Product and Support News

ThreatSync (XDR) General Availability and EOS/EOL Schedule for TDR

What’s new: 

ThreatSync is a WatchGuard Cloud service that provides XDR technology for WatchGuard Network and Endpoint Security products that: 

  • Provides a UX primarily for incident responders 
  • Displays malicious detections as incidents 
  • Correlates events to create new malicious detections 
  • Enables responders to respond on-demand or configure automated responses to malicious detections and abnormal behaviors 
  • Has service provider capabilities including aggregated dashboards, automation templates, and email notifications 

ThreatSync provides extended detection capabilities by correlating data from different WatchGuard security products that indicate the presence of threat actors in the organization. By using multiple products and correlating activities monitored from different security products, ThreatSync scores and detects malicious scenarios that could be indicators of compromise (IoCs), enabling mean-time-to-detect (MTTD) reduction and swift containment of the impact, severity, and scope. 

How do I get ThreatSync?

ThreatSync is a WatchGuard unified security feature included by default with any Firebox Total Security Suite (TSS) subscription and WatchGuard Endpoint Protection, Detection and Response (EPDR) and Endpoint Detection and Response (EDR) products. The more WatchGuard products you have, the more visibility and expanded XDR features you gain access to. And deployment is as easy as it gets. You simply browse to a ThreatSync page and click Enable to get ThreatSync to start using the products you already own. 

What about TDR?

With the arrival of ThreatSync as the WatchGuard Cloud service that correlates network and endpoint data to detect new malicious activity, it is time to start to phase out the use of Threat Detection and Response (TDR). We recently released EDR Core as a replacement for the TDR Host Sensor to provide you with equivalent or superior capabilities to those you have with Threat Detection and Response today. In conjunction with that release, we will mark specific Threat Detection and Response features end-of-sale and end- of-life. 

Here is the full schedule for this transition:

Event  Date
End-of-support for legacy Firebox logging to TDR 
(logging not through WGC Firebox Visibility)
9 March 2023
End-of-life for AD Helper 9 March 2023 
End-of-sale for TDR Host Sensor Add-on Packs 30 April 2023
End–of-life for TDR 30 September 2023

Find out more For more information about ThreatSync, go to About ThreatSync in the Help Center.

Filed under: Network Security