How would I see who connected via VPN yesterday or the day before? How would I see if an IP I can see is connected now connected last week?
Dimension server (local) retention is based on disk size of server or Cloud retention is 30 days for Total, 1 day for Basic. They will be extending Cliud retention, but no date yet, 365 for Total and 30 for Basic.
Personally, the Cloud option is better, takes a bit to get used to but the ability to boolean search makes it worth it.
They have what’s called Dimension logging server. Free download on Watchguard. Com downloads page. 10/10 would recommend
You can also send logs to watchguard cloud. 2/10 no recommend
We moved all of clients from dimension to cloud. Overall working well. Just wish longer retention. Those with the requirement, also push into 3rd part syslog or Siem. Is WSM still an option??
Dimension is great, easy to install and configure.
We use it for logging only and manage our cluster via WSM.
The real downside is when you need to export the logs
- it’s a bit slow
- exporting from already filtered content creates a wierd “xml” column in your csv.
- exporting 2 weeks of logs is impossible, maybe because of software limitations or hardware limitations on our istance
Currently managing over 350 Fireboxes, all locally managed with Cloud logging. The retention upgrade is coming, I know that much, was supposed to be this quarter, but I’ll know more when I get back from Apogee in April, if it hasn’t been implemented by then. We syslog and SIEM everything and I still use Cloud as it’s quicker for me to search than trying to dig through another vendors’ UI. WSM does not have the ability to search logs though, only current traffic, however you can expand it to maintain the last 200,000 entries, in certain environments, that doesn’t last more than a few minutes at most.
Dimension’s built-in database is configured for the lowest common denominator (a system with a 40GB hard drive, single CPU core, and 2GB of RAM.) Using an external database, or poking WatchGuard’s support team to help adjust the built-in database will generally get you better performance. (It depends a lot on the system you’re running it on.)
Last I heard, roadmap was end of March for increased cloud retention, something like 30 days with Basic Security and 1 year with Total Security.
Jealous you are headed to Apogee!!
It’s in May - don’t visit in the wrong month 
April 4th-6th is what I’m registered for in Kansas City.
Aha, Europe for me. Your one didn’t even cross my mind 