Install the Endpoint Software with Centralized Tools (Windows only)

Applies To: WatchGuard EPDR, WatchGuard EDR, WatchGuard EPP

On medium-sized and large networks we recommend that you use centralized tools to install the endpoint software for Windows computers.

Install the Client with Command Line Tools

You can automate the installation and integration of the WatchGuard Endpoint Agent into the web UI with these command-line parameters:

  • GROUPPATH="group1\group2": Path in the group tree where the computer will reside. The 'All' root node is not specified. If the group does not exist, the computer will be integrated into the All' root group.
  • PRX_SERVER: Name or IP address of the corporate proxy server.
  • PRX_PORT: Port of the corporate proxy server.
  • PRX_USER: User of the corporate proxy server.
  • PRX_PASS: Password of the corporate proxy server.

This example shows how to use command-line parameters to install the agent:

Msiexec /i "WatchGuardAetherAgent.msi" GROUPPATH="London\AccountingDept"

PRX_SERVER="ProxyCorporative" PRX_PORT="3128" PRX_USER="admin" PRX_PASS="panda"

Deploy the Agent with Microsoft Active Directory

You can use a Microsoft Active Directory Group Policy Object (GPO) to deploy the endpoint software on a computer for the first time. Active Directory does not support updates of previously installed software.

The computer where you define the GPO cannot have the endpoint agent installed. You must uninstall the agent before you can create the GPO. You can re-install the agent after you add the GPO. If you try to define the GPO on a computer with the agent installed, this error message displays: The process of adding failed. The deployment information could not be retrieved from the package. Make sure the package is correct.

To deploy the agent with an Active Directory GPO:

  1. Download and share the endpoint software installer. Save the installer file to a shared folder accessible to all the computers that are to receive the software.
  2. In Active Directory, create a new Organizational Unit called Cloud deployment.
    1. Open the mmc.
    2. Add the Group Policy Management snap-in.
    3. Right-click the domain node, and select New > Organizational Unit.
    4. Create an Organizational Unit called Cloud deployment.
  3. Create a new GPO with the installation package.
    1. Right-click the new organizational unit and select Create a GPO in this Domain.
    2. Name the GPO (for example, Cloud deployment GPO).
  4. Edit the new GPO and add the installation package that contains the WatchGuard Endpoint Security software.
    1. Click Computer configuration, Policies, Software Settings, Software installation.
    2. Right-click Software installation, and select New > Package.
    3. Add the WatchGuard Endpoint Security .msi installation package.
  5. Edit the package properties:
    1. Right-click the package you added, and select Properties > Deployment tab > Advanced.
    2. Select the Ignore Language when Deploying this Package and Make this 32- bit X86 Application Available to Win64 Machines check boxes.
    3. Add all network computers that will receive the agent to the Cloud deployment Organizational Unit.

See Also

Installation Requirements