There are different operator roles for Subscriber accounts and Service Provider accounts. Owner and Administrator operators can create custom roles from built-in operator roles. For information on custom operator roles, go to Manage Custom Operator Roles.
For a list of the default permissions available with each built-in role, go to the appropriate section:
- Default Permissions for Service Provider Operator Roles
- Default Permissions for Subscriber Operator Roles
Your operator role determines what you can see and do in WatchGuard Cloud. Only operators with the built-in Owner or Administrator role have permissions to manage operators and roles.
Default Permissions for Service Provider Operator Roles
Permissions you can enable or disable for a Service Provider custom role depend on the built-in role selected. There are four built-in operator roles that Service Providers accounts can use to create a custom role:
- Owner — Owners have full permissions within their Service Provider account and managed services. They can add custom branding options to the account. They are the only Service Provider operators who can add, edit, and delete operators for their account. When there is an Endpoint Security product license and modules, only Owners have access to the Advanced Visualization Tool (Advanced Reporting Tool or Data Control modules).
- Sales — Sales operators have full permissions for inventory and account management, but read-only permission for services and operators.
- Helpdesk — Helpdesk operators have full permissions to configure services and read-only permission everywhere else.
- Auditor — Auditors have read-only permission throughout their Service Provider account.
This table lists the permissions enabled by default with each built-in role and shows whether the permissions are available as read/write or read-only. If a permission is enabled or disabled by default, the text Enabled or Disabled shows in the relevant column. If a permission is read/write or read only, it shows as Read/Write or Read Only in the column. When read/write access is removed, the functional area is not editable. If read-only access is removed, the functional area is not visible.
In a built-in role, there are top-level categories for the permissions (Service Provider Administration, Account Administration, and System Administration). These top-level categories are more than the summation of any permissions they contain. The granular permissions within a top-level category are the only permissions you can add or, in the case of Service Provider Administration only, the only permission you can remove (Manage Inventory).
Some permissions are linked to other permissions. For example, the ThreatSync Core permission is linked to the AuthPoint, Devices, and Endpoint Security permissions. ThreatSync provides extended detection capabilities through the correlation of data from Fireboxes, Access Points and WatchGuard Endpoint Security (Advanced EPDR, EPDR, EDR, and EDR Core). When you select ThreatSync Core, it automatically selects the linked permissions.
Owner Built-In Role Default Permissions (Service Provider Operators)
| Service Provider Permissions | Description | Enabled or Disabled by Default | Read/Write or Ready-Only Permission |
|---|---|---|---|
| Service Provider Administration | Enables all Service Provider administration permissions in the built-in role. | Enabled | Read/Write |
| - Manage Inventory | Provides the ability to allocate inventory to managed accounts. This includes inventory allocation for products the operator might not have access to the management UI for (for example, ThreatSync or Endpoint Security). | Enabled | Read/Write |
| Account Administration | Provides access to all account administration functionality in the built-in role. | Enabled | Read/Write |
| System Administration | Provides access to all system administration functionality in the built-in role. | Enabled | Read/Write |
| ThreatSync Core | Provides access to the ThreatSync management UI. When the ThreatSync permission is enabled, the applications and devices used to generate ThreatSync incidents are enabled automatically. | Enabled | Read/Write |
| AuthPoint | Provides access to the AuthPoint management UI. | Enabled | Read/Write |
| Devices | Provides access to manage devices (Fireboxes and access points). | Enabled | Read/Write |
| Endpoint Security | Provides access to the Endpoint Security management UI. | Enabled | Read/Write |
| FireCloud | Provides access to the FireCloud management UI. | Enabled | Read/Write |
