路404栋605室地址：深圳市福田区燕南路404栋605室目前最新的版本为10.2.6 。

所以推荐选择10.2 以上将你的电脑接到防火墙的Trusted 端口上。

地址：深圳市福田区燕南路404栋605室按住防火墙面板上的按钮，接着关掉电源，然后打开。

（如果你是第一次使用快速安装向导，则按住向上键，若你是想恢复一下出厂设置，则按住向下键，因为当你是第一次使用时，设备里没有feature key ,而你想恢复时，设备里有feature key ）直到前面面板的指示灯出现安全模式字眼时，就可以松手，不用按住向上键了。

地址：深圳市福田区燕南路404栋605室选择pc 上的网络接口。

然后设备会自动查找。

地址：深圳市福田区燕南路404栋605室若找到设备了，就会显示设备的型号，版本号，序列号。

在这个窗口中，你可以为这个设备取个名字，方便记忆就可以，同时写上防火墙的位置，联系人。

一般我没有写。

地址：深圳市福田区燕南路404栋605室好了，现在就可以填写有点用的东西了，在这个窗口中，请你为外网口选择获取ip 地址的方式，有DHCP, PPPOE,或者使用静态的ip 地址。

按照你的具体情况而定吧！因为我是选择使用静态ip 地址的，所以它需要我填上ip 地址和默认网关。

（其实在这里都可以随便填写的，当你进入设备时还是可以改正的。

）地址：深圳市福田区燕南路404栋605室这个窗口是要你配置Trusted/optional 口的ip 地址。

WatchGuard XTM 510[产品描述]：WatchGuard®XTM 510，适用于千台以上终端的各类中型网络或"企业集团、金融、能源、酒店、运营、政府（机关单位）等分支机构使用,支持局域网1000台以上PC终端(无限制用户) ,75分支办公室VPN连接总部或数据中心网络使用,通过 XTM的智能分层技术阻止新的未知&已知威胁主动预防御`防病毒、入侵防护、垃圾病毒邮件过滤、WEB内容过滤、反间谍软件、SSL-VPN、多链路负载均衡、带宽分配.标准版操作系统"Fireware®XTM",WSM管理软件,多功能安全防火墙处理性能吞吐量1.4Gbps，开通XTM处理后吞吐量400Mbps吞吐量，VPN吞吐量350Mbps、VPN总隧道数250条“其中SSL隧道75(默认为1个)、IPSec隧道75、移动IPSec：100(默认为25个)、50个PPTP、６个DMZs、并发会话数50,000、每秒新建连接数：18,000、局域网IP地址不受限、策略数不受限、VLAN支持75个、本地用户认证DB 限制500、制物理接口：6个10/100/1000、1个10/100/自定义口、2个USB备份口、1个串行端口、1个LED 操作屏、1U机架式（含上架配件）、尺寸：286mmx432mmx44mm、重量：7.3公斤、功耗最大50瓦、电源100-240V 自检测。

[[产品参数]：操作系统专业版操作系统"Fireware®XTM"产品 类型XTM 防火墙（UTM 3.0）智能分层技术阻止新的未知&已知威胁 ★未知威胁：XTM—无限扩展模型技术 ★已知威胁：UTM—特征库技术产品定位适用于千台以上终端的各类中型网络或"企业集团、金融、能源、酒店、运营、政府（机关单位）等分支机构使用,支持局域网1000台以上PC终端(无限制用户) , 75分支办公室VPN连接总部或数据中心网络使用吞吐量 性能一、启用XTM保护设备吞吐量（XTM+UTM）：400Mpbs（1）预防御模型集吞吐量：400Mpbs（2）反病毒Anti-Virus特征吞吐量：400Mpbs（3）入侵防护iPS特征吞吐量：400Mpbs（4）网页内容过滤Web Filtering特征吞吐量：400Mpbs（5）反垃圾邮件Anti Spam特征吞吐量：400Mpbs二、关闭XTM保护防火墙吞吐量（防火墙+路由进出口）：1.4Gpbs三、WPN吞吐量：350Mpbs四、SSL-VPN吞吐量：350Mpbs五、IPsec-vpn吞吐量：350Mpbs系统性能 平均指本地用户认证DB 限制：500 每秒新建连接数：18,000并发会话数：50,000标策略数：无限制VLAN：75个配置 管理 （方式） 一、专用WSM管理软件（WatchGuard System Manager & WatchGuard Server Center）1、WatchGuard System Manager 专业XTM防火墙精细化管理软件2、WatchGuard Server Center（1）Management Server：数台防火墙集中管理服务器，可同时下发策略到多台。

1、根据序列号去watchguard网站上获取live security license，并下载三个软件：fireware10_2_10.exe、WSM10_2_10.exe、WSM10_2s.exe；
2、安装三个软件到配置机上：wsm10_2s先于wsm10_2_10装
3、装完之后用quicksetup配置初始的外部地址，内部地址、临时地址、状态密码和配置密码，可以按照quicksetup里的发现设备说明，按住向上键重启设备，等待画面，开始配置。

外部地址是eth0口，内部地址是eth1口，临时地址是用来保存第一次配置规则的临时地址，外部地址需要用/24代表子网掩码。

其他诸如dns，远程登录机等都不用配置，状态密码是连接密码，可设11111111配置密码是最后保存配置时要输入的密码，可设22222222
4、最后保存配置。

找到网站上注册后生成的license 文件，
6、启动wsm程序，点击连接设备；输入外部地址和状态密码，等待连接成功。

7、成功之后，选中设备，然后从菜单栏中选择policy manager，进入设备的策略配置页面：空白处点击右键，然后自定义策略添加，在新打开页面里填入个名称：诸如web，更换自和至的端口，（正确的是自any-external至any-entrusted）加入端口号5100、5200、5300、5310，80,只留下一个勾选NAT(一对一NAT)
8、设置NAT,在网络设置里选NAT设置，一对一设置选项卡，添加，接口external，nat基址
为防火墙外部地址，真实地址是web服务器连接防火墙的地址。

