Operating System Compatibility by Feature
Applies To: WatchGuard Advanced EPDR, WatchGuard EPDR, WatchGuard EPP, WatchGuard EDR, WatchGuard EDR Core
Some of the features described in this topic are only available to participants in the WatchGuard Endpoint Security beta program. If a feature described in this topic is not available in your version of the endpoint security product, it is a beta-only feature.
Not all features are available for all supported platforms. Features available differ by computer platform. This table lists available features and the platforms that support them.
Available Features | Windows (Intel & ARM) |
Linux |
macOS (Intel & ARM) |
Android |
iOS |
---|---|---|---|---|---|
General | |||||
Web-based management UI | |||||
Information in dashboards | |||||
Filter-based computer organization | |||||
Group-based computer organization | |||||
Languages supported in the management UI | 11 | 11 | 11 | 16 | 10 |
Lists and Reports | |||||
Frequency that malware, PUPs and exploit activity, and blocked programs are sent to the server | 1 min | 10 min | 10 min | Immediately after scan completes | N/A |
Frequency that other detections are sent to the server | 15 min | 15 min | 15 min | Immediately after scan completes | 15 min |
List of detections | |||||
Executive reports | |||||
Scheduled executive reports | |||||
Protection | |||||
Anti-tamper protection | |||||
Anti-phishing | |||||
Real-time permanent antivirus protection | |||||
Contextual detections | |||||
Network attack protection | |||||
Anti-exploit protection | |||||
Continuous endpoint risk monitoring | |||||
Threat Hunting Service (High-fidelity indicators of attack mapped to MITRE ATT&CK) | |||||
Advanced IOAs | (Advanced EPDR only) | ||||
Zero-Trust Application Service (Hardening and Lock) | |||||
Shadow copies | |||||
Decoy files | |||||
Audit mode | |||||
Firewall | |||||
Device control | |||||
Risk evaluation | |||||
Vulnerability assessment | |||||
URL filtering | |||||
STIX IOCs and YARA rules search |
(Advanced EPDR only) |
||||
Advanced security policies to reduce the attack surface |
(Advanced EPDR only) |
||||
Threat Hunting Service (Non-deterministic indicators of attack mapped to MITRE ATT&CK with contextual telemetry ) |
(Advanced EPDR only) |
||||
Anti-theft | |||||
Hardware and Software Information | |||||
Hardware | |||||
Software | |||||
Software change log | |||||
Information about installed OS patches | |||||
Vulnerability assessment | |||||
Settings | |||||
Security settings for workstations and servers | NA | NA | |||
Password to uninstall the protection and take actions locally | |||||
Network access enforcement | |||||
Ability to establish multiple proxies | NA | NA | |||
Ability to use the WatchGuard proxy | NA | NA | |||
Ability to work as a WatchGuard proxy | NA | NA | |||
Ability to work as a repository or cache | NA | NA | |||
Ability to use the repository or cache | NA | NA | |||
Discovery of unprotected computers | |||||
Email alerts in the event of an infection | |||||
Email alerts when finding an unprotected computer | |||||
Remote Actions from the Management UI | |||||
Real-time actions | |||||
On-demand scans | NA | ||||
Scheduled scans | NA | ||||
Remote installation of the agent | |||||
Ability to reinstall the agent and protection | |||||
Computer restart | |||||
Computer isolation | |||||
Authorized software by hash or program properties | |||||
Program blocking by hash and program name | |||||
Ability to report incidents (PSInfo) | |||||
Remote shell to manage processes and services, file transfers, command line tools, get dumps, pcap, etc. |
(Advanced EPDR only) |
||||
Updates and Upgrades | |||||
Signature updates | NA | ||||
Protection upgrades | NA | ||||
Ability to schedule protection upgrades | Google Play | App Store | |||
Modules** | |||||
WatchGuard Advanced Reporting Tool | |||||
WatchGuard Patch Management | * | ||||
WatchGuard Data Control | |||||
WatchGuard Full Encryption | |||||
WatchGuard SIEMFeeder |
* The feature works on Windows (Intel) and partially on Windows (ARM).
** EDR Core does not support Endpoint Security modules.