Telephone: 03300 881114

WatchGuard Threat Detection and Response

25 January 2017

WatchGuard Threat Detection and Response - The newest WatchGuard Security Service, Threat Detection and Response (TDR), correlates network and endpoint security events with threat intelligence to detect, prioritise, and enable immediate action against your threats.

• TDR’s lightweight Host Sensor works alongside existing antivirus solutions without competing for CPU usage
• ThreatSync consumes and analyzes enterprise-grade threat intelligence, delivering the security benefits withoutpassing along the associated complexities or cost
• ThreatSync also collects threat data from other Total Security Suite services including APT Blocker, WebBlocker,Gateway AntiVirus and Reputation Enabled Defense
• Host Ransomware Prevention protects against ransomware attacks before file encryption takes place

• Easily deploy and manage WatchGuard Host Sensors manually or in bulk via AD integration 
• TDR’s cloud-based environment is simple and easy for customers to on-board, deploy and manage
• Set up and manage policies to enable automated remediation for each customer account

• TDR collects data from multiple sources including the Firebox, Host Sensor and Threat Intelligence Feeds
• ThreatSync analyzes this data to provide a comprehensive threat score and rank to enable IT adminsto confidently respond to threats
• Host Sensors then initiate response tactics to remove threats from the endpoint before damage is done• Successful remediations are reported back to ThreatSync, decreasing the initial threat score to a 1

• WatchGuard Host Sensors provide detailed data on endpoint threat activity
• ThreatSync collects threat data from your Firebox M Series, T Series and XTMv appliances, as well as existingTotal Security Suite services like APT Blocker, WebBlocker, Reputation Enabled Defense and Gateway AntiVirus
• TDR’s Incidents and Indicators pages give you detailed information on which hosts are the most at risk of attacks

Threat Detection and Response (TDR) correlates network and endpoint security events with threat intelligence to detect,prioritize and enable immediate action to stop malware attacks. TDR is a new service in the UTM security suite, consistingof four different components including the ThreatSync correlation and scoring engine, enterprise-grade threat intelligence,a lightweight host sensor for endpoint visibility, and improved ransomware protection on the endpoint through ourHost Ransomware Prevention module.
TDR is included within the Total Security Suite; however the number of included Host Sensors will vary based on theFirebox® appliance. Additional Host Sensors are available through an add-on option.


Download the WatchGuard Threat detection & Response Data Sheet