Before You Begin2WatchGuard Technologies,Inc.LocalizationWhen you install WSM,you can choose what language packs you want to install.The language displayed in WSM will match the language you select in your Microsoft Windows environment.For example,if you use Windows7and want to use WSM in Japanese,go to Control Panel>Regions and Languages and select Japanese on the Keyboards and Languages tab as your Display Language.Release Notes3Fireware XTM and WSM v11.8.3Operating System Compatibility2444WatchGuard Technologies,Inc.Fireware XTM and WSM v11.8.3Operating System Compatibility3Terminal Services support with manual or Single Sign-On authentication operates in a Microsoft Terminal Services or Citrix XenApp4.5,5.0,6.0and6.5environment.4Native(Cisco)IPSec client and OpenVPN are supported for Mac OS and iOS.For Mac OS X10.8and10.9,we also support the WatchGuard IPSec Mobile VPN Client for Mac,powered by NCP.Release Notes5Authentication SupportThis table gives you a quick view of the types of authentication servers supported by key features of Fireware ing an authentication server gives you the ability to configure user and group-based firewall and VPN policies in your XTM device configuration.With each type of third-party authentication server supported,you can specify a backup server IP address for failover.Fully supported by WatchGuardNot yet supported,but tested with success by WatchGuard customers122Mobile VPN with IPSec/Shrew Soft 3–Mobile VPN with IPSec/WatchGuard client (NCP)Mobile VPN with IPSec for OS and Mac OS X native VPN clientMobile VPN with IPSec for Android devices –Mobile VPN with SSL for Windows 44Mobile VPN with SSL for MacMobile VPN with SSL for iOS and Android devicesMobile VPN with L2TP 6––Mobile VPN with PPTP––N/ABuilt-in Authentication Web Page on Port 4100Single Sign-On Support (with or without clientsoftware)–––Terminal Services Manual Authentication Terminal Services Authentication with Single Sign-On5––––Citrix Manual AuthenticationCitrix Manual Authentication with Single Sign-On5––––Fireware XTM and WSM v11.8.3Operating System Compatibility6WatchGuard Technologies,Inc.Fireware XTM and WSM v11.8.3Operating System CompatibilityRelease Notes 71.Active Directory support includes both single domain and multi-domain support,unless otherwise noted.2.RADIUS and SecurID support includes support for both one-time passphrases and challenge/responseauthentication integrated with RADIUS.In many cases,SecurID can also be used with other RADIUS implementations,including Vasco.3.The Shrew Soft client does not support two-factor authentication.4.Fireware XTM supports RADIUS Filter ID 11for group authentication.5.Both single and multiple domain Active Directory configurations are supported.For information about the supported Operating System compatibility for the WatchGuard TO Agent and SSO Agent,see the current Fireware XTM and WSM Operating System Compatibility table.6.Active Directory authentication methods are supported only through a RADIUS server.System RequirementsMinimum CPUIntel Pentium IV 1GHzIntel Pentium IV 2GHz Minimum Memory 1GB 2GB Minimum Available Disk Space 250MB1GBMinimumRecommended Screen Resolution1024x7681024x768XTMv System RequirementsWith support for installation in both a VMware and a Hyper-V environment,a WatchGuard XTMv virtual machine can run on a VMware ESXi 4.1,5.0or 5.1host,or on Windows Server 2008R2,Windows Server 2012,Hyper-V Server 2008R2,or Hyper-V Server 2012.The hardware requirements for XTMv are the same as for the hypervisor environment it runs in.Each XTMv virtual machine requires 3GB of disk space.Recommended Resource Allocation SettingsVirtual CPUs 1248or more Memory1GB2GB4GB4GB or moreDownloading Software8WatchGuard Technologies,Inc.Downloading SoftwareRelease Notes 9Fireware XTM OSSelect the correct Fireware XTM OS image for your Firebox or XTM e the.exe file if you want to install or upgrade the OS using e the.zip file if you want to install or upgrade the OS using the Fireware XTM Web e the.ova file to deploy a new XTMv device.XTM 2500SeriesXTM_OS_XTM800_1500_2500_11_8_3.exe xtm_xtm800_1500_2500_11_8_3.zip XTM 2050XTM_OS_XTM2050_11_8_3.exe xtm_xtm2050_11_8_3.zipXTM 1500SeriesXTM_OS_XTM800_1500_2500_11_8_3.exe xtm_xtm800_1500_2500_11_8_3.zip XTM 1050XTM_OS_XTM1050_11_8_3.exe xtm_xtm1050_11_8_3.zipXTM 800SeriesXTM_OS_XTM800_1500_2500_11_8_3.exe xtm_xtm800_1500_2500_11_8_3.zip XTM 8Series XTM_OS_XTM8_11_8_3.exe xtm_xtm8_11_8_3.zip XTM 5SeriesXTM_OS_XTM5_11_8_3.exe xtm_xtm5_11_8_3.zip XTM 330XTM_OS_XTM330_11_8_3.exe xtm_xtm330_11_8_3.zip XTM 33XTM_OS_XTM33_11_8_3.exe xtm_xtm33_11_8_3.zip XTM 2Series Models 25,26XTM_OS_XTM2A6_11_8_3.exe xtm_xtm2a6_11_8_3.zip Firebox T10XTM_OS_T10_11_8_3.exe firebox_T10_11_8_3.zip XTMvAll editions for VMware xtmv_11_8_3.ova xtmv_11_8_3.exe xtmv_11_8_3.zip XTMvAll editions for Hyper-Vxtmv_11_8_3_vhd.zipDownloading Software10WatchGuard Technologies,Inc.Upgrade from Fireware XTM v11.x to v11.8.xIf you use an XTM5Series or8Series device,you must upgrade to Fireware XTM v11.7.4before you can upgrade to Fireware XTM v11.8.x.We recommend that you reboot your Firebox or XTM device before you upgrade.While this isnot necessary for most higher-model XTM devices,a reboot clears your device memory andcan prevent many problems commonly associated with upgrades in XTM2Series,3Series,and some5Series devices.Upgrade from Fireware XTM v11.x to v11.8.x2.On your management computer,launch the OS software file you downloaded from the WatchGuardSoftware Downloads Center.If you use the Windows-based installer,this installation extracts an upgrade file called[xtm series orfirebox]_[product code].sysa-dl l to the default location of C:\Program Files(x86)\Commonfiles\WatchGuard\resources\FirewareXTM\11.8_3\[model]or[model][product_code].3.Connect to your XTM device with the Web UI and select System>Upgrade OS.4.Browse to the location of the[xtm series or firebox]_[product code].sysa-dl from Step2and clickUpgrade.Upgrade to Fireware XTM v11.8.x from WSM/Policy Manager v11.x1.Select File>Backup or use the USB Backup feature to back up your current configuration file.2.On your management computer,launch the OS executable file you downloaded from the WatchGuardPortal.This installation extracts an upgrade file called[xtm series]_[product code].sysa-dl l to thedefault location of C:\Program Files(x86)\Common files\WatchGuard\resources\FirewareXTM\11.8_3\ [model]or[model][product_code].3.Install and open WatchGuard System Manager v11.8.3.Connect to your XTM device and launch PolicyManager.4.From Policy Manager,select File>Upgrade.When prompted,browse to and select the[xtm series orfirebox]_[product code].sysa-dl file from Step2.Upgrade your FireCluster to Fireware XTM v11.8.xIf you use an XTM5Series or8Series device,you must upgrade your FireCluster to FirewareXTM v11.7.4before you can upgrade your FireCluster to Fireware XTM v11.8.x.Downgrade InstructionsIf you use the Fireware XTM Web UI or CLI to downgrade from Fireware XTM v11.8.x to anearlier version,the downgrade process resets the network and security settings on your Fireboxor XTM device to their factory-default settings.The downgrade process does not change thedevice passphrases and does not remove the feature keys and certificates.Some downgrade restrictions apply:-You cannot downgrade a Firebox T10to a version of Fireware XTM OS lower than v11.8.3.You cannot downgrade an XTM2050or an XTM330to a version of Fireware XTM OS lowerthan v11.5.1.-You cannot downgrade an XTM25,26,or33device to a version of Fireware XTM OS lowerthan v11.5.2.-You cannot downgrade an XTM5Series model515,525,535or545to a version of FirewareXTM OS lower than v11.6.1.-You cannot downgrade XTMv in a VMware environment to a version of Fireware XTM OSlower than v11.5.4.-You cannot downgrade XTMv in a Hyper-V environment to a version of Fireware XTM OSlower than v11.7.3.Resolved IssuesWhen you downgrade the Fireware XTM OS on your Firebox or XTM device,the firmware onany paired AP devices is not automatically downgraded.We recommend that you reset the AP device to its factory-default settings to make sure that it can be managed by the older version of Fireware XTM OS.Resolved IssuesAuthenticationl LDAP user authentication with groupMembership attribute no longer fails.[78057]l This release includes improved tab formatting in the Custom Authentication Portal Disclaimer message.[78584]Managementl This release resolves an issued that prevented a managed device from consistently contacting the Management Server when the device lease expired.[78880]l This release resolves an issue that prevented a template save from Management Server v11.8.1to a device configured with Deep Packet Inspection running a release prior to v11.8.1.The configurationsave from the Management Server failed and generated this log message in the appliance log file:dvcpcd Error line13025:Element'allow-non-ssl':This element is not expected.Expected is on of(bypass-list,transaction,self-signed,filter,domain-name).Debug[78766]l An Apache server crash on the WatchGuard Management Server has been resolved in this release.[78643,78483]l This release resolves an issue that prevented a template save from Management Server v11.8.1when the managed device uses a third-party web server certificate.[76648]l The managed device folder on the Management Server now shows the model number of the device,the software version in use,the management mode(Full or Basic)and what management groups the device belongs to.[78041]l You can now use SSL Management Tunnels on devices with static IP addresses on their external interfaces.[78089]l Traffic Monitor has been improved to better escape invalid characters and prevent blank displays.[71266]Logging and Reportingl The WSM Report Server PDF report now displays Japanese fonts correctly.[78851]Networkingl Dynamic Routing now continues to work after an external interface is unplugged,in a network configured for Multi-WAN with failover from a dynamic route to a branch office VPN.[76986] l This release resolves an issue that prevented proxy traffic from passing through an XTM device configured in bridge mode with a tagged VLAN.[78239]l A problem that caused a network card interface to hang under high load with very small packets has been resolved.[76405]l The wrong source IP address is no longer used for DHCP relay packets sent though a VLAN interface and a Branch Office VPN tunnel.[78831,78146]FireClusterl This release resolves an issue that caused a FireCluster member to remain in the IDLE state when the member loses the Master election process.[78331]VPNl When using the updated WatchGuard IPSec Mobile VPN Client v11.32(released on3/19),users no longer experience a connection failure in Phase1negotiations,with the log message:“Peer proposesKnown Issues and LimitationsKnown Issues and LimitationsKnown Issues and LimitationsKnown Issues and LimitationsKnown Issues and LimitationsKnown Issues and LimitationsKnown Issues and LimitationsKnown Issues and LimitationsKnown Issues and LimitationsKnown Issues and LimitationsKnown Issues and LimitationsUsing the CLIU.S.End Users877.232.3531 International End Users+1206.613.0456 Authorized WatchGuard Resellers206.521.8375。

