Applies To: WatchGuard Core MDR, WatchGuard Core MDR for Microsoft, WatchGuard Total MDR, WatchGuard Open MDR
WatchGuard Managed Detection and Response (MDR) keeps your organization safe with security monitoring, threat hunting, attack detection, investigation, and containment.
Powered by innovative AI technologies, the MDR service is fully managed by WatchGuard. Our cybersecurity experts provide 24/7 support to you or your customers to elevate overall cyberresiliency and minimize the time to detect and respond to threats. In the event of a potential cyberattack, the WatchGuard MDR team guides you through the containment and remediation process.
Managed Services Products
WatchGuard offers these Managed Services products:
WatchGuard Core MDR
For environments that use one of the Endpoint Security products - WatchGuard Endpoint Security Elite, Endpoint Security 360, Endpoint Security Prime, and Panda Adaptive Defense 360, WatchGuard Core MDR enables the WatchGuard MDR team to monitor licensed endpoints and your cloud-based Microsoft 365 environment.
WatchGuard Core MDR is licensed as an Endpoint Security module. For more information on WatchGuard Core MDR, go to WatchGuard Endpoint Security Modules. For information on Endpoint Security product licenses, go to About Endpoint Security Licenses.
WatchGuard Core MDR for Microsoft
For environments that use Microsoft Defender for Endpoints, WatchGuard Core MDR for Microsoft enables the WatchGuard MDR team to monitor endpoints in your Microsoft Defender for Endpoints environment and your cloud-based Microsoft 365 environment. You must have your own Microsoft Defender for Endpoints license.
WatchGuard Total MDR
WatchGuard Total MDR monitors your endpoints licensed with one of the WatchGuard Endpoint Security Elite, Endpoint Security 360, Endpoint Security Prime products.
WatchGuard Total MDR can also monitor WatchGuard Fireboxes (with a Total Security Suite license), ThreatSync+ NDR, and user authentications for AuthPoint Multi-Factor Authentication and AuthPoint Total Identity Security.
For third-party cloud integrations, WatchGuard Total MDR can monitor Microsoft 365, Microsoft Defender for Endpoints, AWS CloudTrail, AWS and Azure Cloud Security Posture Management (CSPM) environments, and Google Workspace.
WatchGuard Open MDR
WatchGuard Open MDR monitors your endpoints licensed with one of the WatchGuard Endpoint Security Elite, Endpoint Security 360, Endpoint Security Prime products.
WatchGuard Open MDR can also monitor WatchGuard Fireboxes (with a Total Security Suite license), ThreatSync+ NDR, and user authentications for AuthPoint Multi-Factor Authentication and AuthPoint Total Identity Security.
For third-party cloud integrations, WatchGuard Open MDR can monitor Microsoft 365, Microsoft Defender for Endpoints, AWS CloudTrail, AWS and Azure Cloud Security Posture Management (CSPM) environments, Google Workspace, CrowdStrike EDR, Okta, and Duo.
In addition, the WatchGuard Open MDR can collect and monitor syslog data from many third-party firewalls.
For more information about MDR licenses, go to About WatchGuard MDR Licenses.
Eligibility and Onboarding
WatchGuard MDR is a managed service provided by WatchGuard to eligible partners and customers. To learn more about how WatchGuard works with partners to provide MDR services, go to Get Started with WatchGuard MDR.
Managed Services Portal
The Managed Services portal provides a unified view of MDR incidents and detections for your managed accounts and enables you to quickly identify and address risks so that you can strengthen your defenses.
For information about how to use the Managed Services portal, go to About the Managed Services Portal.