Sales Built-In Role Default Permissions (Service Provider Operators)
| Service Provider Permissions | Description | Enabled or Disabled by Default | Read/Write or Read-Only Permission |
|---|---|---|---|
| Service Provider Administration | Enables all Service Provider administration permissions in the built-in role. | Enabled | Read/Write |
| - Configure Account Groups | Provides the ability to add, edit, and delete account groups. | Disabled | Read/Write |
| Account Administration | Provides access to all account administration functionality in the built-in role. | Enabled | Read/Write |
| - Configure Beta Features | Provides the ability to enable and disable beta features. | Disabled | Read/Write |
| - Configure Branding | Provides the ability to edit custom branding. | Disabled | Read/Write |
| - Manage Data Retention Licenses | Provides the ability to allocate and deallocate Data Retention Licenses. | Disabled | Read/Write |
| System Administration | Provides access to all system administration functionality in the built-in role. | Enabled | Read Only |
| - Acknowledge Alerts |
Provides the ability to view and acknowledge alerts. |
Disabled | Read/Write |
| - Configure Notification Rules | Provides the ability to add, edit, and delete notification rules. | Disabled | Read/Write |
| - Schedule Reports | Provides the ability to view and schedule reports. | Disabled | Read/Write |
| ThreatSync Core | Provides access to the ThreatSync management UI. | Enabled | Read Only |
| - Manage Incidents | Provides the ability to make modifications to incidents, including status changes. | Disabled | Read/Write |
| - Perform Manual Actions | Provides the ability to manually run remediation actions. | Disabled | Read/Write |
| - Comment on Incidents | Provides the ability to add comments to incidents. | Disabled | Read/Write |
| - Configure ThreatSync | Provides the ability to change device settings and block IP addresses. | Disabled | Read/Write |
| - Configure Policy | Provides the ability to make changes to policy or policy templates. | Disabled | Read/Write |
| AuthPoint | Provides access to the AuthPoint management UI. | Enabled | Read Only |
| Devices | Provides access to manage devices (Fireboxes and access points). | Enabled | Read Only |
| Endpoint Security | Provides access to the Endpoint Security management UI. | Enabled | Read Only |
|
- Assign Licenses |
Allocate and deallocate endpoints to managed accounts. |
Disabled | Read/Write |
|
- Add Filters, Lists, and Scheduled Reports |
Add filters, lists, and scheduled reports. |
Disabled | Read/Write |
|
- Manage Computer Tree |
Add, move, edit, and delete computer groups in My Organization. |
Disabled | Read/Write |
|
- Add, Discover, and Delete Computers |
Deploy the WatchGuard Agent installer. Add, discover, edit, and delete computers. |
Disabled | Read/Write |
|
- Manage Network Settings |
Add, edit, delete, and assign network settings profiles. |
Disabled | Read/Write |
|
- Configure Per-Computer Settings |
Add, edit, delete, and assign per-computer settings profiles. |
Disabled | Read/Write |
|
- Configure Remote Control |
Add, edit, and delete remote control settings for endpoints. |
Disabled | Read/Write |
|
- Remote Computer Control |
Start a remote control session on endpoints. |
Disabled | Read/Write |
|
- Restart and Repair Computers |
Restart computers and reinstall Endpoint Security on computers remotely. |
Disabled | Read/Write |
|
- Isolate Computers |
Isolate and unisolate computers from the network. |
Disabled | Read/Write |
|
- Configure Security for Workstations and Servers |
Add, edit, delete, and assign workstations and servers settings profiles. |
Disabled | Read/Write |
|
- Configure Security for Mobile Devices |
Add, edit, delete, and assign settings profiles for mobile devices. |
Disabled | Read/Write |
|
- Use Anti-Theft Protection for Mobile Devices |
View the geolocation map and send locate, wipe, and lock tasks to mobile devices. |
Disabled | Read/Write |
|
- Launch Scans and Disinfect |
Create, edit, and delete scan and disinfection tasks. |
Disabled | Read/Write |
|
- Search for and Manage IOCs |
Create IOC search tasks and manage IOCs. |
Disabled | Read/Write |
|
- Exclude Threats Temporarily |
Block and unblock or exclude and allow items such as malware and PUPs in the process of classification. |
Disabled | Read/Write |
|
- Configure Patch Management |
Add, edit, delete, and assign Patch Management settings profiles for computers. |
Disabled | Read/Write |
|
- Install, Uninstall and Exclude Patches |
