Manage Groups

Applies To: WatchGuard Advanced EPDR, WatchGuard EPDR, WatchGuard EDR, WatchGuard EPP, WatchGuard EDR Core

You create and manage groups on the Computers > My Organization tab. Computers move to groups when you install the WatchGuard Agent on them.

Find a Group

You can search for an existing group in the My Organization tab.

To find a group:

  1. In WatchGuard Cloud, select Configure > Endpoints.
  2. Select Computers.
  3. From the left pane, select The My Organization folder icon. My Organization.
  4. Click The search icon..

Screen shot of My Organization pane, Search icon.

  1. In the Search box that appears, type some or all of the group name you want to find.
    The list of groups automatically filters to match the search keyword.

Add a Group

Add groups to find computers that meet specific criteria for hardware, software, or security. For information on how to create a group based on the computer's IP address, see Add a Group that Assigns Computers Based on IP Address.

You cannot create an Active Directory group on the My Organization tab. The tree replicates the groups and organizational units that already exist on your Active Directory server.

To add a group:

  1. In WatchGuard Cloud, select Configure > Endpoints.
  2. Select Computers.
  3. From the left pane, select The My Organization folder icon. My Organization.
  4. Next to the group in which you want to add a group, click .

Screen shot of WatchGuard Endpoint Security, Add Group menu option

  1. Select Add Group.
    The Add Group dialog box opens.

Screen shot of WatchGuard Endpoint Security, Add Group dialog box

  1. Type a Name for the group.
  2. Click Add.

Add a Group that Assigns Computers Based on IP Address

To automatically assign computers to a group when you install the WatchGuard Agent, you can specify the IP addresses or an IP address range for the group.

To specify the IP addresses for a group:

  1. In WatchGuard Cloud, select Configure > Endpoints.
  2. Select Computers.
  3. From the left pane, select The My Organization folder icon. My Organization.
  4. Next to the group in which you want to create a group, click .
  5. Select Add Group.
    The Add Group dialog box opens.

Screen shot of WatchGuard Endpoint Security, Add Group dialog box

  1. Type a Name for the group.
  2. Click Add IP-based automatic assignment rules.

Screen shot of WatchGuard Endpoint Security, Add Group by IP

  1. In the Add IP Range text box, type the IP addresses of the computers to move to the group.
    You can enter individual IP addresses separated by commas, or IP address ranges separated by a dash.
  2. Click Add.
    Computers are added to the group when you install the WatchGuard Agent. If the computer IP address changes, the computer remains in the original group.

Delete a Group

To delete a group, it must be empty. If the group contains subgroups or computers, an error message appears.

To delete a group:

  1. In WatchGuard Cloud, select Configure > Endpoints.
  2. Select Computers.
  3. From the left pane, select The My Organization folder icon. My Organization.
  4. Make sure that the group is empty.
  5. Next to the group you want to delete, click .
    You cannot delete the All group.
  6. Select Delete.
  7. Click Delete.

To delete empty Active Directory groups included in another group, next to the group, click and select Delete Empty Groups.

Edit a Group

Edit a group to change the group name, and IP address assignment rules.

You cannot rename the All group or Active Directory groups.

To edit a group:

  1. In WatchGuard Cloud, select Configure > Endpoints.
  2. Select Computers.
  3. From the left pane, select The My Organization folder icon. My Organization.
  4. Next to the group you want to edit, click .
    You cannot edit the All root group or any Active Directory groups.
  5. Select Edit.
    The Edit Group dialog box opens.

Screen shot of WatchGuard Endpoint Security, Edit Group dialog box

  1. In the Name text box, type a new name.
  2. Click Add IP-based automatic assignment rules.
  3. Enter new IP addresses or a new IP address range, if required.
    For individual IP addresses, add a line per address in this format: .\Group\Group\Group (tab) IP . For IP address ranges, add a line per range in this format: .\Group\Group\Group (tab) StartIP-EndIP.
  4. Click OK.

Move a Group

On the My Organization tab, you can create a hierarchy that includes groups and subgroups. Move a group from one folder to another to create the hierarchy. The maximum number of levels in the hierarchy is 10.

You cannot move the All group or any Active Directory groups.

To move a group:

  1. In WatchGuard Cloud, select Configure > Endpoints.
  2. Select Computers.
  3. From the left pane, select The My Organization folder icon. My Organization.
  4. Next to the group you want to move, click .
  5. Select Move.
    The Move to dialog box opens.

Screen shot of WatchGuard Endpoint Security, Move group dialog box

  1. Select the target group.
  2. Click Move.
    An inheritance settings dialog box opens.

Screen shot of WatchGuard Endpoint Security, Move group settings inheritance

  1. Click Yes to replace the current settings inherited by the group with the destination group settings. Click No to keep the current settings.

Related Topics

Manage Computers and Devices in Groups

Move Computers from One Group to Another