About Endpoint Security Licenses

The WatchGuard Endpoint Security portfolio includes these products and modules:

  • WatchGuard Endpoint Protection Platform (EPP)
  • WatchGuard Endpoint Detection and Response (EDR)
  • WatchGuard Endpoint Protection Detection and Response (EPDR)
  • WatchGuard Full Encryption
  • WatchGuard Patch Management
  • WatchGuard Advanced Reporting Tool
  • WatchGuard Data Control

WatchGuard Endpoint Security products and modules are licensed for each endpoint device. There are four types of licenses:

Term Licenses

A term license has a set number of licenses and a set duration, or term. For example, you might purchase a license for 100 WatchGuard EPDR term licenses that expire after three years.

Subscription Licenses

A subscription license enables you and your managed accounts to add endpoint licenses with no allocation limits. You can set a limit on the accounts you manage. With a subscription license, WatchGuard bills you monthly based on the number of endpoint users you have.

Trial Licenses

Trial licenses of WatchGuard EPDR, WatchGuard EDR, WatchGuard EPP, and all modules are available to Service Provider and Subscriber accounts in WatchGuard Cloud. Trial licenses expire after 30 days but you can renew them one time for another 30 days. For information on trial licenses, see Endpoint Security Trials – Service Providers.

NFR Licenses (Service Providers only)

A Not for Resale license includes a set number of endpoint licenses and typically has a three-year term. NFR licenses are available to Service Providers only.


You can activate licenses on the Activate Licenses page on the WatchGuard portal. For more information, see Activate an Endpoint Security License.

After you activate an endpoint security product or module license, from Support Center, on the Endpoint Security page, you can see the activated licenses for your account. Select WatchGuard EPP, WatchGuard EDR, or WatchGuard EPDR, and then click the name of a license to see the details and history of that license. Select the product and modules, and then click the name of a license to see the details and history of that license.

Licenses work differently for WatchGuard Cloud Subscriber and Service Provider accounts.


Subscriber accounts can have only one endpoint security product license. When a Subscriber account activates a new license key for an endpoint security product, it modifies the current active endpoint security product license. You can use a new license to add additional endpoints to, or extend the expiration date of, your existing license.

Service Providers

Service Providers can have many endpoint security product licenses. When a Service Provider activates a new license key, they can modify an active license or add a new, separate license. After activation, the endpoint licenses appear in the Service Provider inventory in WatchGuard Cloud.

Endpoint Security Modules

To access endpoint security modules, you must have an existing license for an endpoint security product (e.g., WatchGuard EPP, EDR, or EPDR). Available endpoint security modules depend on your endpoint security product.

  • WatchGuard Full Encryption — Available for use with WatchGuard EPP, WatchGuard EDR, and WatchGuard EPDR
  • WatchGuard Patch Management: Available for use with WatchGuard EPP, WatchGuard EDR, and WatchGuard EPDR
  • WatchGuard Advanced Reporting Tool: Available for use with WatchGuard EDR and WatchGuard EPDR.
  • WatchGuard Data Control: Available for use with WatchGuard EDR and WatchGuard EPDR.

The number of endpoint devices included in a module license cannot exceed the number of devices included in the endpoint security product license. The number of endpoint devices in the module license can be less than the number of devices in the endpoint security product license.


To renew a license or modify an existing license, you purchase a new license and activate it. When you activate the new license, you choose whether you want to add licenses or extend your current license. When you add to your active license or extend it, the new license merges with your active license and the two licenses are co-termed.

Co-terming consolidates or merges your licenses to synchronize renewal dates. When you co-term licenses, a new expiration date is calculated based on the updated user count and the term length of the license you activated. If you add licenses, the licenses you purchased are added to your current inventory. So, if you have 50 licenses and purchase 100 licenses, your final license count after you activate your new license is 150.

When you extend your license, if you purchased the same number of licenses that you currently have, your license is extended for another period (one or three years). If you purchased more licenses than are in your current inventory, your inventory immediately updates to match the number of licenses you purchased.

To renew with fewer licenses, purchase the desired number of licenses and choose Extend License when you activate your license key.

When you renew fewer licenses, we recommend that you do so close to your expiration date. If you activate the license key before your expiration date, your license count reduces immediately. This could limit the number of licenses available for your managed accounts and your account could become overallocated.

If you have an active subscription license, when you renew or upgrade a term license, your subscription usage count reduces automatically so that only the licenses in excess of your termed licenses are billed as subscription licenses.


Service Provider accounts can have multiple WatchGuard Endpoint Security licenses on their account. You can upgrade licenses of WatchGuard EPP or WatchGuard EDR to WatchGuard EPDR. You cannot convert licenses of WatchGuard EPP to WatchGuard EDR or vice versa. These upgrade paths also exist for the single license that Subscriber accounts have.

See Also

Activate an Endpoint Security License

Endpoint Security Trials – Service Providers

Allocate Endpoint Licenses

About Endpoint Security Subscription Licenses

WatchGuard Endpoint Security Modules