Manage Network Defense Goals

Applies To: ThreatSync+ NDR

This feature is only available to participants in the ThreatSync+ NDR Beta program.

The Manage Network Defense Goals page is where you manage your network defense goals and objectives for defense goal reports. A network defense goal is a collection of defense objectives, each organized around a specific prevention area. Each defense objective consists of a set of controls that should be enabled and monitored to help prevent attacks.

You can enable specific defense goals, configure which defense objectives to include in your defense goal reports, configure the defense controls for each objective, and modify compliance thresholds for your organization.

Screenshot of the Manage Network Defense Goals page in ThreatSync+ NDR

The Ransomware Prevention Defense Goal report is available with all ThreatSync+ NDR license types. We recommend you add the WatchGuard Compliance Reporting license to configure additional defense goals. For more information, go to About WatchGuard Compliance Reporting.

Configure Defense Goals and Objectives

To configure defense goals and objectives for your defense report, from WatchGuard Cloud:

  1. Select Configure > ThreatSync+ NDR > Compliance.
    The Manage Network Defense Goals page opens.
  2. Enable the defense goals you want to include in the report.

The Ransomware Prevention toggle is enabled by default.

  1. Expand the defense goals to show a list of objectives. Enable the objectives you want to include in the report.
  2. Expand each objective to configure the defense controls.

Screenshot of a network defense goal expanded to show a list of objectives and controls

  1. Within each objective, disable controls you want to exclude or enable the policies that provide the data for the controls.

When you first enable a defense goal, some of the underlying policies for the controls might be disabled. Disabled policies show a Not Active status. Click the status to change the policy to Live. If there are no policies associated with a control, a No Policy Exists status shows. Click the status to go to the Policies page where you can create a new policy. For more information, go to Configure ThreatSync+ NDR Policies.

  1. Each control has a threshold that it uses to determine if the control is compliant or not. Modify the compliance thresholds for controls to align with the business policies of your organization.

The default threshold values are set so that when there is an alert count greater than zero, or the threat score of any alert is greater than 50, the control shows as Not Compliant in the Ransomware Prevention Defense Goal report.

Screenshot of the compliance threshold default values for a control

Related Topics

Ransomware Prevention Defense Goal Report

ThreatSync+ NDR Executive Summary Report

ThreatSync+ NDR Reports

Configure ThreatSync+ NDR