Install the WatchGuard Endpoint Security Plug-in for N-able N-central

To install the WatchGuard Endpoint Security plug-in for N-able N-central, WatchGuard provides an onboarding application to connect to the WatchGuard API and map clients between WatchGuard and N-able N-central. The installation process consists of these steps:

Before You Begin

Before you download and install the WatchGuard Endpoint Security plug-in for N-able N-central, make sure that:

  • You have a valid WatchGuard Endpoint Security license.
  • You have an N-able N-central account with an Administrator role and an All access group.

Some roles in N-central might not have permissions to update custom properties. To avoid permissions issues, we recommend that the N-able Service Organization (SO) runs the WatchGuard Endpoint Security plug-in onboarding application.

Create Custom Properties in N-able N-central

You must create several custom properties for the WatchGuard Endpoint Security plug-in to integrate with N-able N-central. An administrator must create these custom properties in N-able N-central at the Service Organization (SO) level:

  • WatchGuard Endpoint Security Integration - Service Provider Account ID
  • WatchGuard Endpoint Security Integration - Client Account ID
  • WatchGuard Endpoint Security Integration - API Key
  • WatchGuard Endpoint Security Integration - Deployment Setting ID
  • WatchGuard Endpoint Security Integration - Installer URL

The custom property names you create in N-central must be exactly the same as the custom properties listed here. To avoid errors, we recommend you copy and paste the custom property names.

To create custom properties, from N-central:

  1. Select Administration > Properties.
    The Custom Properties page opens.

Screen shot of N-Central, Custom Properties

  1. From the Add drop-down list, select By Customers > Text Type.
    The Custom Properties - By Customers page opens.

Screen shot of N-Central, Custom Property- By Customer

  1. In the Property Name text box, enter the name of the custom property to add. For example, enterWatchGuard Endpoint Security Integration - Service Provider Account ID.

The Property Name must be exactly the same as the custom properties listed in this document. To avoid errors, we recommend you copy and paste the custom property name.

  1. On the Customers tab, from the drop-down list, select Propagate to all new Customers/Sites.

Screen shot of N-Central, Custom Property - By Customers

  1. From the Customer/Sites list, select all existing customers.

Screen shot of N-Central, Custom Property warning

  1. Click Save.
  2. Repeat this procedure to add the other required custom properties.

Enable API Access in WatchGuard Cloud

WatchGuard public APIs use the Open Authorization (OAuth) 2.0 authorization framework for token-based authentication. To use the Endpoint Security Management API, you must first enable API access in your WatchGuard Cloud account to retrieve the required parameters for your plug-in configuration. For more information, see Enable API Access in WatchGuard Cloud.

To enable API access in WatchGuard Cloud:

  1. Log in to WatchGuard Cloud.
    If you are a Service Provider, from Account Manager, select My Account or a managed account.
  2. Select Administration > Managed Access.
  3. Click Enable API Access.

Screen shot of WatchGuard Cloud, Enable API Access button

  1. Specify the readwrite and readonly passwords to use as your API access credentials.

Screen shot of WatchGuard Cloud, RESTful API Access settings

Passwords must include an uppercase letter, a lowercase letter, a number, and a special character. The readwrite password and the readonly password must be different.

You must use the Read-write access ID and password for the plug-in configuration.

  1. Select the I agree to the terms and conditions in the WatchGuard APIs License Agreement check box.
  2. Click Save.

After you enable API access, parameters appear that you must specify in the plug-in onboarding application. You can see these parameters on the Administration > Managed Access page in WatchGuard Cloud.

The base URL varies by region. This example shows a US-based server.

Screen shot of WatchGuard Cloud, RESTful API Access settings enabled

Download the Plug-in

To download the WatchGuard Endpoint Security plug-in onboarding application for N-able N-central from the WatchGuard Software Downloads page:

  1. Go to the Software Downloads page.
  2. Click Endpoint Software.
  3. Click the N-able N-central Plug-in link.
  4. Click N-able N-central Plug-in (Latest) to download the Ncentral .ZIP file.
  5. Save the Ncentral .ZIP file to your computer.
  6. Extract the Ncentral .ZIP file content to a folder.