Create patch installation, uninstallation, and exclusion tasks, and access Patch Management lists. |
Disabled | Read/Write |
|
- Configure Program Blocking |
Create, edit, delete, and assign program blocking settings profiles to computers. |
Disabled | Read/Write |
|
- Configure Authorized Software |
Create, edit, delete, and assign authorized software settings profiles to computers. |
Disabled | Read/Write |
|
- Configure IOA |
Create, edit, delete, and assign indicator of attack (IOA) settings profiles. |
Disabled | Read/Write |
|
- Configure MDR |
Configure customer information for Core MDR enrollment. |
Disabled | Read/Write |
|
- Configure Endpoint Access Enforcement |
Create, edit, delete, and assign Endpoint Access Enforcement settings profiles. |
Disabled | Read/Write |
|
- Configure Data Control |
Create, edit, delete, and assign Data Control settings profiles to computers. |
Disabled | Read/Write |
|
- Search for Data on Computers |
Use Data Control to search for files by their name and content across the corporate network. |
Disabled | Read/Write |
|
- Delete and Restore Files |
Delete and restore files from the Personal Data list. |
Disabled | Read/Write |
|
- Configure Computer Encryption |
Create, edit, delete, and assign Full Encryption settings profiles. |
Disabled | Read/Write |
|
- Access Recovery Keys for Encrypted Drives |
View recovery keys for computers that have storage devices encrypted and managed by Endpoint Security. |
Disabled | Read/Write |
|
- Access Advanced Security Information |
Get access to the Advanced Visualization Tool, excluding Data Access Control. |
Disabled | Read/Write |
|
- Access File Access Information |
Get access to the Advanced Visualization Tool, including Data Access Control. |
Disabled | Read/Write |
|
- Access Advanced Data Control Information |
Get access to the Advanced Visualization Tool's Data Access Control interface only |
Disabled | Read/Write |
| FireCloud | Provides access to the FireCloud management UI. | Enabled | Read Only |
Help Desk Built-In Role Default Permissions (Service Provider Operators)
| Service Provider Permissions | Description | Enabled or Disabled by Default | Read/Write or Read-Only Permission |
|---|---|---|---|
| Service Provider Administration | Enables all Service Provider administration permissions in the built-in role. | Enabled | Read/Write |
| - Manage Tenants | Provides the ability to add, edit, convert, and delete managed accounts, request account delegation, and manage WatchGuard Orion services. | Disabled | Read/Write |
| - Configure Account Groups | Provides the ability to add, edit, and delete account groups. | Disabled | Read/Write |
| - Manage Inventory | Provides the ability to allocate inventory to managed accounts. | Disabled | Read/Write |
| Account Administration | Provides access to all account administration functionality in the built-in role. | Enabled | Read/Write |
| - Configure Beta Features | Provides the ability to enable and disable beta features. | Disabled | Read/Write |
| - Configure Branding | Provides the ability to edit custom branding. | Disabled | Read/Write |
| - Manage Delegation | Provides the ability to delegate and revoke account access. | Disabled | Read/Write |
| - Manage Data Retention Licenses | Provides the ability to allocate and deallocate Data Retention Licenses. | Disabled | Read/Write |
| System Administration | Provides access to all system administration functionality in the built-in role. | Enabled | Read/Write |
| - Acknowledge Alerts |
Provides the ability to view and acknowledge alerts. |
Disabled | Read/Write |
| - Configure Notification Rules | Provides the ability to add, edit, and delete notification rules. | Disabled | Read/Write |
| - Schedule Reports | Provides the ability to schedule and delete reports. | Disabled | Read/Write |
| ThreatSync Core | Provides access to the ThreatSync management UI. | Enabled | Read/Write |
| AuthPoint | Provides access to the AuthPoint management UI. | Enabled | Read/Write |
| Devices | Provides access to monitor and configure devices (Fireboxes and access points). | Enabled | Read/Write |
| Endpoint Security | Provides access to the Endpoint Security management UI. | Enabled | Read/Write |
| FireCloud | Provides access to the FireCloud management UI. | Enabled | Read/Write |
Auditor Built-In Role Default Permissions (Service Provider Operators)
| Service Provider Permissions | Description | Enabled or Disabled by Default | Read/Write or Read-Only Permission |
|---|---|---|---|