一、引言505/505E是以微处理器为基础的调速器，适用于单执行机构或双执行机构的汽轮机控制。

调速器采用菜单驱动软件以引导现场工程师根据具体的发电机或机械驱动应用要求对调速器进行编程组态。

本说明书主要介绍调速器的工作原理、系统构成、面板操作。

由于英文版手册存在不断增加和更改内容等方面的因素，使用woodward 505/505E时，还请参考随调速器提供的woodward正式英文版手册。

二、505/505E的工作原理及系统介绍505/505E电子调节器比一般液压系统控制精度高，自动化水平大大提高，热电负荷自整性也高，它能实现升速（手动或自动），配合电气并网，负荷控制（阀位控制或功频控制），抽汽热负荷控制及其它辅助控制，并与DCS通讯，控制参数在线调整和超速保护功能等。

能使汽轮机适应各种工况并长期安全运行。

2.1 基本原理并网前在升速过程中，转速闭环为无差控制，505/505E控制器将测量的机组实际和给定转速的偏差信号经软件分析处理及PID运算后输出标准电流信号给电液转换器，电液转换器接受调节器输出的标准电流信号，输出与输入电流信号相对应的调节信号油压。

调节信号油压经液压伺服机构放大，控制油动机活塞移动，通过调节杠杆，改变调节汽阀的开度，调节汽轮机高压段、低压段的进汽量。

从而减少转速偏差，达到转速无差控制，当转速达到3000r/min，机组可根据需要定速运行，此时505/505E可接受自动准同期装置发出的或运行人员手动操作指令，调整机组实现同步，以便并网。

机组并网后，如果采用功率闭环控制，可根据需要决定505/505E使机组立即带上初负荷，DEH实测机组功率和机组转速作为反馈信号，转速偏差作为一次调频信号对给定功率进行修正，功率给定与功率反馈比较后，经PID运算和功率放大后，通过电液转换器和油动机控制调节阀门开度来消除偏差信号，对机组功率实现无差调节，若功率不反馈，则以阀位控制方式运行，即通过增加转速设定，开大调节汽阀，增加进汽量达到增加负荷的目的。

