Applies To: WatchGuard Advanced EPDR, WatchGuard EPDR, WatchGuard EDR, WatchGuard EPP
On the Computers page, when you select a filter or group from the left pane, the right pane shows a table of the computers on the network. Icons on this page can indicate possible problems. Point the mouse to an icon to review information on errors.
Icons
Icons in the Computer column can indicate possible problems.
-
— The WatchGuard Agent has been unable to isolate the computer. The computer could be turned off or offline. The WatchGuard Agent will continue to try to isolate the computer. -
— The computer is isolated. -
— The WatchGuard Agent has been unable to remove the isolate command from the computer. The computer could be turned off or offline. The WatchGuard Agent will continue to try to remove the command. -
— The administrator has requested that the WatchGuard Agent on this computer be reinstalled. The operation is not complete. This could be because the computer is turned off or offline, or the reinstallation is in progress. -
— There was an error when the WatchGuard Agent attempted to reinstall the endpoint security software. -
- The Verbose mode is enabled on the computer.
Point the mouse to an icon to view information on errors. To view the computer details and more information on an issue, select a computer or device in the list.
Notifications
In the top section of the page, pink boxes provide information on alerts or notifications to help you identify problems encountered on the computer or device.
These tables list the types of notifications generated and recommended actions.
Isolated Computers
| Notification | Description |
|---|---|
|
Isolated computer |
The administrator has isolated the computer and Endpoint Security blocked all connections except for those required by WatchGuard Endpoint Security to work properly. For more information, go to Isolate a Computer. |
|
We're trying to isolate this computer |
The WatchGuard Cloud server attempted to isolate the computer but cannot because the computer is offline or turned off. For more information, go to Offline Computers. |
|
We're trying to stop isolating this computer |
The WatchGuard Cloud server cannot stop the isolation command for the computer because the computer is offline or turned off. For more information, go to Offline Computers. |
Computers in Containment Mode
| Alert | Description |
|---|---|
| Computer in “RDP attack containment” mode |
The computer received a high number of failed RDP connection attempts, and Endpoint Security has blocked all RDP connections to contain the attack. For more information, go to Configure RDP Attack Settings. |
| We’re trying to end the “RDP attack containment” mode on this computer |
The administrator has manually ended RDP Attack Containment mode on the computer, but the operation is not yet complete. This could be because the computer is turned off, offline, pending restart, or the action is in progress. For more information, go to Configure RDP Attack Settings. |
Licenses
| Alert | Description |
|---|---|
|
Computer without a license |
There are no available licenses to assign to the computer. Release an assigned license or purchase more licenses. For more information, go to About Endpoint Security Licenses. |
|
There are free licenses but none of them have been assigned to this computer. For more information, go to About Endpoint Security Licenses. |
Computers in Audit Mode
| Alert | Description |
|---|---|
| Computer in Audit mode |
Threats are detected and reported, but they are not blocked or deleted. When Audit mode is enabled in a settings profile, the overall status of the protection applied to the computers that receive the settings does not change. Audit mode does not change the configuration in the management UI. For more information, go to Configure Audit Mode. |
Computers in Verbose Mode
| Alert | Description |
|---|---|
| Computer in Verbose mode |
Verbose mode is enabled on the computer. In Verbose mode, you can review extended telemetry for the computer for a specified period of time. You can analyze this information to evaluate the security software components in use when an Indicator of Attack (IOA) event occurs. For more information, go to Configure Verbose Mode. |
Installation of WatchGuard Endpoint Security
| Notification | Description |
|---|---|
|
Unprotected Computer |
There was an error during installation of the endpoint security product on the computer. With errors whose origin is known, a description of the cause will be displayed. If the origin is unknown, the associated error code will be displayed. For more information, go to Installation Requirements. A reboot is required to complete the installation due to a previous uninstallation. For more information, go to Restart a Computer (Windows Computers). |
|
The agent does not have the permissions required on macOS computers. For more information, go to Installation Requirements. |
|
|
Unsupported Linux kernel. For more information, go to WatchGuard Agent – Installation and Upgrade Error Messages. |
|
|
Unsupported Unbreakable Enterprise Kernel (UEK) release. For more information, go to WatchGuard Agent – Installation and Upgrade Error Messages. |
|
| Error Installing the WatchGuard Agent |
Wrong credentials. For more information, go to Install the Endpoint Software Remotely (Windows Computers). |
|
The discovery computer is not available. For more information, go to Designate a Discovery Computer. |
|
|
Unable to connect to the target computer because it is turned off or does not comply with the hardware or network requirements. For more information, go to Installation Requirements. |
|
|
The computer operating system is not supported. For more information, go to Installation Requirements. |
|
|
Unable to download the agent installer due to a network error. For more information, go to Installation Requirements. |
|
|
Unable to copy the agent installer due to low free disk space on the computer. For more information, go to Installation Requirements. |
|
|
Unable to copy the agent installer because the target computer is turned off or does not meet the remote installation requirements. For more information, go to Installation Requirements. |
|
|
Unable to register the agent. For more information, go to Installation Requirements. |
|
| Error Communicating with Servers | The computer cannot connect to one or more servers in WatchGuard Cloud. For more information, go to Installation Requirements. |