| Service Provider Administration | Provides read-only access to all Service Provider administration permissions in the built-in role. | Enabled | Read Only |
| - Manage Tenants | Provides the ability to add, edit, convert, and delete managed accounts, request account delegation, and manage WatchGuard Orion services. | Disabled | Read/Write |
| - Configure Account Groups | Provides the ability to add, edit, and delete account groups. | Disabled | Read/Write |
| - Manage Inventory | Provides the ability to allocate inventory to managed accounts. | Disabled | Read/Write |
| - Manage Trials | Provides the ability to start, extend, and cancel trials for managed accounts. | Disabled | Read/Write |
| Account Administration | Provides read-only access to all account administration functionality in the built-in role. | Enabled | Read Only |
| - Configure Beta Features | Provides the ability to enable and disable beta features. | Disabled | Read/Write |
| - Configure Branding | Provides the ability to edit custom branding. | Disabled | Read/Write |
| - Manage Delegation | Provides the ability to delegate and revoke account access. | Disabled | Read/Write |
| - Manage Accounts | Provides the ability to edit contact details for managed accounts. | Disabled | Read/Write |
| - Manage Data Retention Licenses | Provides the ability to allocate and deallocate Data Retention Licenses. | Disabled | Read/Write |
| System Administration | Provides read-only access to all system administration functionality in the built-in role. | Enabled | Read Only |
| - Acknowledge Alerts |
Provides the ability to view and acknowledge alerts. |
Disabled | Read/Write |
| - Configure Notification Rules | Provides the ability to add, edit, and delete notification rules. | Disabled | Read/Write |
| - Schedule Reports | Provides the ability to schedule or delete. | Disabled | Read/Write |
| ThreatSync Core | Provides access to the ThreatSync management UI. | Enabled | Read Only |
| - Manage Incidents | Provides the ability to make modifications to incidents, including status changes. | Disabled | Read/Write |
| - Perform Manual Actions | Provides the ability to manually run remediation actions. | Disabled | Read/Write |
| - Comment on Incidents | Provides the ability to add comments to incidents. | Disabled | Read/Write |
| - Configure ThreatSync | Provides the ability to change device settings and block IP addresses. | Disabled | Read/Write |
| - Configure Policy | Provides the ability to make changes to policy or policy templates. | Disabled | Read/Write |
| AuthPoint | Provides read only access to the AuthPoint management UI. | Enabled | Read Only |
| Devices | Provides read-only access to device management. With read-only access, operators can enable and disable diagnostic logs. Operators with read-only access can also download Firebox configuration files. | Enabled | Read Only |
| Endpoint Security | Provides access to the Endpoint Security management UI. | Enabled | Read Only |
|
- Assign Licenses |
Allocate and deallocate endpoints to managed accounts. |
Disabled | Read/Write |
|
- Add Filters, Lists, and Scheduled Reports |
Add filters, lists, and scheduled reports. |
Disabled | Read/Write |
|
- Manage Computer Tree |
Add, move, edit, and delete computer groups in My Organization. |
Disabled | Read/Write |
|
- Add, Discover, and Delete Computers |
Deploy the WatchGuard Agent installer. Add, discover, edit, and delete computers. |
Disabled | Read/Write |
|
- Manage Network Settings |
Add, edit, delete, and assign network settings profiles. |
Disabled | Read/Write |
|
- Configure Per-Computer Settings |
Add, edit, delete, and assign per-computer settings profiles. |
Disabled | Read/Write |
|
- Configure Remote Control |
Add, edit, and delete remote control settings for endpoints. |
Disabled | Read/Write |
|
- Remote Computer Control |
Start a remote control session on endpoints. |
Disabled | Read/Write |
|
- Restart and Repair Computers |
Restart computers and reinstall Endpoint Security on computers remotely. |
Disabled | Read/Write |
|
- Isolate Computers |
Isolate and unisolate computers from the network. |
Disabled | Read/Write |
|
- Configure Security for Workstations and Servers |
Add, edit, delete, and assign workstations and servers settings profiles. |
Disabled | Read/Write |
|
- Configure Security for Mobile Devices |
Add, edit, delete, and assign settings profiles for mobile devices. |
Disabled | Read/Write |
|
- Use Anti-Theft Protection for Mobile Devices |
View the geolocation map and send locate, wipe, and lock tasks to mobile devices. |
Disabled | Read/Write |
|