一、网络拓扑图：DMZ二、网页过滤库、日志报表服务的配置步骤：1、首先是在服务器里安装日志报表服务，运行管理软件后会提示所要装的服务器软件这里勾上日志和报表服务，然后单击下一步安装完成后双击屏幕右下方的按照默认配置点击下一步，然后配置登录日志报表服务器的密码（如：密码：12345678）点击下一步后配置日志报表服务器的加密密钥和日志报表存放的位置（即数据库位置），如：密钥设为：12345678，日志报表存放位置在C盘下单击下一步再单击下一步便完成了注意，日志和报表默认的数据库大小都是100G，如果服务器磁盘不够，可以把默认的数据改一下。

然后在设置下点击“日志记录”勾上“将日志消息发送到ip地址的log server”，然后点击“配置”然后点击“添加”输入刚才配置日志报表服务器的Ip地址，密钥要与刚才建立日志报表服务器是输入的加密密钥相同单击确定后保存到防火墙便可注：日志报表服务所在的服务器必须长期开着才有数据2、安装网页过滤库服务运行管理软件，安装时勾上网页过滤库服务器后单击下一步进行安装安装完成后双击屏幕右下方的按照默认配置点击下一步，然后配置登录日志报表服务器的密码（如：密码：12345678）单击下一步后选择下载网页过滤库，勾上“是”，点击下载（在确保网络连通的情况下）选择下载存放的位置后点击下载下载完成后点击确定，再按照默认单击下一步单击完成后然后打开防火墙管理软件，进行配置网页过滤，点击“激活”然后进行配置，按照默认点击“下一步”，到了配置网页过滤连接到服务器的地址时点击“添加”，然后输入刚才建立的网页过滤库服务器的Ip点击下一步后把默认的“其他”前面的勾去掉在点击下一步直到完成便可3、日志报表系统测试结果如：上网流量报表如：带宽流量统计如：病毒检测报表系统按很多种类型来分别表示的，详情看报表文档。

产品 简介：日期:2010.07.23 WatchGuard 网络安全 XTM 10 系列产品 ↓ 产品参数型号 属性成本操作系统（专业版）[硬件]XTM防火墙（捆绑 XTM & 备件服务）1年￥4,163,640用户数（10,000+）[硬件]XTM防火墙（捆绑 XTM 服务）1年￥3,202,800XTM - XTM 捆绑服务包1年￥1,264,800XTM - 网关防病毒 特征库1年￥690,120XTM - 入侵防御 特征库1年￥690,120XTM - 网页过滤 特征库1年￥690,120XTM - 邮件过滤 特征库1年￥690,120[硬件]XTM防火墙 1050 （Pro ）标机1年￥2,518,800"XTM 1050" 增加"1年"保修1块￥459,600WG8535 - 专用 4口千兆光纤模块1块￥169,000总部 或 数据中心网络WG8536 - 专用 热插拔风扇1块￥21,000最高版本型号WG8537 - 专用 热插拔电源1个￥105,000WatchGuard 网络安全 XTM 8 系列产品↓ 产品参数型号 属性成本操作系统（专业版）[硬件]XTM防火墙（捆绑 XTM & 备件服务）1年￥3,160,300用户数（5,000）[硬件]XTM防火墙（捆绑 XTM 服务）1年￥2,431,000XTM - XTM 捆绑服务包1年￥847,000XTM - 网关防病毒 特征库1年￥438,000XTM - 入侵防御 特征库1年￥438,000XTM - 网页过滤 特征库1年￥438,000XTM - 邮件过滤 特征库1年￥438,000[硬件]XTM防火墙 830-F （Pro ）标机1年￥1,801,000集团总部 或 数据中心网"XTM 830" 增加"1年"保修1套￥292,000系列最高型号,最高版本"XTM 830" 日期同步激活许可1套￥121,000操作系统（专业版）[硬件]XTM防火墙（捆绑 XTM & 备件服务）1年￥2,674,100用户数（5,000）[硬件]XTM防火墙（捆绑 XTM 服务）1年￥2,057,000XTM - XTM 捆绑服务包1年￥666,000XTM - 网关防病毒 特征库1年￥371,000XTM - 入侵防御 特征库1年￥371,000XTM - 网页过滤 特征库1年￥371,000XTM - 邮件过滤 特征库1年￥371,000[硬件]XTM防火墙 830 （Pro ）标机1年￥1,524,000集团总部 或 数据中心网"XTM 830" 增加"1年"保修1套￥218,000系列最高型号,最高版本"XTM 830" 日期同步激活许可1套￥121,000操作系统（专业版）[硬件]XTM防火墙（捆绑 XTM & 备件服务）1年￥2,187,900用户数（3,000+）[硬件]XTM防火墙（捆绑 XTM 服务）1年￥1,683,000XTM - XTM 捆绑服务包1年￥545,000XTM - 网关防病毒 特征库1年￥304,000XTM - 入侵防御 特征库1年￥304,000XTM - 网页过滤 特征库1年￥304,000XTM - 邮件过滤 特征库1年￥304,000[硬件]XTM防火墙 820 （Pro ）标机1年￥1,247,000中型网络 或 分支中心网"XTM 820" 增加"1年"保修1套￥178,000可升级至 XTM 830"XTM 820" 日期同步激活许可1套￥121,000操作系统（专业版）[硬件]XTM防火墙（捆绑 XTM & 备件服务）1年￥1,774,500用户数（2,500+）[硬件]XTM防火墙（捆绑 XTM 服务）1年￥1,365,000XTM - XTM 捆绑服务包1年￥442,000XTM - 网关防病毒 特征库1年￥246,000XTM - 入侵防御 特征库1年￥246,000XTM - 网页过滤 特征库1年￥246,000XTM - 邮件过滤 特征库1年￥246,000[硬件]XTM防火墙 810 （Pro ）标机1年￥1,011,000中型网络 或 分支中心网"XTM 810" 增加"1年"保修1套￥145,000可升级至 XTM820/830"XTM 810" 日期同步激活许可1套￥121,000WatchGuard 网络安全 XTM 5 系列产品 ↓ 产品参数型号 属性成本操作系统（标准版）[硬件]XTM防火墙（捆绑 XTM & 备件服务）1年￥1,193,400用户数（2,000）[硬件]XTM防火墙（捆绑 XTM 服务）1年￥918,000XTM - XTM 捆绑服务包1年￥285,000XTM - 网关防病毒 特征库1年￥147,000WatchGuard®XTM 830-F，适用于拥有5千终端的各类总部，如"教育、金融、能源、酒店、企业集团、运营、政府（机关单位）"支持局域网5000台PC终端(无限制用户) ,6000分支办公室VPN连接总部或数据中心网络使用,通过 XTM的智能分层技术阻止新的未知&已知威胁主动预防御防病毒、入侵防护、垃圾病毒邮件过滤、WEB内容过滤、反间谍软件、SSL-VPN、多链路负载均衡、带宽分配.专业版操作系统"Fireware®XTM-PRO"WSM管理软件,多功能安全防火墙处理性能吞吐量5Gbps，开通XTM处理后吞吐量1.6Gbps吞吐量，VPN吞吐量1.7Gbps、SSL隧道6000、IPSec隧道6000、移动IPSec：8000(默认为800个)、50个PPTP、8个DMZs、并发会话数(双向)1,000,000、每秒新建连接数：30000、局域网IP地址不受限、策略数不受限、VLAN支持400个、 本地用户认证DB 限制6000、 制物理接口：4个光纤口、6个10/100/1000自定义口、2个USB端口、1个串行端口、1个LED操作屏、1U机架式、尺寸：430mmx407mmx44mm、重量：8.8公斤、功耗最大215瓦、电源100-240V自检测。

