Applies To: WatchGuard Cloud
The WatchGuard Agent is an application you install on endpoints in your network so that WatchGuard Cloud can communicate with them. The agent has low CPU, memory, and bandwidth requirements.
The WatchGuard Agent has three primary purposes:
- Deploy WatchGuard software, such as the WatchGuard Connection Manager for FireCloud and Endpoint Security product software, through deployment of a single agent.
- Regularly communicate with WatchGuard Cloud to make sure that the latest software is installed on the endpoint. When WatchGuard releases a new version of installed software, the WatchGuard Agent can automatically download and install the new version.
- Handle communication between managed computers on the same network and between managed computers. This includes sending status information to the WatchGuard Cloud servers to centrally monitor all products and components installed on endpoints.
The WatchGuard Agent also communicates with WatchGuard Cloud to verify whether your account is licensed for new products and can then install the product software. For example, if your FireCloud license or trial expires, after the 7-day grace period, the WatchGuard Agent uninstalls the WatchGuard Connection Manager from your endpoints. When your account has an active license again, the WatchGuard Agent downloads and installs the software again on the selected endpoint devices. Also, if a user previously uninstalled the WatchGuard Connection Manager or an Endpoint Security product, the WatchGuard Agent installs the software again on the endpoint.
The Configure > Agent Deployment page in WatchGuard Cloud shows endpoints with the WatchGuard Agent installed and indicates for each account whether WatchGuard software is automatically installed by the agent on the endpoints. From a Subscriber account, the Agent Deployment page shows the deployment behavior (Install or Do Not Install) for each product. When an account has multiple products that use the WatchGuard Agent to install software, you can configure product deployment from the Agent Deployment page. For more information, go to Configure WatchGuard Agent Deployment in WatchGuard Cloud.
Installation Scenarios
There are multiple locations where you can download the WatchGuard Agent installer. The information in this section describes where and when you might download the installer from different locations.
Select the Subscriber account in Account Manager, and then download and install the WatchGuard Agent from the Endpoint Security management UI (Monitor > Endpoint Security > Computers) or the Monitor > Endpoints page. Different installers are available for each type of operating system. For detailed instructions, go to Download the WatchGuard Agent Installer for Endpoint Security Products.
The WatchGuard Agent installs the Endpoint Security products and modules automatically on supported devices. You can modify this behavior on the Agent Deployment page. For more information, go to Configure WatchGuard Agent Deployment in WatchGuard Cloud.
Select the Subscriber account in Account Manager, and then download and install the WatchGuard Agent from the FireCloud UI (Configure > FireCloud > Endpoint Installation) or the Monitor > Endpoints page. For detailed instructions, go to About the WatchGuard Connection Manager.
The WatchGuard Agent installs FireCloud software automatically on any supported device. You can modify this behavior on the Agent Deployment page. For more information, go to Configure WatchGuard Agent Deployment in WatchGuard Cloud.
Select the Subscriber account in Account Manager, and then download and install the WatchGuard Agent from the ThreatSync+ Integrations UI (Configure > ThreatSync+ Integrations > Collection Agents) for computers you want to use as collection agents. Different installers are available for Windows and Linux operating systems. For detailed instructions, go to About ThreatSync+ NDR Collection Agents.
After you install the WatchGuard Agent on a computer for ThreatSync+ NDR, the computer shows in the Monitor > Endpoints and Configure > Agent Deployment pages.
- Make sure that the account has users and endpoints allocated from both product licenses.
- In the Endpoint Security management UI, create endpoint groups and configure settings for endpoints assigned to the group. Endpoint groups are used to assign Endpoint Security security settings and they can inherit configurations from other groups. For more information on endpoint groups, go to Manage Computers and Devices in Groups in Endpoint Security.
You can also create endpoint groups in the Endpoint Security management UI to assign different deployment behavior on the Agent Deployment page for endpoints with FireCloud.
- On the Configure > Agent Deployment page, edit the deployment behavior for Endpoint Security and FireCloud for the endpoint groups you created. For more information, go to Configure WatchGuard Agent Deployment in WatchGuard Cloud.
- Download and install the WatchGuard Agent on the endpoints. For more information, go to Download and Install the WatchGuard Agent from WatchGuard Cloud.
The WatchGuard Agent installs Endpoint Security and FireCloud for the endpoints and endpoint groups where you set the deployment behavior to Install.
You can move endpoints to different endpoint groups on the Monitor > Endpoints page. For more information, go to Move Endpoints in WatchGuard Cloud.
By default, when you allocate FireCloud users to the account, the deployment behavior for the endpoints and endpoint groups in the account is set to Do Not Install. To install FireCloud, from the Configure > Agent Deployment page, update the deployment behavior for the endpoints where you want to install FireCloud to Install.
Before you begin, make sure that the account has users and endpoints allocated from both product licenses.
In the Endpoint Security management UI, create endpoint groups and configure settings for endpoints that you assign to each group. For information on endpoint groups in Endpoint Security, go to Manage Computers and Devices in Groups in Endpoint Security.
On the Configure > Agent Deployment page in WatchGuard Cloud, edit the deployment behavior for Endpoint Security for the endpoint groups you created.
Download and install the WatchGuard Agent on the endpoints. For more information, go to Download and Install the WatchGuard Agent from WatchGuard Cloud. The WatchGuard Agent installs Endpoint Security for the endpoints and groups where you set the deployment behavior to Install.
In the ThreatSync+ Integrations UI (Configure > ThreatSync+ Integrations > Collection Agents), select the endpoint where you want the WatchGuard Agent to install the ThreatSync+ NDR Collection Agent. For detailed instructions, go to About ThreatSync+ NDR Collection Agents. After you install the WatchGuard Agent on a computer that you want to use as a collection agent, the computer shows in the Monitor > Endpoints and Configure > Agent Deployment pages.
Configure WatchGuard Agent Deployment in WatchGuard Cloud
Download and Install the WatchGuard Agent from WatchGuard Cloud