The Ncentral folder contains these files:

  • WatchGuard Endpoint Security Onboarding for N-able N-central onboarding application .EXE file
  • WatchGuard Endpoint Security – Monitor Windows device service template .ZIP file
  • Windows scripts:
    • WatchGuard Endpoint Security – Install agent in Windows.amp
    • WatchGuard Endpoint Security – Scan Windows device.amp
    • WatchGuard Endpoint Security – Isolate Windows device.amp
    • WatchGuard Endpoint Security – Unisolate Windows device.amp
    • WatchGuard Endpoint Security – Uninstall agent in Windows.amp
  • macOS scripts: 
    • WG-Install-Mac.sh (WatchGuard Endpoint Security – Install agent in mac)
    • WG-Scan-Mac.sh (WatchGuard Endpoint Security – Scan mac device)

To open the onboarding application, from the Ncentral folder, double-click NableOnboarding.EXE.
The onboarding application opens.

The onboarding application automatically updates to the latest version available when it opens.

Screenshot of N-central onboarding page

The onboarding application has these options in the navigation pane:

  • API Connection — Use this page to configure the connection between WatchGuard Cloud and N-able N-central.
  • Map Clients — Use this page to associate N-able N-central clients with WatchGuard Cloud accounts you manage. You must successfully establish a connection between WatchGuard Cloud and N-able N-central before you can use this page.
  • WatchGuard Cloud — Click this link to open WatchGuard Cloud in a web browser.

Configure the Connection between WatchGuard Cloud and N-able N-central

The information necessary to establish a connection between WatchGuard Cloud and N-able N-central is visible in the Managed Access page in WatchGuard Cloud after you enable API access. For more information about API access in WatchGuard Cloud, see Enable API Access.

When you enter the API connection information in the onboarding application, we recommend you copy and paste the API parameters directly from the Managed Access page in WatchGuard Cloud to avoid errors.

To establish the connection between WatchGuard Cloud and N-able N-central, from the onboarding application:

  1. Select API Connection.
  2. Enter the API information for WatchGuard Cloud: 
    • Authentication API URL — Type the URL to authenticate API access to WatchGuard Cloud. The URL varies by region.
      • APAC Regionhttps://api.jpn.cloud.watchguard.com/oauth/token
      • EMEA Region https://api.deu.cloud.watchguard.com/oauth/token
      • NA/Americas Regionhttps://api.usa.cloud.watchguard.com/oauth/token
    • API URL — Type the base URL of the Endpoint Security API. The URL varies by region.
      • APAC Regionhttps://api.jpn.cloud.watchguard.com/rest/endpoint-security/management
      • EMEA Regionhttps://api.deu.cloud.watchguard.com/rest/endpoint-security/management
      • NA/Americas Regionhttps://api.usa.cloud.watchguard.com/rest/endpoint-security/management
    • Account ID — Type the WatchGuard Cloud Account ID of the managed account for which you want to make API requests.
    • Access ID — Type the Access ID for Read-write API access to WatchGuard Cloud.
    • Access Password — Type the password for the Read-write Access ID you specified for API access to WatchGuard Cloud.
    • API Key — Type the API key associated with your WatchGuard Cloud account.
  3. Enter the API information for N-able:
    • Server Type — Select N-central.
    • N-able Server Address (without https://) — Type the URL, without https://, for the N-able server address.
    • User Name — Type the user name for API access to N-able N-central.
    • JSON Web Token or API Key — Type the JSON web token for API access to N-able N-central.

For information on how generate a JSON web token for N-central, go to the N-central User Guide.

API keys are used to connect to N-able N-sight. For more information on the N-able N-sight plug-in, go to About the WatchGuard Endpoint Security Plug-in for N-able N-sight.

  1. Click Connect.
    If the connection is successful, you see a confirmation message.

Screen shot of N-Central configuration dialog box

  1. Click Yes.

Map Clients

After you successfully establish a connection between WatchGuard Cloud and N-able, you must map your N-able N-central clients to the accounts you manage in WatchGuard Cloud.

To associate N-able clients with WatchGuard Cloud accounts, from the onboarding application:

  1. Select Map Clients.
  2. Select an N-able client from the list.
  3. From the WatchGuard Client drop-down list, select the WatchGuard Cloud account that you want to associate with the N-able client. The WatchGuard Cloud ID and License columns automatically populate when you select a WatchGuard Cloud account.

Screen shot of N-Central Map Clients

  1. From the Network Settings for Installation drop-down list, select the Endpoint Security network settings profile to assign to this client.
  2. Click Save.
    A confirmation message appears.

Screen shot of N-Central confirmation dialog box

  1. Click OK.
  2. Repeat these steps for all clients you want to map. When you finish, close the onboarding application.

Related Topics

About the WatchGuard Endpoint Security Plug-in for N-able N-central

Configure the WatchGuard Endpoint Security Plug-in for N-able

Manage the WatchGuard Endpoint Security Plug-in for N-able N-central