Firebox拥有一套全面的统一威胁管理 (UTM) 解决方案，它可提供真正预防御功能，过滤间谍软件、病毒、特洛伊木马、垃圾邮件以及混合式威胁，确保您的数据安全。

而便于配置的VPN 通道实现了网络资源的加密远程接入，而其灵活的网络功能更便于对流量和带宽进行优先顺序设置，最大限度提高了效率和网络性能。

产品主要有如下特点：主动的真正预防御Firebox X Edge 所提供的强大网络防御是基于尖端的代理技术。

它们提供了内置的主动防御系统，可抵御多种类型的攻击，包括缓冲溢出、DNS 毒害、DoS 和 DDoS。

这种独特级别的真正预防御远远优于那些单独依赖数据包过滤和基于攻击特征技术来阻挡已知威胁的产品。

在您开启Firebox 的那一瞬间，您便拥有了强大的防御。

强大的综合安全功能通过在Firebox系列中添加强大的安全方案订购，可增强关键易受攻击领域的防御，它们与内置的防御系统完美配合，形成了全面的统一威胁管理解决方案：spamBlocker：有效实时过滤近 100% 的垃圾邮件和其携带的恶意软件而不受信息的内容、格式或语言所限。

WebBlocker：通过阻止 HTTP 和 HTTPS 访问恶意或不当网络内容，提高工作效率，并降低安全风险。

网关防病毒/入侵防御服务：基于攻击特征的强大的安全保护，在网关内阻止已知的间谍软件、木马、病毒及其它基于网络漏洞的攻击。

全面的网络功能为您提供可靠、灵活的网络选项，确保您的企业、远程办公室和分支办公室始终安全、连通。

为多个外部 IP 地址提供安全防御,支持 Dynamic NAT、1:1 NAT 和 PAT通过广域网容错至辅助端口或通过串口进行拨号连接，可最大限度减少网络中断时间完全的 VPN 容错，使连接性提升至最高可靠的可配置服务质量 (QoS) 机制设置动态分配带宽的优先顺序，使 VoIP 等关键任务和有时间敏感性的流量优先于次关键业务的流量安全的远程连接拥有了 Firebox X Peak，无论远程人员身处何处，均可轻松地得到保护。

WatchGuard® Technologies, Inc.Data Loss Preventionwith WatchGuard® XCS SolutionsData Loss Prevention is buiLt into aLL WatchGuarD® Xcs aPPLiance moDeLs as a PoWerfuL business tooL for controLLinG confiDentiaLinformation as it moves acrossnetWork bounDaries. This allows you to protect the growing volume of private data that traverses your network to prevent accidental or malicious data leakage in a single solution, without the need for multiplepoint products. Data loss prevention and privacy tools give you the ability to both secure information as needed to maintain policy compliance, as well as share authorized sensitive information securely with business partners outside the company.With a WatchGuard XCS appliance, you have an automatic, extensive risk management and policyenforcement boundary of outbound content. This ensures privacy and compliance, but does not impede the flow of your legitimate electronicbusiness communications.WatchGuard XCS email security solutions automatically incorporate powerful data loss prevention (DLP) capabilities to ensure that the content of outgoing email messages is in strict accord with your organization’s confidentiality and regulatory compliance policies. Adding an XCS Web Security subscription (available for all XCS models) extends those capabilities to your web-based traffic as well, for comprehensive coverage across protocols.HOW DATA LOSS PREVENTION WITHIN YOUR CORPORATE EMAIL SYSTEM WORKSsimPLifieD anD effective PoLicy manaGementD LP Wizard guides administrators through DLP configuration controls quickly and simply, allowing you to gain privacy and compliance and define remediation actions with a few simple clicks.c entralized policy management provides a single point of administration for creating, managing and enforcing content security and data loss policies to eliminate data loss gaps.P re-defined compliance dictionaries streamline the policy-setting process for HIPAA, PCI, GLBA and other regulations, and are customizable to conform with your unique business requirements and compliance regulations.c ustom policies for groups or individuals can be set to control who can send what and to whom without impeding critical business processes. Content controls include flexible and granular tools including the ability to set complex rules and even nest rules within one another.P oWerfuL content & conteXtuaL anaLysis accurateLy Detects PoLicy vioLationsD efense-in-depth methodology scans all outbound content (including files and attachments) and inspects context of the traffic (who is sending the data, where or to whom) to determine if there is a policy violation.a ttachment scanning & control provides the ability to apply existing content scanning policies to more than 400 file attachment types. Compressed file attachments can also be scanned to ensure sensitive information does not leave the organization.a pplied intelligence learns from previously allowed content to make future decisions more accurately and faster.D ata discovery and classification tools allow you to protect known confidential or sensitive data files, thereby training the system on what to look for and subsequent remediation actions to be taken upon discovery of such data.transParent remeDiation ProviDes unParaLLeLeD controL & visibiLityi nstant-on remediation actions are instantly applied when policy violations are detected for transparent protection, control and visibility of information leaving your organization. Options include block, quarantine, allow, encrypt, blind copy, or reroute content.s eamless email encryption , easily added to your solution with a WatchGuard SecureMail Email Encryption subscription, allows you to securely transmit and receive private, sensitive, and regulated information without hindering the free flow of critical business communications.GranuLar LoGGinG anD rePortinG for auDit reQuirementsP olicy violation alerts and the remediation actions taken are triggered instantly for immediate visibility.G ranular logs and one-click administration for customizable reports of policy violations are easily accessible to meet audit requirements.ADDRESS 505 Fifth Avenue South, Suite 500, Seattle, WA 98104 WEB U.S. SALES 1.800.734.9905 InTERnATIOnAL SALES +1.206.613.0895no express or implied warranties are provided for herein. All specifications are subject to change and expected future products, features or functionality will be provided on an if and when available basis. © 2012 WatchGuard Technologies, Inc. All rights reserved. WatchGuard, the WatchGuard logo, Fireware, and LiveSecurity are either trademarks or registered trademarks of WatchGuard Technologies, Inc. in the United States and/or other countries. All other tradenames are the property of their respective owners. Part no. WGCE66739_102212WatchGuarD Xcs inteGrateD Process for Data Loss PreventionData Loss Prevention is integrated into all WatchGuard XCS models. It provides comprehensive, instant protection from information loss. The system uses an integrated process for inspection, discovery, and remediation of policy violations for outbound communications containing sensitive content.1. e xamine. Outbound communications are checked for private or sensitive data, including personal information and intellectual property.2. D etermine. The sophisticated XCS policy engine determines the appropriate action to take on a message, based on pre-defined policies. P olicies are determined by the organization using customizable templates that aggregate internal policy with compliance-driven regulationsI ndustry-specific compliance dictionaries, including dictionaries for PCI, HIPAA and GLB, help make policy generation fast and effective. 3. t ake action: Take the appropriate action on the message instantly, without the need for manual intervention. Depending on pre-defined policies, the message can be allowed, blocked, encrypted, copied to a compliance officer, stamped, returned to sender, and/or entered in the audit/log.4. r eport. It is important to be able to easily document the policies that have been implemented to enforce the regulations, as well as tracking actual message traffic to ensure compliance. XCSsolutions provide granular logs for customizable reports of violations and remediation action taken to meet audit requirements.eXtenD Data Loss Prevention to Web trafficThe Web provides many exit points for sensitive information toleave your organization, including communications sent by popmail systems (hotmail, gmail, etc.), wikis, blogs, and social networks such as Facebook. Adding a Web Security subscription extends the data loss prevention capabilities of your XCS appliance* to include HTTP traffic, for comprehensive protection across protocols.S cans content in all outbound web traffic, including attachments, for policy violations.I nspects context in which communication is sent including who is sending the data, where it is being sent, and to whom.U ses the same policies developed for your organization’s email communications to save time and ensure strong and consistent enforcement.A llows administrator to manage data loss prevention across protocols from one easy-to-use administrative console.P rovides consolidated visibility and control so you can meet stringent compliance requirements.* W eb Security subscriptions are available for all XCS models.For more information on Data Loss Prevention capabilities and our complete line of powerful WatchGuard XCS solutions, visit /xcs.Examine entire content including attachmentsDetermine if content and context is in accordance with de ned policiesMonitor and provide reports to demonstrate compliance and identify gapsDeliver content in accordance withde ned policies - send, copy, encrypt, blockPrivacy & Compliance EngineInspect - Filters Validate - Dictionaries Decide - PoliciesinteGrateD Process for Privacy anD comPLiance Protection。

