About Firebox Device Settings and Actions in WatchGuard Cloud

Applies To: Cloud-managed Fireboxes, Locally-managed Fireboxes

Overview

In WatchGuard Cloud, on the Device Settings page, you can view Firebox device details and initiate actions such as Firebox reboots and FireCluster failovers.You can also enable logging or remove a Firebox from WatchGuard Cloud or cloud management.

Your operator role determines what you can see and do in WatchGuard Cloud. Your role must have the Devices permission to view or configure this feature. For more information, go to Manage WatchGuard Cloud Operators and Roles.

Connection, Device, and License Details

When you select an individual device, the upper section of the page shows connection status, device information, and license details for the device. For a FireCluster, this section shows information about both Firebox cluster members.

Screenshot of the WatchGuard Cloud Device Settings, Information section

Screenshot of the device information and license details for a FireCluster

On the Device Summary page, this section also shows an Uptime value that is not included in these images.

For more information about device status, you can select the device or folder, and look at logs, dashboards, and reports. For more information, go to View WatchGuard Cloud Device Reports.

Connection Status

Connection status appears below the image of the device. The connection status indicates whether the device is connected to your WatchGuard Cloud account. It can be one of these values:

Never Connected — The device has never connected to WatchGuard Cloud.

Connected — The device is connected to WatchGuard Cloud.

Not Connected — The device is not connected to WatchGuard Cloud.

Inactive — The device is inactive. For more information, go to Inactive Devices and Data Retention.

Screenshot of the WatchGuard Cloud Device Settings, Connection Status

If the status is Never Connected or Not Connected, look at the WatchGuard Cloud status on the device. For more information, go to WatchGuard Cloud Status on the Firebox.

The expected status of cluster members depends on the cluster type:

Active/Passive FireCluster

Only the cluster master connects to WatchGuard Cloud. The status of the cluster master is Connected. The status of the backup master is Never Connected or Not Connected.

Active/Active FireCluster (Locally-managed FireClusters only)

Both cluster members connect to WatchGuard Cloud. The status of both members is Connected. To determine which Firebox serial number corresponds to the cluster master or backup master, connect to Fireware Web UI and select System Status > FireCluster. Or, in WatchGuard System Manager, connect to the cluster and expand the Cluster section.

Reboot and Upgrade

For individual Fireboxes that run Fireware v12.5.2 and higher, you can reboot and upgrade the Firebox on the Device Summary page. For more information, go to Reboot a Firebox from WatchGuard Cloud and Manage Fireware Versions for Devices in WatchGuard Cloud.

You can select to reboot or upgrade a locally-managed or cloud-managed FireCluster members. For more information, go to Reboot a Cluster Member in WatchGuard Cloud and Upgrade a FireCluster in WatchGuard Cloud.

FireCluster Failover

You can select to fail over a locally-managed or cloud-managed FireCluster.

For more information, go to Fail Over a FireCluster in WatchGuard Cloud.

Device Information

The Device Information section includes basic information about the device:

  • Name — For a device that has never connected, this is the name assigned to the device when it was registered at www.watchguard.com. After the device has connected, this is the name configured on the device.
  • Model — The device model.
  • Version — For a device that has never connected to WatchGuard Cloud, this is the version of firmware the device was manufactured with. After the device has connected, this is the version of firmware installed on the device.
  • Serial Number — The device serial number.
  • IP Address — The public IP address of the connection from WatchGuard Cloud. If the device is not connected, it shows the last IP address the device connected from WatchGuard Cloud.
  • Uptime — The amount of time in days, hours, and minutes since the device last rebooted. This information is available only after the device has connected to WatchGuard Cloud. This value only appears on the Device Summary page. If the device is not connected, the value reflects the uptime as of the last time the device connected to WatchGuard Cloud. The value might take up to 30 minutes to update.

Screenshot of the WatchGuard Cloud Device Settings, Device Information

For a FireCluster, the Device Information section also includes a member number for both cluster members. This number indicates the order in which you added the Fireboxes to WatchGuard Cloud:

  • Member1 is the first Firebox that you added to WatchGuard Cloud.
  • Member2 is the second Firebox that you added to WatchGuard Cloud.

Screenshot of the Device Information and License Details for a FireCluster

If you remove a Firebox from a FireCluster, that member becomes Inactive.

Click the Older Devices link below the cluster member list to view details about previous cluster members.

Screenshot of the Older Devices details for a FireCluster

License Details

The License Details section indicates the type of device security subscription, and license and data retention period. The license type can be:

  • Total Security Suite — WatchGuard Cloud is licensed to this device as part of a Total Security Suite subscription.
    • For reports, this license includes 30 days of data retention, plus the number of days associated with the Data Retention license assigned to the Firebox if a Data Retention license is purchased.
    • For Log Manager and Log Search, this license includes 365 days of data retention. 10 days of log data (plus the number of days associated with the Data Retention license assigned to the Firebox) is available for fast searches.
  • Basic Security Suite — WatchGuard Cloud is licensed to this device as part of a Basic Security Suite subscription.
    • For reports, this license includes 1 day of data retention, plus the number of days associated with the Data Retention license assigned to the Firebox if a Data Retention license is purchased.
    • For Log Manager and Log Search, this license includes 90 days of data retention. Fast search is not available with Basic Security Suite unless you purchase a Data Retention License.
  • Standard Support — WatchGuard Cloud is licensed to this device as part of the Standard Support license. There is no data retention.