- Launch Scans and Disinfect |
Create, edit, and delete scan and disinfection tasks. |
Disabled | Read/Write |
|
- Search for and Manage IOCs |
Create IOC search tasks and manage IOCs. |
Disabled | Read/Write |
|
- Exclude Threats Temporarily |
Block and unblock or exclude and allow items such as malware and PUPs in the process of classification. |
Disabled | Read/Write |
|
- Configure Patch Management |
Add, edit, delete, and assign Patch Management settings profiles for computers. |
Disabled | Read/Write |
|
- Install, Uninstall and Exclude Patches |
Create patch installation, uninstallation, and exclusion tasks, and access Patch Management lists. |
Disabled | Read/Write |
|
- Configure Program Blocking |
Create, edit, delete, and assign program blocking settings profiles to computers. |
Disabled | Read/Write |
|
- Configure Authorized Software |
Create, edit, delete, and assign authorized software settings profiles to computers. |
Disabled | Read/Write |
|
- Configure IOA |
Create, edit, delete, and assign indicator of attack (IOA) settings profiles. |
Disabled | Read/Write |
|
- Configure MDR |
Configure customer information for Core MDR enrollment. |
Disabled | Read/Write |
|
- Configure Endpoint Access Enforcement |
Create, edit, delete, and assign Endpoint Access Enforcement settings profiles. |
Disabled | Read/Write |
|
- Configure Data Control |
Create, edit, delete, and assign Data Control settings profiles to computers. |
Disabled | Read/Write |
|
- Search for Data on Computers |
Use Data Control to search for files by their name and content across the corporate network. |
Disabled | Read/Write |
|
- Delete and Restore Files |
Delete and restore files from the Personal Data list. |
Disabled | Read/Write |
|
- Configure Computer Encryption |
Create, edit, delete, and assign Full Encryption settings profiles. |
Disabled | Read/Write |
|
- Access Recovery Keys for Encrypted Drives |
View recovery keys for computers that have storage devices encrypted and managed by Endpoint Security. |
Disabled | Read/Write |
|
- Access Advanced Security Information |
Get access to the Advanced Visualization Tool, excluding Data Access Control. |
Disabled | Read/Write |
|
- Access File Access Information |
Get access to the Advanced Visualization Tool, including Data Access Control. |
Disabled | Read/Write |
|
- Access Advanced Data Control Information |
Get access to the Advanced Visualization Tool's Data Access Control interface only |
Disabled | Read/Write |
| FireCloud | Provides read-only access to the FireCloud management UI. | Enabled | Read Only |
Default Permissions for Subscriber Operator Roles
Permissions you can enable or disable for a Subscriber custom role depend on the built-in role selected. There are three built-in operator roles that an Administrator operator can use to create a custom role:
- Administrator — Administrators can add custom branding options to the account. They are the only Subscriber operators who can add, edit, and delete other operators. Administrators have access to the Advanced Visualization Tool with an Endpoint Security license and the Advanced Reporting Tool or Data Control module.
- Analyst —Analysts have full permissions to configure services and read-only permission everywhere else.
- Observer — Observers have read-only permission throughout their account.
This table lists the permissions enabled by default with each built-in role and shows whether the permissions are available as read/write or read-only. If a permission is enabled or disabled by default, the text Enabled or Disabled shows in the relevant column. If a permission is read/write or read only, it shows as Read/Write or Read Only in the column. When read/write access is removed, the functional area is not editable. If read-only access is removed, the functional area is not visible.
In the built-in role, there are top-level categories for the permissions (Account Administration and System Administration). These top-level categories are more than the summation of any permissions they contain. The granular permissions within a top-level category are the only permissions you can add.
Some permissions are linked to other permissions. For example, the ThreatSync Core permission is linked to the AuthPoint, Devices, and Endpoint Security permissions. ThreatSync provides extended detection capabilities through the correlation of data from Fireboxes, Access Points and Endpoint Security (Advanced EPDR, EPDR, EDR, and EDR Core). When you select ThreatSync Core, it automatically selects the linked permissions.
