Firewall News

Top Menu

  • Home
  • Our Blog
  • Contact Us

Main Menu

  • Software Updates
  • Alerts & Bugs
  • Out of the Box
  • Home
  • Our Blog
  • Contact Us

Firewall News

Firewall News

  • Software Updates
    • WatchGuard logo

      TDR 6.0.0 is now integrated into WatchGuard Cloud

      04/01/2021
      0
    • Sophos Logo

      XG Firewall 17.5 MR14 Released

      30/07/2020
      0
    • Sophos Logo

      Sophos Firewall Manager SFM 17.1 MR4 Released

      27/07/2020
      0
    • Sophos Logo

      Sophos Enterprise console - Endpoint Security and Control v10.8.9 for Windows has ...

      16/07/2020
      0
    • Sophos Logo

      Sophos iView v3 MR-2 Released

      07/07/2020
      0
    • Sophos Logo

      SD-RED Firmware 3.0.002 Pattern Update

      06/07/2020
      0
    • Sophos Logo

      XG Firewall 17.5 MR13 Released

      06/07/2020
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for old firmware v17 and v17.1 for XG Firewall

      03/07/2020
      0
    • WatchGuard logo

      Fireware 12.5.4 Now Available

      01/07/2020
      0
  • Alerts & Bugs
    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      29/03/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Updates

      03/03/2022
      0
    • WatchGuard logo

      WatchGuard Support Alert

      23/02/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Reminder

      03/02/2022
      0
    • Sophos Logo

      Sophos: Product Lifecycle Information: Extended Support for Windows 7 and Windows Server ...

      31/01/2022
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for Sophos SSL VPN Client

      29/11/2021
      0
    • WatchGuard logo

      WatchGuard: macOS Monterey 12.0.1 Does Not Support the AuthPoint Logon App

      09/11/2021
      0
    • Sophos Logo

      Sophos UTM Manager (SUM) End of Distribution

      04/11/2021
      0
    • WatchGuard logo

      WatchGuard: End of Sale Notice: AP420

      01/11/2021
      0
  • Out of the Box
    • WatchGuard’s Firebox T80 Earns 5-Star Rating in SC Labs Review

      17/11/2020
      0
    • WatchGuard Wins Big in CRN 2020 Tech Innovator Awards

      16/11/2020
      0
    • Coronavirus scams: what to look for and how to stop them

      02/04/2020
      0
    • Dell SonicWALL TZ 300

      Out the Box - Dell SonicWALL TZ 300

      05/07/2016
      0
    • Dell SonicWALL TZ SOHO

      Out the Box - Dell SonicWALL TZ SOHO

      05/07/2016
      0
    • WatchGuard Firebox T50

      WatchGuard Firebox T50

      31/03/2016
      0
    • WatchGuard Firebox M200

      WatchGuard Firebox M200

      31/03/2016
      0
News
Home›News›Wi-Fi Key Reinstallation Attack “KRACK” Update: Protecting Unpatched Devices

Wi-Fi Key Reinstallation Attack “KRACK” Update: Protecting Unpatched Devices

By admin
20/10/2017
1870
0
Share:
WatchGuard KRACK

Summary
On October 16, 2017, security researchers announced several vulnerabilities in the WPA/WPA2 encryption protocol that affect countless Wi-Fi enabled devices worldwide. As a result of KRACK, Wi-Fi data streams, including passwords and personal data, can be intercepted, decrypted, and modified without a user’s knowledge. This security flaw means that, for vulnerable clients and access points, WPA- and WPA2-encrypted Wi-Fi traffic is potentially exposed until certain steps are taken to remediate the issue.

Presently, there are 10 known vulnerabilities that comprise KRACK. WatchGuard is providing patches for all of our affected products. For non-WatchGuard devices, users should refer to their vendor’s website and security advisories to determine if they are affected, and if updates are available. Even though most companies will provide patches, it’s likely that unpatched devices will interact with your network and expose you to risk. WatchGuard offers additional methods to protect unpatched client devices from KRACK.

How to Mitigate KRACK 
The steps below describe recommended actions to protect your network from KRACK vulnerabilities in various scenarios, including from unpatched client devices.

    1. Update your access point (AP) firmware (10/30/17)
      • WatchGuard will provide patches for all supported APs and tabletop appliances with embedded wireless APs.

 

    1. Enable “Mitigate WPA/WPA2 key reinstallation vulnerability in clients” feature. The AP can compensate for the unpatched clients with this setting enabled. Mitigation is recommended only until all clients are patched.
      • AP managed by GWC: Available for the AP120, AP320, AP322, and AP420 with the upcoming 10/30/17 patch.
      • AP managed by Wi-Fi Cloud (link to WatchGuard Knowledge Base article is below).
      • Firebox with built-in Wi-Fi: Available on the T-10W, T-10W, and T-50W with TBD firmware update.
      • In a small percent of cases, mitigation may exacerbate client connectivity issues in environments already suffering from weak signal coverage or high interference.

