Below is a list of Requests for Engineering and Enhancements that have been submitted to Watchguard for the XTM UTM Appliance Range
If you would also like any of these features then I would suggest that you raise a Technical support case with Watchguard and mention the appropraite RFE within your support ticket. You should also ask the case to be set to Status: Bug/Enhancement Submitted and select “Receive BUG/RFE Updates?” so that you are alerted when the feature is implemented in a new XTM OS release. The more cases that are logged against an RFE the faster Watchguard are likely to get the new feature implemented.
- RFE61499 – Support for FTP through Explicit TLS/SSL
- RFE62784: Ability to choose dns server requests on dedicated external interface
- RFE66209 Protection against Brute Force Attacks on OWA, FTP and SMTP
- RFE67449 – Support for SMTP PIPELINING
- RFE67450: support for DSN in SMTP proxy
- RFE67451: support for ENHANCEDSTATUSCODES in SMTP proxy
- RFE72251: Local WebBlocker Server with Websense Categorization Engine
- RFE73433 Ability to block or drop traffic based off of geographic location
Please also feel free to post your comments about these feature requests and any others that you think would be beneficial. I will update the post with new RFE’s so that we can collectively push Watchguard product development for them to be implemented.
Watchguard XTM 1050, XTM 2050, XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.6.6 Build # 422607
- A number of kernel crashes have been resolved. [73624, 73714, 72553]
- An issue that caused the firewalld process to crash has been resolved. 
- MSS handling has been improved to enable the MTU to be adjusted independently for inbound and outbound proxy connections. This improvement prevents applications such as Facebook from stalling.
Proxies and Subscription Services
- Several problems that caused spamBlocker process crashes to occur have been resolved. [72730, 73427, 73429]
- You can now configure spamBlocker thresholds with the Web UI. 
- You can now show the serial number variable in the HTTP proxy deny message. 
- The HTTPS proxy now correctly handles Multiple-Domain Certificates. 
- This release offers improved site name detection when you use WebBlocker with the HTTPS proxy. 
- This release resolves several issues that caused the Gateway AV scanning process to fail and restart. [73100, 72788, 62451, 69866, 67509]
Logging and Reporting
- The loggerd process no longer uses excessive CPU. 
- Dynamic DNS updates no longer fail. 
- This release resolves a memory leak that occurred when DHCP is enabled on the external interface but the DHCP server is not responding. 
- The XTM device DHCP server now correctly sends a NACK reply for devices that have an existing DHCP lease. [72726, 72551]
- This release includes numerous improvements to XTM wireless stability. [73386, 73126, 72568, 72569, 72414, 72033, 72034, 72035, 72036, 72054, 71606]
- This release resolves an issue that caused branch office VPN to stop functioning after you upgrade from Fireware XTM v11.4.x to v11.6.x. 
- This release offers improved VPN stability when using aggressive mode branch office tunnels. 
- This release resolves an issue that caused traffic through a branch office VPN tunnel to stop for XTM 3 Series and XTM 25/26 devices. [72549, 72547, 72548]
- This release improves the Mobile VPN with SSL authentication page error handling to prevent cross-site scripting attacks. 
- This release resolves an issue that prevented the XTM 800, XTM 1500, and XTM 2500 Series devices from correctly using the IPSec encryption chipset under certain conditions. 
- SNMP now displays an accurate number of branch office VPN tunnels. 
Watchguard XTM 1050, XTM 2050, XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.7.3 – CSP2 Build # 422637
[BUG72788, 69866, 62451, 67509, 70618] Resolved issue causing the AV scanning process to crash and restart
[BUG73560, BUG73557] Resolved kernel crash
Watchguard XTM 1050, XTM 2050, XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.7.3 – CSP1 Build # 420827
11.7.3 CSP1 Build # 420827 Resolves the following issues:
- [BUG72788] Resolved issue causing the AV scanning process to crash and restart.
You can request 11.7.3 – CSP1 Build # 420827 from Watchguard Support by logging a support case online, they should then be able to provide an ftp download link and appropriate credentials.
Please note that Watchguard CSP releases are cumulative so you should only need to apply the latest to ensure that you also have any previous fixes.