Watchguard 管理目录一、实时管理： (2)1、前面板 (3)2、流量监视器 (4)3、带宽表 (6)4、服务监视 (7)5、状态报告 (8)6、身份验证列表 (9)7、阻止的站点 (10)8、安全服务 (11)二、Hostwatch： (12)三、日志报告管理 (14)Watchguard 管理Watchguard的管理主要有三种方式：实时管理、Hostwatch和日志报告管理，以下是这三种方式的详细介绍：一、实时管理：Watchguard的实时管理主要通过Watchguard的专业软件WSM （Watchguard System Manager）完成，具体步骤如下：通过WSM连接到Firebox，然后打开Firebox System Manager1、前面板在前面板我们可以查看到以下主要信息：系统时间：当前Watchguard设备的系统时间，主要设及到日志，若发现和本地时间不同，可进行手动通步操作。

运行时间：指Watchguard从上次启动后，到当前共运行了多久。

Log Server：日志服务器，如配置了日志服务器，会显示其IP地址。

允许/拒绝的数据包：自从最后一次启动后，WG允许和拒绝包的数量。

已通过身份验证的用户：是指通过了身份验证的用户，如VPN用户连接：当前Firebox的连接数，Active表示激活的。

除了以上描述的事项外，在前面板的右半部分还可以看到Firebox的相关信息。

2、流量监视器流量监视器是Firebox管理的重要工具，在这里可以看到所有通过Firebox 的连接日志，绿色表示Allow，红色表示Deny；由于实时日志刷新很快，特别是在大网络里，为此WG提供了过滤工具在空格处，输入过滤的关键词，点击搜集便可；WG实时日志支持过滤外，还提供了一个十分好的工作，那就是实时的管理，即当你发现一个连接存在可疑，你可以直接右键阻止此连接，这在网络出现突发事件时，十分好用。

WatchGuard推出新一代企业网络安全设备/security/2011年11月24日14：13 来源：IT168【文章摘要】全球企业安全方案厂商WatchGuard Technologies推出新一代企业网络安全设备WatchGuard XTM 2050。

全球企业安全方案厂商WatchGuard Technologies推出新一代企业网络安全设备WatchGuard XTM 2050.新一代防火墙（next-generation firewall;NGFW）为需要高效能防火墙、应用控制和入侵预防系统（intrusion prevention system;IPS）的大型企业与资料中心提供企业层级安全防护，协助防范资料盗取、恶意程序攻击和安全漏洞。

持续专注于防火墙与网络安全本业是WatchGuard与其它竞争对手最大的不同之处，也让WatchGuard在企业网络安全市场中占有一席之地。

WatchGuard深耕公司主力产品防火墙，并结合质量最佳的统合威胁管理方案（unified threat management;UTM），提供企业端全方位的网络安全防护。

但在社群网络与Web 2.0应用程序的快速兴起下，网络攻击模式更形复杂，网络端资安防御设备也势必从以往单纯的防火墙与VPN功能，衍生出更多具延伸的安全防护机制，可延伸威胁管理方案（extensible threat management;XTM）成为解决此一问题的关键平台。

WatchGuard Technologies营销副总裁Eric Aarrestad表示：「拥有超过15年防火墙和网络安全专业，WatchGuard特别针对企业环境独特且持续变化的需求设计XTM 2050新一代防火墙。

企业可以藉由它定义、执行与稽核具安全与可接受的使用政策，在提升员工生产力的同时为具关键性的网络资源、应用程序和资料提供最佳的保护。

」南中国区业务总监梁定全强调，XTM 2050新一代防火墙特别适用于需要高速网络、多租户与虚拟化服务的中大型企业、互联网服务提供业者（ISPs）以及网页寄存公司（hosting company）。

