Endpoint Security Supported Features by Platform
Applies To: WatchGuard Advanced EPDR, WatchGuard EPDR, WatchGuard EDR, WatchGuard EPP, WatchGuard EDR Core
Not all features are available for all supported platforms. Features available differ by computer platform. This table lists available features and the platforms that support them.
Available Features | Windows (Intel & ARM) |
Linux |
macOS (Intel & ARM) |
Android |
iOS |
---|---|---|---|---|---|
General | |||||
Web-based management UI | |||||
Information in dashboards | |||||
Filter-based computer organization | |||||
Group-based computer organization | |||||
Lists and Reports | |||||
Frequency that malware, PUPs and exploit activity, and blocked programs are sent to the server | 1 min | 10 min | 10 min | Immediately after scan completes | N/A |
Frequency that other detections are sent to the server | 15 min | 15 min | 15 min | Immediately after scan completes | 15 min |
List of detections | |||||
Executive reports | |||||
Scheduled executive reports | |||||
Protection | |||||
Anti-tamper protection | |||||
Anti-phishing | |||||
Real-time permanent antivirus protection | |||||
Contextual detections | |||||
Network attack protection | |||||
Anti-exploit protection | |||||
Continuous endpoint risk monitoring | |||||
Threat Hunting Service (High-fidelity indicators of attack mapped to MITRE ATT&CK) | |||||
Advanced indicators of attack |
(Advanced EPDR only) |
||||
Zero-Trust Application Service (Hardening and Lock) | |||||
Shadow copies | |||||
Decoy files | |||||
Audit mode | |||||
Risk evaluation | |||||
Vulnerability assessment | |||||
Firewall | |||||
URL filtering | |||||
Device control | |||||
STIX IOCs and YARA rules search |
(Advanced EPDR only) |
||||
Advanced security policies to reduce the attack surface |
(Advanced EPDR only) |
||||
Threat Hunting Service (Non-deterministic indicators of attack mapped to MITRE ATT&CK with contextual telemetry) |
(Advanced EPDR only) |
||||
Anti-theft | |||||
Hardware and Software Information | |||||
Hardware | |||||
Software | |||||
Software change log | |||||
Information about installed OS patches | |||||
Vulnerability assessment | |||||
Settings | |||||
Security settings for workstations and servers | NA | NA | |||
Password to uninstall the protection and take actions locally | |||||
Network access enforcement | |||||
Secure access to Wi-Fi network through access points | |||||
Ability to establish multiple proxies | NA | NA | |||
Ability to work as a WatchGuard proxy | NA | NA | |||
Ability to use the WatchGuard proxy | NA | NA | |||
Ability to work as a repository or cache | NA | NA | |||
Ability to use the repository or cache | NA | NA | |||
Discovery of unprotected computers | |||||
Email alerts in the event of an infection | |||||
Email alerts when finding an unprotected computer | |||||
Remote Actions from the Management UI | |||||
Real-time actions | |||||
On-demand scans | NA | ||||
Scheduled scans | NA | ||||
Remote installation of the agent | |||||
Ability to reinstall the agent and protection | |||||
Computer restart | |||||
Computer isolation | |||||
Authorized software by hash or program properties | |||||
Program blocking by hash and program name | |||||
Remote Control shell to manage processes and services, file transfers, command line tools, get dumps, pcap and more. |
(Advanced EPDR only) |
||||
Updates and Upgrades | |||||
Signature updates | NA | ||||
Protection upgrades | NA | ||||
Ability to schedule protection upgrades | Google Play | App Store | |||
Modules | |||||
WatchGuard Advanced Reporting Tool | |||||
WatchGuard Patch Management | * | ||||
WatchGuard Data Control | |||||
WatchGuard Full Encryption | |||||
WatchGuard SIEMFeeder | |||||
WatchGuard MDR |
* The feature works on Windows (Intel) and partially on Windows (ARM).
Installation Requirements (external link)
Operating System Compatibility for Endpoint Security Features (external link)