 

  1. Enable “AP MAC Spoofing Prevention” setting in Wi-Fi Cloud WIPS policy.
    • AP managed by GWC: manage your APs with a Wi-Fi Cloud license and acquire dedicated WIPS sensors for your environment.
    • AP managed by Wi-Fi Cloud: enable setting in the management interface.

 

Additional Information

  • Learn more about the WatchGuard patch schedule, and the KRACK Common Vulnerability and Exposure (CVE) identifiers in our Product and Support Blog post.
  • WatchGuard Knowledge Base article: WatchGuard Wi-Fi Cloud and the KRACK WPA/WPA2 wireless vulnerabilities.
  • Read more about AP MAC spoofing prevention and Wireless Intrusion Prevention Systems (WIPS)
Previous Article

Cisco Meraki – Action Required: Critical Security ...

Next Article

Sophos SFOS 17.0.0 GA Released

0
Shares
  • 0
  • +
  • 0
  • 0
  • 0
  • 0

Related articles More from author

  • BarracudaNews

    Finally! A platform approach to application security

    05/11/2019
    By admin
  • Sophos Logo
    News

    Sophos Central Adds Support for SIEMs (Splunk, ArcSight, etc)

    04/11/2016
    By admin
  • TrendMicro

    Faster and More Accurate Malware Detection Through Predictive Machine Learning

    08/11/2019
    By admin
  • WatchGuard Firebox M200 and M300 Stack
    News

    WatchGuard Introduces New Firewalls – Firebox M200 and M300

    05/06/2015
    By admin
  • Sophos CRN ARC 2018
    News

    Sophos gets top marks in CRN’s 2018 Annual Report Card

    24/08/2018
    By admin
  • Fortinet
    FortinetNews

    Media Alert: Fortinet to Showcase Digital Innovations in Security at Accelerate 2020 Global Conferences

    27/01/2020
    By admin

  • Sophos Logo
    Alerts & BugsSophos

    Sophos Advisory: CVE-2019-17059: Cyberoam Firewall Remote Code Execution Vulnerability

  • Meraki Las Vegas
    News

    WHAT HAPPENS IN VEGAS…IS POWERED BY MERAKI

  • Sophos Logo
    Alerts & BugsSophos

    Sophos – Advisory: SafeGuard File Encryption Engine – build 29 withdrawn

Timeline

  • 29/03/2022

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

  • 03/03/2022

    Sophos: Important Product Lifecycle Updates

  • 01/03/2022

    Shoring up your cybersecurity posture in light of ongoing crisis

  • 23/02/2022

    WatchGuard Support Alert

  • 03/02/2022

    Sophos: Important Product Lifecycle Reminder

Sponsored Links

Latest Comments

  • Paul Sillars
    on
    21/06/2016
    I received this in an email this morning, it was the first I heard about it ...

    Dell Software Group sold to help fund looming EMC deal

  • Paul Sillars
    on
    20/06/2016
    This is going to be an interesting one to watch. Especially after today's announcement that ...

    Ingram Micro gets distribution access to Dell’s security range in Australia

Find us on Facebook

Firewall.News Logo

This site serves more as a reference point for some of the major security vendor's updates and product/press releases

It will never be a definitive list, but it helps our customers keep up to date and also allows us to express our comment and observations as well.

About us

  • PO Box 451, North Lakes, Queensland, 4509, Australia
  • [email protected]
  • Recent

  • Popular

  • Comments

  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Sophos Logo

    Sophos: Important Product Lifecycle Updates

    By admin
    03/03/2022
  • Shoring up your cybersecurity posture in light of ongoing crisis

    By admin
    01/03/2022
  • WatchGuard logo

    WatchGuard Support Alert

    By admin
    23/02/2022
  • Dell SonicWALL Supermassive

    Ingram Micro gets distribution access to Dell’s security range in Australia

    By admin
    14/06/2016
  • Francisco Partners and Elliott Management to Acquire the Dell Software Group

    Dell Software Group sold to help fund looming EMC deal

    By admin
    21/06/2016
  • WatchGuard Firebox M500 – The Cure for HTTPS Performance Headaches

    By admin
    05/03/2015
  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Paul Sillars
    on
    21/06/2016

    Dell Software Group sold to help fund looming EMC deal

    I received this in ...
  • Paul Sillars
    on
    20/06/2016

    Ingram Micro gets distribution access to Dell’s security range in Australia

    This is going to ...

Follow Me

  • Contact
  • About Us
  • Home