Remove a Device from WatchGuard Cloud

Applies To: Cloud-managed Fireboxes, Locally-managed Fireboxes, WatchGuard Cloud-managed Access Points

Overview

You can remove a device from WatchGuard Cloud. This unregisters the device from your WatchGuard Cloud account and removes the device's stored log and report data from WatchGuard Cloud.

If you remove a cloud-managed Firebox from WatchGuard Cloud, the Firebox becomes locally-managed, and continues to use the last deployed configuration and device passwords.

For information about how to:

Remove a FireCluster from WatchGuard Cloud, go to Remove a FireCluster from WatchGuard Cloud.
Remove a Firebox from cloud management, but continue to monitor the device in WatchGuard Cloud, go to Remove a Firebox from Cloud Management.

Your operator role determines what you can see and do in WatchGuard Cloud. Your role must have the Devices permission to view or configure this feature. For more information, go to Manage WatchGuard Cloud Operators and Roles.

WatchGuard Cloud Status for a Removed Firebox

When you remove a Firebox from WatchGuard Cloud, WatchGuard Cloud remains enabled in the Firebox configuration. If you do not disable WatchGuard Cloud on the Firebox, the Firebox continues to attempt to connect. After you remove the Firebox from your WatchGuard Cloud account, the WatchGuard Cloud status on the Firebox changes to Not Connected immediately. After a few minutes, the WatchGuard Cloud status on the Firebox changes to Failed Registration. For more information about WatchGuard Cloud status for locally-managed Fireboxes, go to WatchGuard Cloud Status on the Firebox.

AuthPoint Status for a Removed Firebox

When you remove a locally-managed or cloud-managed Firebox from WatchGuard Cloud, if you previously configured AuthPoint MFA for that Firebox, the Firebox resource in AuthPoint is no longer associated with the Firebox and you must delete the resource. To continue to use the AuthPoint authentication server on the Firebox, you must add the device to WatchGuard Cloud again and add a new Firebox resource for the device in AuthPoint.

To use AuthPoint MFA with your Firebox without adding it to WatchGuard Cloud, you can add the Firebox to AuthPoint as a RADIUS client resource. For more information, go to Configure MFA for a RADIUS Client.

Data Deletion for a Removed Device

When you remove a device from your WatchGuard Cloud account, the device immediately disappears from the list in your account and you cannot see log and report data for the device. WatchGuard deletes log data associated with your device from WatchGuard Cloud servers within one day.

If you add the device back to your WatchGuard Cloud account on the same day you removed it, and before WatchGuard deletes the data for that device, the previously stored log data and reports become visible again.

If you remove a cloud-managed device, WatchGuard continues to store device configuration data for one year, or until you deallocate the device from the account, whichever comes first. If you later add the device back to the same account as a cloud-managed device, the Deployment History shows previous configurations deployed to that device.

Data Retention License for a Removed Device

When you remove a device from WatchGuard Cloud with a Data Retention license assigned to it, the Data Retention license becomes unassigned and is available to assign to another device in your account. For more information, go to Manage Data Retention Licenses.