Firewall Basics with Fi 11Presenter Name,P Ti l Fireware XTM Presenter Title Quick SetupUpgrade To XTM入门准备管理主机与Firebox学标学习目标•使用快速配置向导完成初始化•使用WSM连接设备与服务器•使用策略编辑器使用各个应用•WSM•登录XTM Web界面注册Firebox必须拥有个有效的账户•必须拥有一个有效的账户•在配置Firebox 前，必须对设备进行注册•准备好Firebox 的序列号管理工作站管作站•使用WSM管理•管理工作站运行Windows Vista（32‐bit）、Windows XP SP2、Windows Server2003•安装WSM软件•安装Fireware XTM软件使管•使用Web管理•支持浏览器的工作站•使用命令行管理•支持SSH协议WSM 软件介绍WSM软件介绍•下载必要的软件•https:///archive/softwarecenter.asp •选择对应的设备型号，并下载软件选择对应的设备型号并下载软件•WSM为管理器•Fireware是Firebox的OS•使用新软件版本前，请仔细阅读Release Note 文档Upgrade to XTM学标学习目标•Edge的XTM OS升级Ed•Edge的XTM OS降级•Core/Peak的XTM OS升级•Core/Peak的XTM OS降级将Edge的OS升级到XTM‐适用于Edge e Series注意事项•确认License文件的LSS许可在有效期内•确认当前Edge系统所运行的版本•Edge当前运行的OS版本低于v10.2.9时，请先升级OS到v10.2.9或更高版本•Edge当前运行的OS版本为XTM v11.0、v11.0.1，请先升版本或降级到更高版本级OS到v11.0.2版本，或降级到v10.2.9及更高版本•WatchGuard Management Server管理的Edge不由h可以集中统一升级到XTM，需要按照后面的步骤做单台设备升级的载设备OS的下载•Edge的OS文件从下载，这里Ed t h d下载这里有3个不同的升级文件包，请根据Edge当前的OS 版本和您的目的，选择下载。

Revision E WGD00151Important NoticeCopyright©2019WatchGuard,Inc.All rights reserved.This document and supporting data are the exclusive property of WatchGuard,Inc.and may not be copied or reproduced without permission.Software updatesWatchGuard is committed to the continual testing and improvement of our software.As new software revisions become available,these updates will be made available to your agency;fees may apply depending on your licensing agreement.Manufacturer contact informationWatchGuardWatchGuard,Inc.415East Exchange ParkwayAllen,TX75002Customer Service:1-800-605-6734Customer Service web portal:https:///hc/en-usSend us your suggestionsWe want to hear from you.Tell us about your experience and how you are using theWatchGuard REDACTIVE software.We will do our best to accommodate any suggestions you may have in future revisions.For U.S.customers,call Customer Service at800-605-6734or email us at*****************************with your comments,questions,and concerns.International customers,please contact your local distributor.Trademark noticesMicrosoft,Windows,Windows Server,.Net,and Internet Explorer are trademarks orregistered trademarks of Microsoft Corporation in the United States and/or other countries.All other marks,names,and logos mentioned herein are the property of their respectiveowners.WGD00151Revision EWatchGuard REDACTIVE3.0.3User Guide, Single User,Revision E WGD00151iiiivWatchGuard REDACTIVE 3.0.3User Guide,SingleUser,Revision E.WGD00151Note:Multiple redaction will not work with2.0version redacted videos.5 WatchGuard REDACTIVE3.0.3User Guide,Single User,Revision E WGD00151Installing REDACTIVE Single UserInstalling REDACTIVE Single UserIn this section...l Installing or Upgrading Single User Desktop(page7)l System Requirements(page7)l Upgrade from Version2.0to3.0(page7)l Installing Single User Desktop(page8)l Changing Evaluation License to Paid License(page12)6WatchGuard REDACTIVE3.0.3User Guide,SingleUser,Revision E.WGD00151Note:When working with long videos,WatchGuard recommends a16+coresystem with2GB memory,or more,per core processor for best performance.Note:Multiple redaction will not work with2.0version redacted videos.WatchGuard REDACTIVE3.0.3User Guide,7 Single User,Revision E WGD00151The User Account Control window appears.Click Yes8WatchGuard REDACTIVE3.0.3User Guide,SingleUser,Revision E.WGD00151WatchGuard REDACTIVE3.0.3User Guide, Single User,Revision E WGD001519Installing REDACTIVE Single User4.Change the location or click Next to accept the shown location.The Ready to Install window appears.5.Click Install.The Installing window appears showing the status.10WatchGuard REDACTIVE3.0.3User Guide,SingleUser,Revision E.WGD00151Click Finish.desktopImportant!License keys are distinct between the desktop and the Enterprise versions.If you switch between the two on the same machine,you must re-enter the license key.Depending on your user permissions,you may not be able to replace the license file.A"cannot save license data"message appears.If you encounter this,remove the licenses file at C:\ProgramData\WatchGuard REDACTIVE\licenses.Important!If you have a problem with your installation and have to reinstall, delete the file C:\ProgramData\WatchGuard REDACTIVE\licenses before proceeding.Getting Started with REDACTIVEGetting Started with REDACTIVEREDACTIVE is an automated redaction tool that saves you time when redacting files.It automatically identifies faces,vehicles,and license plates,but also lets you manually redact faces and other objects and edit the automated file.This section covers:l UI Controls(page15)l Video playback controls(page16)l Keyboard shortcuts(page17)1.Export Options(page33)2.Detection Type(page34)10.About(page37)11.Video playback controls(pageNote:If you choose pixelate,blur,or intensity for your redaction type, Redaction Intensity(page33)appears in place of Redaction Color.frame: Play/pause:frame:Getting Started with REDACTIVEThis page intentionally left blank.This takes you to the first screen where you import and open a videoNote:Export your videos from your Evidence Library software to a folder on your computer and then import them into REDACTIVE.o Load Data:Loads the video with the auto run,manual,and audio redactiono Delete:Removes all of the auto run,manual,and redaction information, Run Auto Redaction againREDACTIVE Workflow2.Click Delete and the file loads with all redacted information deleted.3.Click Load Data and the file loads with redacted outlines appearing.REDACTIVE WorkflowRun Auto RedactionYou can run auto redaction multiple times or you can run it once to find faces,people,licenses, and vehicles.1.Select and open a video.2.Click RUN AUTO REDACTION button.The Select Detection Types window appears.3.Choose the objects you want to redact.You can choose as many as you want.Choose whether to wait for the redaction to finish or Run in Background working.If you have a process running,REDACTIVE tells you how many processes are agency determines the number of process that can run in the background. ADVANCED button to set the maximum number of processes you can run.Review your file for false positives.Note:Redactions that you ran in version2.0.x can be rerun through autoredaction.The detection types you did not run will show up in the detection type list.See step3.If the frame is in more than one place in the video,you may want to delete it from beginning to end.See editing an object(page32).Note:The Objects List is disabled when a version2redacted video is on thescreen.REDACTIVE Workflow2.Choose Cancel,Static,or Automatically Track for each bounding box you added.o Cancel:Removes the bounding box you've drawn and returns to playback modeo Static:Saves the new bounding box on this frame onlyo Automatically Track:Tracks the outlined object for as far as it extends in either directionPerform audio redactionYou can also redact audio choosing to submit only a section of the audio.Or,you can mute the entire video.1.Click Redact Audio to bring up a visual display of the audio(page46).2.Click Remove All Audio box to mute all audio for the event.3.Click Remove All Audio box again to restore the audio to the event.4.Press,hold,and drag the mouse across the audio display to select the portion you want toredact(mute).If you did not get all you wanted,pull the timelineMove the timeline to the position you want to capture.a.Click and drag the audio timeline for the audioDrag the audio until it connects with the first selection, worry about overlap.The two sections will merge.The entire selection is muted.REDACTIVE WorkflowRedact audio1.Click and drag the cursor over the waveform to mute the audio.A red highlight appears.If the selected region overlaps or abuts an already muted region,the two regions combine into one segment.The entire region is muted.To change this,you have to unmute the region and start over.2.Click and drag either end of a selection to change the region to be muted.3.Right click in the region and select Unmute to remove the selection.o Go to last frame:Goes to theThe video file is exported to an MP4container with compression).REDACTIVE WorkflowExport optionsYou can control what your redacted file looks like with the Export Options.Detection TypeThis setting tells you what is redacted in the video or if you did the redaction manually.Redaction TypeYou choose how the redaction on your objects appears:l Outline:Shows the colored box or ellipse;the face is till viewable;this is more of a highlight than a redaction.Choose the bounding box color from the Redaction Color selection.The redaction colors are only available for Outline and Fill.l Fill:Covers the subject with a solid color,obscuring the face.Choose the fill color from the Redaction Color selection.The redaction colors are only available for Outline and Fill.l Pixelate:Covers the subject with broken up pixels,obscuring the face.l Blur:Blurs the faceNote:Redaction Intensity appears when you use Pixelate,Blur,or Mosaic.REDACTIVE WorkflowAudio RedactionBeep or mute out the section of audio you want to redact.If you do not want to export the entire video,you can select which part of the video and audio you want to export.You set the slider bar to where you want to start your selection and stop it where you want to end your selection.(page38)View OptionsThe View Options selections change the display of the outlines while in REDACTIVE.View options cannot be run on an exported video.The two options include:l Multicolored objects:displays outlines in a range of colors to allow easy and immediate differentiation of objectsl Show object labels:Overlays a number on the bounding box aiding in object differentiationThe default is on for both multicolored objects and labels.Advanced settingYou can run concurrent auto redactions and continue to work on other videos at the same time.Running multiple auto redactions can slow the performance of your system.You will haveTo run a partial video:1.Uncheck the Export entire video box.2.Select the Start and End times for the part of the video you want to export.Important!You can only export a file once.You cannot remove any redaction after a file has been exported.o Download Video downloadsOpen the downloaded fileThe video file is exported to an MP4container with compression).Note:The redaction processing speed is improved when running auto redaction on an Intel CPU.The speed still depends on the size of the video and your system.Understanding REDACTIVEBox43also appears in the next frame.Select Delete object to remove the box in both frames.On bounding box43,you can right click your mouse and choose Delete object to remove this bounding box.You have six options on the bounding box on box43:l Go to first frame-moves to the first frame the bounding box appears inl Go to last frame-show the last frame box43appears inl Delete object-removes the bounding box from the video and the Object List The rest of the frame remains the samel Delete to beginning-removes bounding box43from this point to the beginning of the video l Delete to the end-removes bounding box43from this point to the end of the videol Split object-splits the bounding box into two separate objects-one goes to the beginning,Tip:REDACTIVE performs with more accuracy using high definition(HD)versus standard definition(SD)videos.Shown here is the same video captured with a VISTA Wearable Camera.One video is set to HD and one to SD.Note:You can run automatic redaction only once on a video.When you close the video,you can reopen it and delete the redaction data and run automatic redaction again.Understanding REDACTIVEFor more information...How to Edit Objects(page32)Redact audio1.Click and drag the cursor over the waveform to mute the audio.A red highlight appears.If the selected region overlaps or abuts an already muted region,the two regions combine into one segment.The entire region is muted.To change this,you have to unmute the region and start over.2.Click and drag either end of a selection to change the region to be muted.。

