Enable TDR on Your Firebox

To detect indicators of threats on your network, the Threat Detection and Response subscription service collects and analyzes forensic data from the Firebox and from hosts on your network. For more information, see About Threat Detection and Response.

Before you can enable Threat Detection and Response on your Firebox, your Firebox must run Fireware v11.12 or higher and must have the Threat Detection and Response subscription service enabled in the feature key. For more information, see:

Get your TDR Account UUID

Before you can enable Threat Detection and Response on a Firebox, you must know your Threat Detection and Response Account UUID.

To find your Account UUID:

  1. Log in to the TDR web UI as a user with Operator credentials.
  2. Select Devices > Firebox.
    The Account UUID appears at the top of the page.

Screen shot of the Account UUID in the Firebox Configuration page

  1. Copy the Account UUID.

Enable Threat Detection and Response

To enable Threat Detection and Response on the Firebox, you must add the Account UUID to your configuration.

For information about how to see the status of the Firebox connection in your TDR account, see See Firebox Status in TDR.

Configure Firewall Policies on Your Firebox

When you enable Threat Detection and Response in Fireware v11.12.1 and higher, the WatchGuard Threat Detection and Response policy is automatically added to the configuration. This WG-TDR-Host-Sensor packet filter policy enables Host Sensors on the trusted network to connect to your TDR account.

If your Firebox runs Fireware v11.12 or lower, when you enable TDR from Policy Manager or Fireware Web UI, you must manually add this policy. For information about how to create this policy, see Add a Policy for TDR Host Sensor Traffic.

After you enable Threat Detection and Response, make sure you that you configure the firewall policies on your Firebox to inspect network traffic, generate log messages, and allow connections from Host Sensors.  For more information, see Configure Proxy Policies for TDR.

Give Us Feedback     Get Support     All Product Documentation     Technical Search