To add a Firebox to WatchGuard Cloud, the Firebox must have an active subscription that includes WatchGuard Cloud.
The Firebox Cloud Hourly license does not include support for WatchGuard Cloud. For more information, see Firebox Cloud License Options.
Both the Total Security Suite and Basic Security Suite include a subscription for WatchGuard Cloud. The subscription enables the Firebox to send log messages to WatchGuard Cloud, and determines the default retention period for Firebox data in WatchGuard Cloud.
- Total Security Suite includes WatchGuard Cloud with 30 days of data retention
- Basic Security Suite includes WatchGuard Cloud with 1 day of data retention
There is no separate activation to enable WatchGuard Cloud. If your Firebox has Total Security Suite or Basic Security Suite, it has a license for WatchGuard Cloud.
To increase the data retention period for a Firebox in WatchGuard Cloud, you can activate a Data Retention license and assign it to the Firebox in your WatchGuard Cloud account. For more information, see About Data Retention Licenses.
WatchGuard Cloud in the Feature Key
When you add a Firebox to WatchGuard Cloud, you must use Fireware Web UI or Policy Manager to enable the feature in the Firebox configuration. The Firebox feature key determines whether you can enable WatchGuard Cloud on the Firebox.
To enable WatchGuard Cloud, the feature key on the Firebox must include an unexpired license for Dimension Basic.
For information about how to see the feature key on your Firebox, see About Feature Keys.
If you activated your Basic Security Suite or Total Security Suite subscription before the release of Device Visibility support in WatchGuard Cloud, you might need to synchronize the feature key on the Firebox to add Dimension Basic. For more information, see Get a Firebox Feature Key.
Renewals and Expiration
The expiration date of the Dimension Basic license controls whether the Firebox sends log messages to WatchGuard Cloud and whether WatchGuard Cloud continues to store data for the Firebox. To renew WatchGuard Cloud, you must renew your Total Security Suite or Basic Security Suite license. For more information about what happens when a WatchGuard Cloud or Data Retention license expires, see WatchGuard Cloud and Data Retention License Expiration.
If the Total Security Suite or Basic Security Suite license for a cloud-managed Firebox expires:
- The Firebox no longer communicates with WatchGuard Cloud.
- The Firebox connection status in WatchGuard Cloud is Not Connected.
- You can use Fireware Web UI to modify the Firebox configuration locally.
To avoid interruption of service and loss of data in WatchGuard Cloud, we recommend that you renew the license before the services expire.
After the license for a cloud-managed Firebox expires, to continue to manage your Firebox in WatchGuard Cloud, you must renew your license and update the feature key on your Firebox. When you do this, the Firebox automatically reconnects to WatchGuard Cloud.
If you choose not to renew your Total Security Suite or Basic Security Suite license, you can manage the Firebox locally. We recommend that you remove the Firebox from WatchGuard Cloud. When you manage your Firebox locally with an expired feature key:
- The Firebox retains its configuration.
- Only one client can pass traffic through the device.
- Subscription services no longer work.
FireCluster License Requirements
FireCluster license requirements for WatchGuard Cloud are the same as for other subscription services. To enable WatchGuard Cloud on a FireCluster, the FireCluster must have a Total Security Suite or Basic Security Suite subscription.
- An active/passive FireCluster requires a subscription for only one member.
- An active/active FireCluster requires a subscription for both members.
For information about how to see the licensed features on your FireCluster, see About Feature Keys and FireCluster.