Reinstallation of WatchGuard Endpoint Security
| Notification | Description |
|---|---|
| Pending Protection Reinstallation |
The administrator requested reinstallation of the endpoint security product. Reinstallation is incomplete because the computer is off or offline, or there is still time before the forced restart. To verify the computer is offline, select the Offline Computers tile on the dashboard. For more information, go to Reinstall Endpoint Software Remotely (Windows Computers). |
| Pending Agent Reinstallation |
The administrator requested reinstallation of the WatchGuard Agent. Reinstallation is not complete because the computer is off or offline, or there is still time before the forced restart. To verify the computer is offline, select the Offline Computers tile on the dashboard. For more information, go to Reinstall Endpoint Software Remotely (Windows Computers). |
| Error Installing the WatchGuard Agent |
Wrong credentials. Enter the correct credentials. |
|
The discovery computer is not available. To verify the discovery computer is offline, select the Offline Computers tile on the dashboard. |
|
|
Unable to connect to the computer. It is off or offline, or does not meet remote installation requirements. To verify the computer is offline, select the Offline Computers tile on the dashboard. For more information, go to Reinstall Endpoint Software Remotely (Windows Computers). |
|
|
The operating system is not supported. It does not meet remote installation requirements. For more information, go to Reinstall Endpoint Software Remotely (Windows Computers). |
|
|
Unable to download the WatchGuard Agent installer to the target computer. The computer is turned off or does not meet remote installation requirements. To verify the computer is offline, select the Offline Computers tile on the dashboard. For more information, go to Reinstall Endpoint Software Remotely (Windows Computers). |
|
|
Unable to copy the WatchGuard Agent installer to the target computer. It is turned off or does not meet remote installation requirements. To verify the computer is offline, select the Offline Computers tile on the dashboard. For more information, go to Reinstall Endpoint Software Remotely (Windows Computers). |
|
|
Unable to uninstall the WatchGuard Agent from the target computer. It is turned off or does not meet remote installation requirements. To verify the computer is offline, select the Offline Computers tile on the dashboard. For more information, go to Reinstall Endpoint Software Remotely (Windows Computers). |
|
|
Unable to install the WatchGuard Agent on the target computer. It is turned off or does not meet remote installation requirements. To verify the computer is offline, select the Offline Computers tile on the dashboard. For more information, go to Reinstall Endpoint Software Remotely (Windows Computers). |
|
|
Unable to register the WatchGuard Agent because the computer is turned off or does not meet remote installation requirements. To verify if the computer is offline, select the Offline Computers tile on the dashboard. For more information, go to Reinstall Endpoint Software Remotely (Windows Computers). |
WatchGuard Endpoint Security Issues
| Notification | Description |
|---|---|
|
Unprotected computer |
An error was encountered in the antivirus and advanced protections. Restart the computer to fix the problem. For more information, go to Restart a Computer (Windows Computers). |
| Audit mode |
The device is in Audit mode. WatchGuard Endpoint Security only detects threats and notifies the endpoint user. For information on how to disable Audit mode, go to Configure Audit Mode. |
|
Data Control error |
An error was encountered in Data Control. Restart the computer to fix the problem. For more information, go to Restart a Computer (Windows Computers). |
|
Error encrypting the computer |
Unable to encrypt the computer due to an error. For more information, go to Restart a Computer (Windows Computers). |
Pending User or Administrator Action
| Notification | Description |
|---|---|
|
Encryption pending user action |
The user must restart the computer or enter the relevant encryption credentials to complete the encryption process. For more information, go to Restart a Computer (Windows Computers). |
|
Pending restart |
The administrator has requested that the computer be restarted but it has not restarted yet as it is offline or the time period for a forced reboot has not ended yet. For more information, go to Offline Computers. |
|
Reinstalling protection |
The administrator has requested that the computer protection be reinstalled but the operation is not yet complete because the computer is turned off or offline, the amount of time to wait before the reinstallation is forced has not passed, or the reinstallation is in progress. For more information, go to Install the Endpoint Software Remotely (Windows Computers). |
|
Unprotected computer |
The antivirus and advanced protections are disabled. Enable the protection. For more information, go to Configure Antivirus Scanning and Advanced Protection. |
|
Computer offline for N days |
The computer is turned off or does not meet the network access requirements. For more information, go to Installation Requirements. |
|
Protection out-of-date |
The protection requires the local user to manually restart the computer to complete the installation. This is only on computers with the Home and Starter versions of Windows. |
|
The administrator has changed the protection status from the computer local console |
The administrator has changed the protection settings from the agent installed on the workstation or server. The current settings do not match the settings defined from the management UI. |
Computer with Out-of-Date Protection
| Notification | Description |
|---|---|
|
Protection out-of-date
|
A reboot is required to complete the protection update process. For more information, go to Restart a Computer (Windows Computers). |
|
An error occurred during the update process. Make sure the computer meets the hardware and network requirements. For more information, go to Installation Requirements. |
|
|
Updates are disabled for the computer. Assign the computer a settings profile with updates enabled. For more information, go to Configure Updates. |
|
|
Malware and threat knowledge out-of-date |
Knowledge updates are disabled for this computer. Assign the computer a settings profile with updates enabled. For more information, go to Configure Updates. |