About ConnectWise Integration and Configuration

You can configure your Firebox to integrate with ConnectWise, a professional service automation tool. This integration enables service providers to automatically synchronize customer asset information for more efficient device management and monitoring.

For instructions on how to integrate ConnectWise from your Firebox, see:

The instructions in this topic help you create ConnectWise API keys to enable communication with the Firebox, and describe how to configure configuration questions and ticket management in ConnectWise for your Firebox integration.

Get ConnectWise API Keys

Before you integrate your Firebox with ConnectWise, you must create a pair of API keys to enable the Firebox to communicate with the ConnectWise server. You can create API keys from your current user account, or you can create a new account specifically for API access (an API Member account).

You can only add an API Member account in the ConnectWise Windows client on the System Modules > Members page. From the Members page, select the API Members tab, and then create a new user account and generate API Keys.

These are the minimum API account security role permissions required for ConnectWise integration:

  Add Level Edit Level Delete Level Inquire Level
Companies: Company Maintenance None None None All
Companies: Configurations All All All All
Service Desk: Service Tickets All All All All
Service Desk: Close Service Tickets All All All All

To get your API keys from your current ConnectWise user account:

  1. Log in to ConnectWise.
    Your ConnectWise user account pages appear.
  2. At the top-right of the page, from your user account drop-down list, select  My Account.

Screen shot of ConnectWise My Account settings page

  1. Select the API Keys tab.
    If the API Keys tab does not appear, click the Settings tab to add the API Keys tab.

Screen shot of ConnectWise User Account API Keys tab

  1. To add a new key pair, click the Add Key Pair icon.
  2. In the Description text box, type a descriptive name for the key.
  3. Click the Save icon.

Screen shot of ConnectWise generate API Key page

  1. Make a note of the public and private keys. You must have these keys to configure your Firebox to connect to ConnectWise.
    After the key pair is saved, you cannot see the private key again.

See Device Configuration Details in ConnectWise

To see your Firebox in ConnectWise after you complete the integration:

  1. Select Companies > Configurations.
  2. From the configuration list, select a Firebox.

Screen shot of ConnectWise Companies Configurations page

After you enable ConnectWise integration on your Firebox, information from the Firebox such as the serial number, model number, and expiration date are automatically synchronized and appear in the ConnectWise Configuration Details list.

Screen shot of ConnectWise Configuration Details page

About Configuration Questions

The Configuration type for WatchGuard Fireboxes includes a unique set of Configuration Questions that relate to device monitoring and ticket management. These are thresholds for system events, and enable you to customize the events that generate tickets.

You can customize the configuration question entries. For more information. see Edit Configuration Questions.

If a system condition passes a configured threshold, a ticket is created to notify you of the system event. If the event does not continue and passes below the threshold, the ticket is automatically closed. If the event occurs again, the same ticket is opened again so that you can track repeated occurrences of the same event.

Screen shot of ConnectWise device configuration questions

Certificate Expiration

Monitors system certificates and generates a ticket if any certificates will expire within the number of days you specify. You can select 10, 30, or 60 days prior to expiration.

Feature-Key Expiration

Monitors feature keys and generates a ticket if any feature keys will expire within the number of days you specify. You can select 10, 30, or 60 days prior to expiration.

CPU Usage

Monitors CPU usage over a specified time period. For example, it can generate a ticket if CPU usage is greater than 90% over 10 minutes.

Memory Usage

Monitors memory usage over a specified time period. For example, it can notify you if memory usage is greater than 90% for over 10 minutes.

Total Connections

Monitors the total number of concurrent connections over a specified time period compared to your system connection limits. For example, it can generate a ticket if the total number of concurrent connections is greater than 90% of your system limit for over 10 minutes.

Total SSLVPN Connections

Monitors the total number of concurrent SSLVPN connections over a specified time period compared to your system connection limits. For example, it can generate a ticket if the total number of concurrent SSLVPN connections is greater than 90% of your system limit for over 10 minutes.

Total MUVPN Connections

Monitors the total number of concurrent Mobile VPN (MUVPN) connections over a specified time period compared to your system connection limits. For example, it can generate a ticket if the total number of concurrent Mobile VPN connections is greater than 90% of your system limit for over 10 minutes.

Total L2TP Connections

Monitors the total number of concurrent L2TP connections over a specified time period compared to your system connection limits. For example, it can generate a ticket if the total number of concurrent L2TP connections is greater than 90% of your system limit for over 10 minutes.

Interface Status

Monitors whether any network interfaces have a link down status over a specified period of time. For example, it can generate a ticket if an interface is down for longer than 5, 10, or 30 seconds.

Botnet Detection

Monitors botnet activity detected by Botnet Detection over a sustained period of time. For example, it can generate a ticket if botnet activity is detected for over 10, 30, or 60 minutes.

Flood Detection

Monitors whether DoS flood attacks (such as SYN, ICMP, UDP, IPsec, IKE floods) have occurred over a specified period of time. For example, it can generate a ticket if any flood attacks are detected over 10, 30, or 60 minutes.

Virus Detection

Notifies you if viruses have been detected by Gateway AntiVirus over a specified period of time. For example, it can generate a ticket if 50 viruses were detected over 10 minutes.