Firebox ® X Core™WatchGuard ®产品介绍高级多层安全防御Firebox X Core 是在智能分层架构的基础上开发而来。

在此架构中，各安全保护层共同加强整体防御功能，同时层与层之间的协作通信减少并优化了处理过程。

因此，您无需牺牲网络性能即可获得安全防御。

预防御在软件安全漏洞使新型的网络攻击变为可能的形势下，Firebox X Core 的内置式预防御随时准备保障您客户网络的安全。

这些预防御功能包括先进的代理技术，能够在新威胁出现之时就加以分辨和阻止，保障您能够不受影响，顺利开展业务。

直观的集中管理WatchGuard® System Manager (WSM)提供直观的图形化用户界面，用于管理Firebox X Core UTM 解决方案的所有功能。

WSM 提供综合日志系统、创建拖放VPN 以及实时监控功能，而且不存在隐含成本，也无需购买更多硬件。

只用一种界面即可管理安全解决方案(包括部署多台设备的情况)的所有方面，因此该产品更加节约您的时间及金钱。

综合安全功能提供更加精心的保护每一项WatchGuard 的安全服务与Firebox X Core 的内置式预防御功能联手打造超强安全保护能力。

所有新添加的安全分层均高度集成，而且定购价格均按每一设备(而非按用户数量)计算，因此绝对不会增加额外成本。

所有服务均由WSM 统一管理，用户可实时查看所有服务状态，而且，可以持续更新这些服务，获得最新的保护。

•网关防病毒/入侵防御服务： 基于攻击特征的强大的安全保护，阻止间谍软件、木马、病毒及其它基于网络的漏洞攻击。

•spamBlocker业内最佳的垃圾邮件过滤系统，阻止垃圾邮件的有效率可高达97%。

•WebBlocker强化对员工在上班时间浏览网络内容的访问限制，同时，保护用户免受恶意网站的攻击。

专家指导与支持WatchGuard LiveSecurity®服务为您提供全球安全专家团队支持，帮助您将复杂的IT 管理工作变得更为便捷。