Configure WatchGuard MDR

Applies To: WatchGuard Advanced EPDR This topic applies to the WatchGuard Advanced EPDR endpoint security product., WatchGuard EPDR This topic applies to the WatchGuard EPDR endpoint security product., WatchGuard EDR This topic applies to the WatchGuard EDR endpoint security product.

For approved partners with a WatchGuard Managed Detection and Response (MDR) Service license, you can enroll your customer in WatchGuard MDR.

To enroll a customer in WatchGuard MDR:

1. In WatchGuard Cloud, select the Subscriber account you want to enroll in WatchGuard MDR.
2. Select Configure > Endpoints.
3. Select Settings.
4. From the left pane, select MDR.
   The MDR settings page opens.
5. From the Customer Business Vertical section, select the business vertical for the customer.
6. In the Number of Business Locations text box, enter the number of locations.
7. In the Number of Employees text box, enter the number of employees.
8. If the customer has remote employees, enable Includes Remote Employees.
9. From the Operating Systems section, select the operating systems used by the customer.
10. In the Hardware Devices section, add the hardware vendors and devices used in the customer network.
    1. Click Add Hardware Vendor.
    2. In the Hardware Vendor text box, enter the hardware vendor name.
    3. Select the hardware types for the vendor.
    4. Repeat these steps to add additional hardware devices.
11. In the Critical Computers section, specify computers that provide a critical service or require additional attention.
    1. Click Add Computers.
    2. To select a group of computers, from the Computer Groups list, select a group.
    3. To select individual computers, from the Additional Computers list, select the critical computers.
    4. Click Add.
12. To allow the WatchGuard Global Cybersecurity team to isolate computers on the customer network, in the Response Plan section, enable Allow WatchGuard Security Operations Center to Isolate Computers on the Customer Network.
13. To add computers that WatchGuard cannot isolate without additional approval, in the Exceptions section, click Add Computers.
1. To select a group of computers, from the Computer Groups list, select a group.
2. To select individual computers, from the Additional Computers list, select the critical computers.
3. Click Add.
14. To add recipients for weekly or monthly executive reports, in the Reports section, add up to three email addresses.
15. Click Save.

Related Topics

About WatchGuard MDR

WatchGuard Endpoint Security Modules