Install the Endpoint Software Remotely (Windows Computers)

Applies To: WatchGuard Advanced EPDR This topic applies to the WatchGuard Advanced EPDR endpoint security product., WatchGuard EPDR This topic applies to the WatchGuard EPDR endpoint security product., WatchGuard EDR This topic applies to the WatchGuard EDR endpoint security product., WatchGuard EPP This topic applies to the WatchGuard EPP endpoint security product., WatchGuard EDR Core This topic applies to the WatchGuard EDR Core, available in the Total Security Suite license.

WatchGuard Endpoint Security includes tools to find unmanaged computers and devices on the network and to open a remote installation session from the Endpoint Security management UI.

The Unmanaged Computers Discovered list shows computers discovered on the network that do not have WatchGuard Endpoint Security installed, as well as computers where the endpoint security product does not work properly. Use the Unmanaged Computers Discovered list to identify which computers you need to install the endpoint software on. For more information, go to Unmanaged Computers Discovered List .

An unprotected computer has installed the WatchGuard Agent and WatchGuard Endpoint Security, but is not protected due to an error or outdated protection. For more information, go to Reinstall Endpoint Software Remotely (Windows Computers).

Install the WatchGuard Agent Remotely on Unmanaged Computers

After you identify computers and servers that are unmanaged, you can remotely install WatchGuard Endpoint Security software on computers and servers that meet these requirements:

• UDP ports 21226 and 137 must be accessible
• TCP port 445 must be accessible
• NetBIOS over TCP must be enabled
• DNS queries must be allowed
• Access to the Admin$ administrative share must be allowed. You must explicitly enable this feature on Windows Home editions.
• You must have domain administrator credentials or credentials for the local administrator account created by default when the operating system was installed.
• Windows Remote Management must be enabled.
  • In Control Panel > Network and Sharing Center > Advanced Sharing Settings, select Turn on network discovery and Turn on file and printer sharing.

To remotely install the WatchGuard Agent on one or more unmanaged computers:

1. In WatchGuard Cloud, select Monitor > Endpoints.
2. Select Status.
3. From the left pane, select the Security dashboard.
4. In the Protection Status tile, click the xx computers have been discovered that are not being managed link.

5. In the upper-right of the table, select Discovered or Hidden, based on the status of the relevant computers.

6. Select the computer you want to install the endpoint software on.
7. Next to the computer, click the options menu and select Install WatchGuard Agent.
   To install the endpoint software on multiple computers simultaneously, select check boxes to the left of each computer, then select Install WatchGuard Agent.
8. Select the group to add computers to and select the network settings.
   For more information, go to Download the WatchGuard Agent Installer.

9. Enter one or multiple installation credentials.
   Use the local administrator credentials for the target computer(s) or domain administrator credentials.
10. Click Install.

To remotely install the WatchGuard Agent from the Computer details window:

1. Select a discovered computer.
   The Computer details window opens.

2. Click Install WatchGuard Agent.
3. Select the group to add computers to and select the network settings.
   For more information, go to Download the WatchGuard Agent Installer.

4. Enter one or multiple installation credentials.
   Use the local administrator credentials for the target computer(s) or domain administrator credentials.
5. Click Install.

Related Topics

Installation Requirements

Quick Start — Set Up WatchGuard EDR Core

Designate a Discovery Computer

Hide Computers from Installation

Download the WatchGuard Agent Installer