Administrator Built-In Role Default Permissions (Subscriber Operators)
| Subscriber Permissions | Description | Enabled or Disabled by Default | Read/Write or Read-Only Permission |
|---|---|---|---|
| Account Administration | Provides access to all account administration functionality in the built-in role. | Enabled | Read/Write |
| - Manage Trials | Only available to tier-1 Subscriber accounts. Provides the ability to start, extend, and cancel trials for their account. | Disabled | Read/Write |
| - Manage WatchGuard Orion | Only available to tier-1 Subscriber accounts. Provides the ability to manage Orion threat hunting services for their account. | Disabled | Read/Write |
| System Administration | Provides access to all system administration functionality in the built-in role. | Enabled | Read/Write |
| ThreatSync Core | Provides access to the ThreatSync management UI. | Enabled | Read/Write |
| AuthPoint | Provides access to the AuthPoint management UI. | Enabled | Read/Write |
| Devices | Provides access to monitor and configure devices (Fireboxes and access points). | Enabled | Read/Write |
| Endpoint Security | Provides access to the Endpoint Security management UI. | Enabled | Read/Write |
| FireCloud | Provides access to the FireCloud management UI. | Enabled | Read/Write |
Analyst Built-In Role Default Permissions (Subscriber Operators)
| Subscriber Permissions | Description | Enabled or Disabled by Default | Read/Write or Read-Only Permission |
|---|---|---|---|
| Account Administration | Provides access to all account administration functionality in the built-in role. | Enabled | Read Only |
| - Configure Beta Features | Provides the ability to enable and disable beta features. | Disabled | Read/Write |
| - Configure Branding | Provides the ability to edit custom branding. | Disabled | Read/Write |
| - Manage Data Retention Licenses | Provides the ability to allocate and deallocate Data Retention Licenses. | Disabled | Read/Write |
| - Manage WatchGuard Orion | Only available to tier-1 Subscriber accounts. Provides the ability to manage Orion threat hunting services for their account. | Disabled | Read/Write |
| System Administration | Provides access to all system administration functionality in the built-in role. | Enabled | Read/Write |
| ThreatSync Core | Provides access to the ThreatSync management UI. | Enabled | Read/Write |
| AuthPoint | Provides access to the AuthPoint management UI. | Enabled | Read/Write |
| Devices | Provides access to monitor and configure devices (Fireboxes and access points). | Enabled | Read/Write |
| Endpoint Security | Provides access to the Endpoint Security management UI. | Enabled | Read/Write |
| FireCloud | Provides access to the FireCloud management UI. | Enabled | Read/Write |
Observer Built-In Role Default Permissions (Subscriber Operators)
| Subscriber Permissions | Description | Enabled or Disabled by Default | Read/Write or Read-Only Permission |
|---|---|---|---|
| Account Administration | Provides read-only access to all account administration functionality in the built-in role. | Enabled | Read Only |
| - Configure Beta Features | Provides the ability to enable and disable beta features. | Disabled | Read/Write |
| - Configure Branding | Provides the ability to edit custom branding. | Disabled | Read/Write |
| - Manage Delegation | Provides the ability to delegate and revoke account access. | Disabled | Read/Write |
| - Manage Data Retention Licenses | Provides the ability to allocate and deallocate Data Retention Licenses. | Disabled | Read/Write |
| System Administration | Provides read-only access to all system administration functionality in the built-in role. | Enabled | Read Only |
| - Acknowledge Alerts |
Provides the ability to view and acknowledge alerts. |
Disabled | Read/Write |
| - Configure Notification Rules | Provides the ability to add, edit, and delete notification rules. | Disabled | Read/Write |
| - Schedule Reports | Provides the ability to schedule or delete. | Disabled | Read/Write |
| ThreatSync Core | Provides read-only access to the ThreatSync management UI. | Enabled | Read Only |
| AuthPoint | Provides read-only access to the AuthPoint management UI. | Enabled | Read Only |
| Devices | Provides read-only access to device management. With read-only access, operators can enable and disable diagnostic logs. Operators with read-only access can also download Firebox configuration files. | Enabled | Read Only |
