Applies To: Endpoint Security Prime
Endpoint Security Prime is an endpoint detection and response solution that delivers full EDR capabilities, such as advanced malware detection, anti-exploit protection, threat visibility and context for root cause analysis, and network attack detection.
This table shows the features that are supported and not supported by Endpoint Security 360 and Endpoint Security Prime.
| FEATURE |
Endpoint Security 360 |
Endpoint Security Prime |
|---|---|---|
| Protection | ||
| Detection of code injection in running processes | Supported | Supported |
| Protection against known and zero-day malware | Supported | Supported |
| Protection against known and zero-day ransomware | Supported | Supported |
| Protection against known and zero-day exploits | Supported | Supported |
| Anti-phishing protection | Supported | Supported |
| Protection for multiple attack vectors (web, email, network, devices) | Supported | Supported |
| Traditional protection with generic and optimized signatures | Supported | Supported |
| Protection against advanced persistent threats (APTs) | Supported | Supported |
| Zero-Trust Application Service | Supported | Not Supported |
| Queries to WatchGuard cloud-based collective intelligence | Supported | Supported |
| Self-learning AI: Context-based behavioral detection | Supported | Supported |
| Self-learning AI: Malicious installer blocking (MSI) | Supported | Supported |
| Self-learning AI: Malicious .NET detection | Supported | Supported |
| Personal and managed firewall | Supported | Supported |
| IDS / HIPS | Supported | Supported |
| Network attack protection | Supported | Supported |
| Device control | Supported | Supported |
| URL filtering by category (web browsing monitoring) | Supported | Supported |
| Monitoring | ||
| Endpoint risk monitoring | Supported | Supported |
| Cloud-based continuous monitoring of all process activity | Supported | Supported |
| Data retention for retrospective attack investigation | Supported | Supported* |
| Vulnerability assessment | Supported | Supported |
| Detection | ||
| Detection of vulnerable driver | Supported | Supported |
| Fully configurable and instant security risk alerts | Supported | Supported |
| Detection of compromised trusted applications | Supported | Not Supported |
| eXtended Detection and Response (XDR) capabilities | Supported | Supported |
| Containment | ||
| Real-time computer isolation, scan and restart from the management UI | Supported | Supported |
| Response and Remediation | ||
| Ability to roll back and remediate the actions taken by attackers | Supported | Supported |
| Centralized quarantine | Supported | Supported |
| Automatic analysis and disinfection | Supported | Supported |
| Shadow copies | Supported | Supported |
| Ability to block unknown and unwanted applications | Supported | Not Supported |
| eXtended Detection and Response (XDR) capabilities | Supported | Supported |
| Investigation | ||
| Automated and interactive incident attack story | Supported | Supported |
| Ability to export lifecycle information for local analysis | Supported | Supported |
| Advanced Reporting Tool (add-on module) | Supported | Supported** |
| Discovery and monitoring of unstructured personal data across endpoints (add-on module)* | Supported | Supported** |
| Attack Surface Reduction | ||
| Endpoint Access Enforcement | Supported | Not Supported |
| Lock mode in the Zero-Trust Application Service | Supported | Not Supported |
| Anti-exploit technology | Supported | Supported |
| Block programs by hash or name (for example, PowerShell) | Supported | Not Supported |
| Device Control | Supported | Supported |
| Web protection | Supported | Supported |
| Automatic updates | Supported | Supported |
| Automatic discovery of unprotected endpoints | Supported | Supported |
| Patch Management for OS and third-party applications (add-on module) | Supported | Supported |
| Security for VPN connections (requires Firebox) | Supported | Supported |
| Secure access to Wi-Fi network through access points | Supported | Supported |
| Endpoint Security Management | ||
| Centralized cloud-based management UI | Supported | Supported |
| Settings inheritance between groups and endpoints | Supported | Supported |
| Ability to configure and apply settings on a group basis | Supported | Supported |
| Ability to configure and apply settings on a per-endpoint basis | Supported | Supported |
| Real-time deployment of settings from the management UI to endpoints | Supported | Supported |
| Security management based on endpoint views and dynamic filters | Supported | Supported |
| Ability to schedule and perform tasks on endpoint views | Supported | Supported |
| Ability to assign preconfigured roles to management UI users | Supported | Supported |
| Ability to customize local alerts | Supported | Supported |
| Ability to control restarts for patch and protection updates | Supported | Supported |
| User activity auditing | Supported | Supported |
| Installation through MSI packages, download URLs, and emails sent to end users | Supported | Supported |
| On-demand and scheduled reports at different levels and with multiple granularity options | Supported | Supported |
| Security KPIs and management dashboards | Supported | Supported |
| API availability | Supported | Supported |
| Remote Monitoring & Management (RMM) Integrations | ||
| ConnectWise Automate | Supported | Supported |
| ConnectWise RMM | Supported | Supported |
| Kaseya VSA | Supported | Supported |
| N-able N-central | Supported | Supported |
| N-able N-sight | Supported | Supported |
| NinjaOne (Automated Deployment Scripting) | Supported | Supported |
| Modules | ||
| WatchGuard Data Control*** | Supported | Supported** |
| WatchGuard Advanced Reporting Tool | Supported | Supported** |
| WatchGuard Patch Management | Supported | Supported |
| WatchGuard Full Encryption | Supported | Supported |
| WatchGuard SIEMFeeder | Supported | Supported** |
| WatchGuard Orion | Supported | Supported |
| WatchGuard Core MDR | Supported | Supported |
| 1-Year Data Retention | Supported | Supported |
| Supported Operating Systems | ||
| Windows Intel | Supported | Supported |
| Windows ARM | Supported | Supported |
| macOS Intel | Supported | Supported |
| macOS ARM (M1 and M2) | Supported | Supported |
| Linux | Supported | Supported |
| Android | Supported | Supported |
| iOS | Supported | Supported |
| Support for virtual environments — persistent and non-persistent (VDI)**** | Supported | Supported |
* Incident-related retention for 30 days
** Not available for the Early Access Program
*** WatchGuard Data Control is supported in these countries only: Austria, Belgium, Denmark, Finland, France, Germany, Holland, Italy, Ireland, Norway, Portugal, Spain, Sweden, and the UK.
**** Compatible systems with these types of virtual machines: VMware Desktop, VMware Server, VMware ESX, VMware ESXi, Citrix XenDesktop, XenApp, XenServer, MS Virtual Desktop and MS Virtual Servers. Endpoint Security 360 is compatible with Citrix Virtual Apps, Citrix Desktops 1906 & Citrix Workspace App for Windows.
About WatchGuard Endpoint Security
Supported Features by Endpoint Security Product