Settings Ownership and Exceptions in Endpoint Manager

Applies To: WatchGuard EPDR, WatchGuard EDR, WatchGuard EPP

In the WatchGuard Endpoint Security web UI, Service Providers and Subscriber accounts can create and assign security settings profiles to the computers and devices they manage. They might also receive settings that you create and assign to the All group in Service Provider Endpoint Manager.

Settings profiles that you assign to an account in Endpoint Manager appear as read-only in the endpoint security web UI. The profile includes a green label to differentiate it from profiles created in the endpoint security web UI.

Ownership of the settings profile (that is, who can edit and delete it) is based on who created the settings profile and where.

Changes made in Endpoint Manager by a Service Provider to the settings assigned to a managed account automatically reflect in the endpoint security web UI. The changes propagate to the target devices in real-time or within 15 minutes when real-time communication is disabled. For more information, see Disable Real-time Communication.

Settings Exceptions

When you assign a security settings profile to an account or account group, the settings are applied to the All group and inherited by sub-groups if they exist. If any of the sub-groups, computers, or devices have manually assigned settings, an exception occurs and WatchGuard Endpoint Security does not assign the settings profile from Endpoint Manager.

In Endpoint Manager, you can see these exceptions on the Settings page. If the list of accounts shows a black number in the colored line, this part of the account list is collapsed and some accounts have exceptions to the settings profile you assigned in Endpoint Manager. Double-click the number to show the accounts with exceptions.

Screen shot of Service Provider Endpoint Manager, settings exceptions

You must open the WatchGuard Endpoint Security web UI for the account to view the manually applied settings.

See Also

Manage Endpoint Security Settings Profiles

Assign Endpoint Security Settings in Endpoint Manager