Create an Image for Windows Persistent and Non-Persistent Environments

Applies To: WatchGuard EPDR, WatchGuard EDR, WatchGuard EPP

Before You Begin

Virtual environments are complex and varied. This topic describes step-by-step instructions to install WatchGuard Endpoint Security in persistent and non-persistent Virtual Desktop Infrastructure (VDI) environments. Due to their characteristics, virtual computers or instances require that a specific procedure be followed to make sure that the images or templates to be used in virtual environments are up-to-date, optimized, and do not have a previously assigned machine ID so that when a virtual computer is started, it is uniquely registered in the web UI.

In environments with very specific characteristics, it may be necessary to follow the recommendations provided by the virtualization vendor to adapt general instructions to your needs. For a customized solution, contact WatchGuard Support.

This installation procedure requires that a template (for persistent environments) or a gold image (for non-persistent environments) be prepared that will be later deployed to the virtual computers on the network. It is important to follow this procedure closely to:

  • Ensure engine and signature file (knowledge) updates.
  • Optimize resource and bandwidth consumption in non-persistent environments.
  • Ensure virtual instances are uniquely identified.

Prerequisites

  • In persistent environments, computers must have fixed MAC addresses.
  • The computer used to generate the template or gold image must have an Internet connection.

Compatible Systems

Generally, this procedure works for these types of virtual machines:

  • VMware Workstation
  • VMware Server
  • VMware ESX
  • VMware ESXi
  • Citrix XenDesktop
  • XenApp
  • XenServer
  • MS Virtual Desktop
  • MS Virtual Servers

Install the Protection in Persistent Environments

Install the Protection in Non-Persistent VDI Environments

The procedure to manage non-persistent VDI environments consists on three phases.

License Management

After you delete the agent ID and disable the Is a Gold Image option, when a new machine is started, the system calculates its machine ID and determines whether the computer is a new computer or an existing one, based on the selected environment.

Non-Persistent Environments

if the maximum number of machines that are active simultaneously for non-persistent images is set, the server manages licenses automatically, provided there are available licenses and the number of concurrent machines is not exceeded.

Persistent Environments

if there are multiple machines that are no longer used, delete them from the database to free up licenses just as you would do with physical machines. You can delete all machines, or select an individual machine to delete.