WatchGuard Cloud and Data Retention License Expiration
Most devices with a Standard Support license (Fireware v12.9 or higher) can be added to WatchGuard Cloud for centralized management. They do not send log messages to WatchGuard Cloud and there is no reporting or data retention. These Fireboxes with Standard Support cannot connect to WatchGuard Cloud:
- T15
- T35
- T55
- T70
Devices with a Total Security Suite or Basic Security Suite license send log messages to WatchGuard Cloud. The license includes a default retention period for Firebox data in WatchGuard Cloud:
- For a Firebox with the Total Security Suite:
- Reports — The data retention period for reports is 30 days plus the number of days associated with the Data Retention license assigned to the Firebox if a Data Retention license is purchased.
- Log Manager and Log Search — The data retention period for log data for Log Manager and Log Search is 365 days. 10 days of log data (plus the number of days associated with the Data Retention license assigned to the Firebox) is available for fast searches.
- For a Firebox with the Basic Security Suite:
- Reports — The data retention period for reports is 1 day plus the number of days associated with the Data Retention license assigned to the Firebox if a Data Retention license is purchased.
- Log Manager and Log Search — The data retention period for Log Manager and Log Search is 90 days. Fast search is not available with Basic Security Suite unless you purchase a Data Retention License.
You can assign a Data Retention license to a Firebox to extend the data retention period. The Device Summary page for the Firebox shows the feature key status and expiration date, and the data retention period.
If a Firebox has a Data Retention license, the Log Data Retention period shows the number of days of data retention for Log Manager and Log Search. The Report Data Retention period shows the number of days of data retention for reports. These include the number of days in the device license plus days added from the Data Retention license allocated to the device.
Feature Key Expiration — Grace Period
For a Firebox to connect to WatchGuard Cloud and send logs, the feature key must have CLOUD_CONNECT and CLOUD_VISIBILITY. Older feature keys could include LIVE_SECURITY, SUPPORT, or DIMENSION_BASIC.
The feature key should synchronize automatically with a Fireware update. If you do not have the Enable automatic feature key synchronization option enabled, then we recommend that you manually synchronize the feature key from Fireware Web UI or WSM. For more information, see Get a Firebox Feature Key.
The feature key expiration date controls whether the Firebox can connect to WatchGuard Cloud. To avoid gaps in WatchGuard Cloud log data when the subscription expires, WatchGuard Cloud includes a seven-day grace period after the license expires.
To avoid loss of data, we recommend that you renew the Total Security Suite or Basic Security Suite subscription before the subscription expires.
During the seven-day grace period:
- The Firebox can continue to connect to WatchGuard Cloud
- The Firebox continues to send log messages to WatchGuard Cloud (TSS and BSS only)
- Log and report data remains in WatchGuard Cloud for the default data retention period associated with the subscription (30 days or 1 day) plus any additional days provided by a Data Retention license (TSS and BSS only)
After the seven-day grace period:
- The default data retention period is reduced to 0, and a process automatically removes all log messages and reports, unless the Firebox has a Data Retention License assigned.
- If the Firebox has a Data Retention license, historical log and report data remain in WatchGuard Cloud for the number of days provided by the Data Retention license.
Data Retention License Expiration — Grace Period
Data Retention is a service and has an expiration date. You assign the Data Retention license to a Firebox in WatchGuard Cloud. You can see the expiration of the Data Retention license on the Administration page in your WatchGuard Cloud account. For more information, see Manage Data Retention Licenses.
If a Data Retention license assigned to a Firebox expires, there is a 7-day grace period before WatchGuard Cloud removes stored Firebox log and report data. After the grace period, the data retention for the Firebox reverts back to the default value associated with the Total Security Suite or Basic Security Suite subscription. For a Firebox with Total Security Suite and a Data Retention license, 7 days after the Data Retention License expires, WatchGuard Cloud permanently removes any data older than 30 days.
To avoid loss of data, we recommend that you renew the Data Retention license before it expires. To renew a Data Retention license, activate a new license and select the option to extend the term of the existing license. For more information, see Activate a Data Retention License.