Manage Computers and Devices in Groups

Applies To: WatchGuard EPDR, WatchGuard EDR, WatchGuard EPP

Use the My Organization tab to create and manage static groups of computers and devices on your network. A computer can only belong to a single group. You might create groups to:

  • Find computers that meet specific criteria for hardware, software, or security.
  • Quickly assign security settings profiles.
  • Take remediation actions on a subset of computers.

Group Types

You assign computers to a group. On the My Organization tab, you can create a hierarchy that includes groups, subgroups and computers. The maximum number of levels in the hierarchy is 10.

You can create these types of groups:


This is the top group under which all other groups reside.

Local Groups

These are WatchGuard Endpoint Security groups, some of which are predefined. These groups support all operations (such as move, rename, or delete) and can contain other groups and computers.

Active Directory Groups

These groups replicate your Active Directory structure. These groups do not support some operations. They can contain other Active Directory groups and computers.

Active Directory Root Group

This group contains all Active Directory domains configured on the organization's network. It contains Active Directory domain groups.

Active Directory Domain Group

These groups are Active Directory branches that represent domains. They contain other Active Directory domain groups, Active Directory groups, and computers.

Active Directory Groups

For organizations with an Active Directory server, WatchGuard Endpoint Security can automatically replicate the Active Directory structure on the My Organization tab.

To make sure the structure is consistent between Active Directory and the My Organization tab, you cannot modify Active Directory groups in WatchGuard Endpoint Security. WatchGuard Endpoint Security automatically updates Active Directory groups within one hour when you make changes to your Active Directory structure.

In WatchGuard Endpoint Security, if you move a computer from an Active Directory group to a native group or to the root group, the synchronization relationship with Active Directory breaks. Any changes you make to Active Directory groups that affect the moved computer are not reflected in WatchGuard Endpoint Security.

For information on how to reestablish the synchronization relationship between Active Directory and WatchGuard Endpoint Security, see Move Computers from One Group to Another.

See Also

Manage Groups

Filter a Page by Group

Scan Computers and Devices