Screenshot of the WatchGuard Cloud Device Settings, License Details

License and data retention status information includes:

  • Status — The status of the WatchGuard Cloud license in the device Feature Key. If the license is not expired, the status is Valid.
  • Expiration — The date the WatchGuard Cloud license expires.
  • Log Data Retention — The number of days of data retention for Log Manager and Log Search. This includes the number of days in the device license plus days added from the Data Retention license allocated to the device. For more information, go to Manage Data Retention Licenses.
  • Report Data Retention — The number of days of data retention for reports. This includes the number of days in the device license plus days added from the Data Retention license allocated to the device. For more information, go to Manage Data Retention Licenses.

ThreatSync

If ThreatSync is enabled for your account and the Firebox has an active Total Security Suite subscription, the ThreatSync section appears. When ThreatSyncis enabled in the Firebox device settings, the Firebox sends data to ThreatSync and receives remediation actions. If you disable ThreatSync in the Firebox device settings, you disable the device from communicating with ThreatSync in WatchGuard Cloud at the device level.

Screen shot of the ThreatSync toggle on the Device Settings page

For more information about ThreatSync requirements, go to Quick Start — Set Up ThreatSync.

Your operator role determines what you can see and do in WatchGuard Cloud. Your role must have the ThreatSync Core permission to view or configure this feature. For more information, go to Manage WatchGuard Cloud Operators and Roles.

Device and FireCluster Logging

In the Device Logging section, you can enable and disable logging from your Firebox or FireCluster to WatchGuard Cloud. Logging is required to generate logs and reports for the Firebox or FireCluster.

Screen shot of WatchGuard Cloud Device Settings, Device Logging

Screen shot of the FireCluster logging section

For more information, go to Disable or Enable Logging to WatchGuard Cloud and Manage FireCluster Logging in WatchGuard Cloud.

Connect Device

If a Firebox is not connected to WatchGuard Cloud, the Connect Device section appears on the Device Settings page.

If a Firebox is already registered and managed with WatchGuard Cloud but has lost the connection (shows Not Connected status and has not connected within 10 minutes), click Connect to manually connect your device.

Screenshot of the Connect Device button in the WatchGuard Cloud device settings

It might take several minutes for the device to reconnect to WatchGuard Cloud after you click the Connect button.

If the Firebox still does not connect, you might have to remove and re-add the Firebox to WatchGuard Cloud.

If the Firebox has never connected to WatchGuard Cloud or has the status Not Connected for longer than 10 minutes, you might need to enter a verification code. For more information, go to Regenerate the Firebox Verification Code.

Remove a Device or FireCluster

You can remove a Firebox or FireCluster from WatchGuard Cloud. This unregisters the device or FireCluster from your WatchGuard Cloud account. The device and stored data are not visible in WatchGuard Cloud. If you remove a cloud-managed Firebox, it becomes a locally-managed device and uses the last deployed configuration.

Screen shot of WatchGuard Cloud Device Settings, Remove Device

Screen shot of the Remove FireCluster dialog box

For more information, go to Remove a Device from WatchGuard Cloud and Remove a FireCluster from WatchGuard Cloud.

Remove a Device from Cloud Management

For a cloud-managed Firebox or FireCluster, you can remove the device from cloud management and keep it in WatchGuard Cloud as a locally-managed device. The Firebox and stored log and report data for the device are still viewable in WatchGuard Cloud. If you remove a Firebox or FireCluster from cloud management, it becomes a locally-managed device and uses the last deployed configuration.

Screen shot of WatchGuard Cloud Device Settings, Remove from Cloud Management

For more information, go to Remove a Firebox from Cloud Management and Change the FireCluster Management Type.

Open the Device Settings Page

To open the Device Settings page:

  1. Log in to WatchGuard Cloud.
  2. Select Configure > Devices.
  3. To view the settings for an individual Firebox, from Account Manager, select the Firebox.
    Or, to view a summary of status for all Fireboxes in a folder, from Account Manager, select a folder.
  4. If you select a folder or Subscriber account with more than one device from Account Manager, on the Device Settings page, select the Firebox tab.
    The page shows a list of Fireboxes in the selected folder or account.
  5. Select the device you want to view settings for.
    • Click a widget to filter the table to show Cloud-Managed Fireboxes, Locally-Managed Fireboxes, Offline Devices, or Online Devices.
    • To search for a device, enter the name, or serial number in the Search box and press Enter.
    • To update the list of devices, click .
    • To filter the list of devices with multiple parameters, click . You can filter the list by Cloud Status, Logging, Management type, License Type, Data Retention, Model, and Version.

Related Topics

Configure Device Settings in WatchGuard Cloud

View WatchGuard Cloud Device Reports

Manage Backup Images for Locally-Managed Fireboxes in WatchGuard Cloud

Reboot a Firebox from WatchGuard Cloud

Manage Fireware Versions for Devices in WatchGuard Cloud

About FireCluster in WatchGuard Cloud