| Endpoint Security | Provides access to the Endpoint Security management UI. | Enabled | Read Only |
|
- Assign Licenses |
Allocate and deallocate endpoints to managed accounts. |
Disabled | Read/Write |
|
- Add Filters, Lists, and Scheduled Reports |
Add filters, lists, and scheduled reports. |
Disabled | Read/Write |
|
- Manage Computer Tree |
Add, move, edit, and delete computer groups in My Organization. |
Disabled | Read/Write |
|
- Add, Discover, and Delete Computers |
Deploy the WatchGuard Agent installer. Add, discover, edit, and delete computers. |
Disabled | Read/Write |
|
- Manage Network Settings |
Add, edit, delete, and assign network settings profiles. |
Disabled | Read/Write |
|
- Configure Per-Computer Settings |
Add, edit, delete, and assign per-computer settings profiles. |
Disabled | Read/Write |
|
- Configure Remote Control |
Add, edit, and delete remote control settings for endpoints. |
Disabled | Read/Write |
|
- Remote Computer Control |
Start a remote control session on endpoints. |
Disabled | Read/Write |
|
- Restart and Repair Computers |
Restart computers and reinstall Endpoint Security on computers remotely. |
Disabled | Read/Write |
|
- Isolate Computers |
Isolate and unisolate computers from the network. |
Disabled | Read/Write |
|
- Configure Security for Workstations and Servers |
Add, edit, delete, and assign workstations and servers settings profiles. |
Disabled | Read/Write |
|
- Configure Security for Mobile Devices |
Add, edit, delete, and assign settings profiles for mobile devices. |
Disabled | Read/Write |
|
- Use Anti-Theft Protection for Mobile Devices |
View the geolocation map and send locate, wipe, and lock tasks to mobile devices. |
Disabled | Read/Write |
|
- Launch Scans and Disinfect |
Create, edit, and delete scan and disinfection tasks. |
Disabled | Read/Write |
|
- Search for and Manage IOCs |
Create IOC search tasks and manage IOCs. |
Disabled | Read/Write |
|
- Exclude Threats Temporarily |
Block and unblock or exclude and allow items such as malware and PUPs in the process of classification. |
Disabled | Read/Write |
|
- Configure Patch Management |
Add, edit, delete, and assign Patch Management settings profiles for computers. |
Disabled | Read/Write |
|
- Install, Uninstall and Exclude Patches |
Create patch installation, uninstallation, and exclusion tasks, and access Patch Management lists. |
Disabled | Read/Write |
|
- Configure Program Blocking |
Create, edit, delete, and assign program blocking settings profiles to computers. |
Disabled | Read/Write |
|
- Configure Authorized Software |
Create, edit, delete, and assign authorized software settings profiles to computers. |
Disabled | Read/Write |
|
- Configure IOA |
Create, edit, delete, and assign indicator of attack (IOA) settings profiles. |
Disabled | Read/Write |
|
- Configure MDR |
Configure customer information for Core MDR enrollment. |
Disabled | Read/Write |
|
- Configure Endpoint Access Enforcement |
Create, edit, delete, and assign Endpoint Access Enforcement settings profiles. |
Disabled | Read/Write |
|
- Configure Data Control |
Create, edit, delete, and assign Data Control settings profiles to computers. |
Disabled | Read/Write |
|
- Search for Data on Computers |
Use Data Control to search for files by their name and content across the corporate network. |
Disabled | Read/Write |
|
- Delete and Restore Files |
Delete and restore files from the Personal Data list. |
Disabled | Read/Write |
|
- Configure Computer Encryption |
Create, edit, delete, and assign Full Encryption settings profiles. |
Disabled | Read/Write |
|
- Access Recovery Keys for Encrypted Drives |
View recovery keys for computers that have storage devices encrypted and managed by Endpoint Security. |
Disabled | Read/Write |
|
- Access Advanced Security Information |
Get access to the Advanced Visualization Tool, excluding Data Access Control. |
Disabled | Read/Write |
|
- Access File Access Information |
Get access to the Advanced Visualization Tool, including Data Access Control. |
Disabled | Read/Write |
|
- Access Advanced Data Control Information |
Get access to the Advanced Visualization Tool's Data Access Control interface only |
Disabled | Read/Write |
| FireCloud | Provides read-only access to the FireCloud management UI. | Enabled | Read Only |
Manage WatchGuard Cloud Operators and Roles