Intrusion Prevention

Monitors whether intrusion attempts have been detected by IPS over a specified period of time. For example, it can notify you if 50 intrusions were detected over 10 minutes.

Spam Detection

Notifies you if spam email messages have been detected by spamBlocker over a specified period of time. For example, it can notify you if 50 spam messages were detected over 10 minutes.

APT Detection

Monitors APTs detected by APT Blocker over a specified period of time. For example, it can notify you if 50 APTs were detected over 10 minutes.

DLP Detection

Monitors violations detected by Data Loss Prevention over a specified period of time. For example, it can generate a ticket if 50 DLP violations were detected over 10 minutes.

Cluster Failover

Notifies you if a FireCluster failover has occurred. After a failover occurs, the new FireCluster master generates a ticket. The ticket information includes the member IDs of the new cluster master and the previous master. The ticket is closed after five minutes of cluster stability.

Feature Keys

Shows the current feature keys.

Edit Configuration Questions

You can customize the values in your configuration questions from the ConnectWise UI in System > Setup Tables > Company (Category) > Configuration (Table) > WatchGuard Security Appliance (Configuration Type).

Screen shot of configuration question editing page in ConnectWise

For example, you can add another time period (such as 3 days prior) for Feature Key expiration notification.

  1. Expand the Feature-Key Expiration section.
  2. Click Answers + to add a new value row.
  3. In the Value text box, type 3 days prior, then click the save icon.

Screen shot of editing Configuration Question answers in ConnectWise

You must follow the same answer syntax as other entries. You can also clone entries from other configuration questions with the Answer Cloning drop-down list. If you create an answer with invalid syntax, the ConnectWise UI does not warn you. However, errors appear in the Firebox logs.

ConnectWise Ticket Management

The Configuration Question thresholds you specify automatically trigger the creation and closure of tickets. This prevents ticket flooding and false alarms, and enables tickets to be automatically closed when issues are resolved. If an event occurs again, the same ticket is reopened so that you can track repeated occurrences of the same event.

When ConnectWise closes a Firebox ticket, it checks for any Closed status types to use when it closes the ticket. If there are multiple Closed status types, the integration uses the first item in the list.

To see a summary of tickets associated with this configuration in your ConnectWise account:

  1. Select the Service tab.
    In this example, a ticket was generated because of an expired certificate on the Firebox.

Screen shot of ConnectWise ticket main page

  1. To see the ticket notes, click the ticket number or description.

Screen shot of ConnectWise ticket details

After the certificate is updated with a new expiration date, the ticket is automatically closed.

Screen shot of ConnectWise ticket closed page

ConnectWise Ticket Descriptions

This table describes the tickets that the Firebox can generate in ConnectWise:

Feature Ticket Title Note Title Description
Certificate Expirations Certificates expired or approaching expiration Expired certificates A list of expired certificates
Feature-Key Expirations Licensed features expired or approaching expiration Expired features List of expired features
CPU Usage CPU usage has exceeded the configured threshold CPU usage Percentage of CPU utilization amount.
Memory Usage Memory usage has exceeded the configured threshold Memory usage Percentage of memory in use.
Total Connections Total connections have exceeded the configured threshold Connections allocated Percentage of connection quota in use.
SSLVPN Connections SSLVPN connections have exceeded the configured threshold SSLVPN connections allocated Percentage of SSLVPN connection quota in use.
BOVPN Connections BOVPN connections have exceeded the configured threshold BOVPN connections allocated Percentage of BOVPN connection quota in use.
L2TP Connections L2TP connections have exceeded the configured threshold L2TP connections allocated Percentage of L2TP connection quota in use.
Interface Status Inactive network interfaces detected Inactive network interfaces Names of the inactive interfaces.
Botnet Detection Botnet detection has exceeded the configured threshold Number of botnet events detected The number of botnet detections in the configured time interval.
Flood Detection Flood detection has exceeded the configured threshold Number of flood events detected The number of botnet detections in the configured time interval.
Virus Detection Virus detection has exceeded the configured threshold Number of viruses detected The number of virus detections in the configured time interval.
IPS Detection Intrusion Prevention detection has exceeded the configured threshold Number of IPS events detected The number of IPS detections in the configured time interval.
Spam Detection Spam message detection has exceeded the configured threshold Number of spam messages detected The number of Spam detections in the configured time interval.
APT Detection APT detections have exceeded the configured threshold Number of APTs detected The number of APT detections in the configured time interval.
DLP Detection DLP violations have exceeded the configured threshold Number of DLP violations detected The number of DLP detections in the configured time interval.
Cluster Failover Cluster failover detected Cluster member status Description of which member failed and which member is the new master.

Service Ticket Priority Levels and Service Boards

You can customize your ConnectWise service ticket priority levels from the ConnectWise UI in System > Setup Tables > Service (Category) > Priority (Table).

Screen shot of ConnectWise Setup tables > Priority levels

Similarly, you can customize your ConnectWise service boards from the ConnectWise UI in System > Setup Tables > Service (Category) > Service Board (Table).

Screen shot of service board customization in ConnectWise

See Also

Configure ConnectWise Integration for Reports

Create Device Configuration Templates