Applies To: WatchGuard Advanced EPDR, WatchGuard EPDR, WatchGuard EDR, WatchGuard EDR Core, WatchGuard EPP
The WatchGuard Endpoint Security products might require a restart of managed endpoints to complete protection software upgrades or reinstallation, or for specific patch deployments or uninstallations.
When a restart is necessary to complete a process, a restart dialog box might prompt the local user on the endpoint to restart the device. You can configure settings to automatically restart devices in the management UI.
On the Per-Computer Settings page, you create settings profiles that specify how often to install protection software updates on workstations and servers. You can also define settings to prevent tampering and unauthorized uninstallation of the protection software.
For more information on how to configure updates, go to Configure Updates.
For more information on how to install patches, go to Add Patch Installation Tasks.
To restart a Server, the locally logged on user must be an Administrator. If an Administrator user session is locked, then the restart message does not appear to that user. In this case, it appears to other Administrator users with an open session if they exist.
To restart a Workstation, any user logged on the endpoint can restart the endpoint device. An Administrator account is not required.
This table provides a list of possible restart scenarios based on the logged-in session on the endpoint device when you have configured Do not restart automatically in the per-computer settings profile or in a patch installation task.
| Restart Scenario | No Open Session on Endpoint | One Administrator Session on Endpoint | One Non-Administrator Session on Endpoint |
|---|---|---|---|
| Restart requested after Endpoint Security protection software upgrades |
|
|
Workstations The non-administrator user on the device receives a message about the required restart. Servers No restart message appears. |
| Restart requested after a patch installation task |
|
|
Workstations The non-administrator user on the computer receives a restart message. Servers No restart message is displayed to non-administrator users on the server. |
This table provides a list of scenarios based on the logged-in session on the endpoint device, when you select Restart from the Endpoint Security management UI or when you have configured Automatic Restart in the per-computer settings profile or in a patch installation task.
| Restart Scenario | No Open Session on Endpoint | One Administrator Session on Endpoint | One Non-Administrator Session on Endpoint |
|---|---|---|---|
| Restart requested from the management UI |
|
|
Workstations The logged-in user receives a restart message with a countdown and the Restart Now option. Servers All the logged-in users on the server receive a restart message without the Restart Now option. |
| Restart requested after Endpoint Security protection software upgrades |
|
|
Workstations The logged-in user receives a restart message with a countdown and the Restart Now option. Servers All the logged-in users on the server receive a restart message without the Restart Now option. |
| Restart requested after a patch installation task |
|
|
Workstations The logged-in user receives a restart message with a countdown and the Restart Now option. Servers All the logged-in users on the server receive a restart message without the Restart Now option. |
To restart a device, the endpoint user can select Restart Now or Later in the Restart dialog box. When the local user selects an option, the Restart dialog box closes in all other open sessions on the endpoint. The Later option is available only when you configure Do not restart automatically in the per-computer settings profile. The Restart dialog box appears again after 15 days (except in the Windows Home Edition) or when the upgrade completes after the endpoint is restarted another way.
If you select a time interval for the protection software upgrade, make sure that it is more than four hours. The WatchGuard Agent checks every four hours for a new version of the software.
We recommend that you schedule protection software updates when they will not interfere with other updates, backups, etc. Avoid Endpoint Security updates at the same time as Windows updates. Windows updates will take precedence and could cause the Endpoint Security update to require additional restarts to complete.
Microsoft Windows 10 and higher have the FastBoot option enabled by default. FastBoot is not the complete reboot required by WatchGuard Endpoint Security.
The WatchGuard Agent will disable FastBoot to complete an upgrade (at shutdown or restart), and then enable FastBoot again.
WatchGuard Agent – Installation and Upgrade Error Messages