Call a Specialist Today! 1300 505 257

WatchGuard Threat Detection and Response
Network and Endpoint Threat Correlation

WatchGuard's new Threat Detection and Response (TDR) service correlates network and endpoint security events with threat intelligence to detect, prioritize and enable immediate action against threats. It provides the enhanced protection needed to mitigate advanced malware attacks, by extending detection capabilities to the endpoint and correlating threat activity from network, host sensor and cloud intelligence feeds.

Threat Detection & Response is included in all WatchGuard Total Security Suite

Threat Detection and Response is a new service in the UTM security suite, consisting of four different components:

ThreatSync
WatchGuard's cloud-based continuous monitoring, security event correlation, and scoring engine

Host Sensor
A lightweight host sensor for endpoint visibility and response

Threat Intelligence
TDR enables SMBs to leverage the advanced security benefits of enterprise-security benefits without the complexity or cost.

Host Ransomware Prevention
TDR provides improved ransomware protection on the endpoint through our Host Ransomware Prevention module.

Cyber criminals are mounting attacks with increasing complexity and sophistication, using coordinated means to gain access to your network from any and every connection. Organizations of all sizes need a solution that leverages a holistic approach to security from the network to the endpoint. WatchGuard Threat Detection and Response (TDR) correlates network and endpoint security events with threat intelligence to detect, prioritize and enable immediate action to stop malware attacks.

Key Features

Threat Correlation and Prioritization

ThreatSync is WatchGuard’s new cloud-based correlation and threat scoring engine, improving security awareness and response across the network to the endpoint. ThreatSync collects event data from the WatchGuard Firebox, WatchGuard Host Sensor and cloud threat intelligence feeds, and correlates this data to generate a comprehensive threat score and rank based on severity. 

Enterprise-grade Threat Intelligence

Threat Intelligence was previously only a benefit available to enterprise organizations with big budgets and even bigger security teams. With Threat Detection and Response, WatchGuard consumes and analyzes threat intelligence feeds - delivering the security benefits without passing down the associated complexities or cost.

Visibility into the Endpoint

The lightweight WatchGuard Host Sensor extends visibility and management to the endpoint and continuously sends endpoint events up to ThreatSync for correlation and scoring. The Host Sensor detects events, sends the data to ThreatSync and enables the remediation of threats on the endpoint.

Additional Security Layer to Existing Antivirus Solutions

Threat Detection and Response doesn’t require users or Managed Security Service Providers (MSSPs) to replace existing AV solutions already deployed. TDR works in tandem with existing AV, bringing an additional, powerful layer of threat detection and event correlation to catch anything that AV might miss.

Prevention against Advanced Malware

The Host Ransomware Prevention feature of Threat Detection and Response, along with the advanced malware protection provided through APT Blocker, enables industry-leading prevention against ransomware attacks. Host Ransomware Prevention blocks the execution of ransomware before any file encryption on the endpoint takes place, mitigating the ransomware attack before any damage is done.

How it Works

Threats detected on the Firebox or via the Host Sensor are sent to ThreatSync, where they are continuously correlated and analyzed, then scored and ranked by severity. Threats can then be quickly remediated through one-click response options, or by leveraging policies to enable an automated response including quarantine the file, kill the process and delete the registry key persistence.

Prevention against Advanced Malware

Documentation:

Download the WatchGuard Threat Detection and Response Brochure (PDF).

Download the WatchGuard Threat Detection and Response Tech Brief (PDF).

Download the WatchGuard Total Security: UTM Subscriptions (PDF).

Pricing Notes:

WatchGuard Products
WatchGuard Threat Detection and Response Host Sensor Add-on
WatchGuard Threat Detection and Response 10 Host Sensor Add-on, 1 Year
#WGTC0101
List Price: $707.00
Our Price: $658.00
WatchGuard Threat Detection and Response 10 Host Sensor Add-on, 3 Year
#WGTC0103
List Price: $1,701.00
Our Price: $1,582.00
WatchGuard Threat Detection and Response 25 Host Sensor Add-on, 1 Year
#WGTC0251
List Price: $1,572.00
Our Price: $1,462.00
WatchGuard Threat Detection and Response 25 Host Sensor Add-on, 3 Year
#WGTC0253
List Price: $3,772.00
Our Price: $3,508.00
WatchGuard Threat Detection and Response 50 Host Sensor Add-on, 1 Year
#WGTC0501
List Price: $2,987.00
Our Price: $2,777.00
WatchGuard Threat Detection and Response 50 Host Sensor Add-on, 3 Year
#WGTC0503
List Price: $7,164.00
Our Price: $6,663.00
WatchGuard Threat Detection and Response 100 Host Sensor Add-on, 1 Year
#WGTC1001
List Price: $5,500.00
Our Price: $5,115.00
WatchGuard Threat Detection and Response 100 Host Sensor Add-on, 3 Year
#WGTC1003
List Price: $13,200.00
Our Price: $12,276.00
WatchGuard Threat Detection and Response 250 Host Sensor Add-on, 1 Year
#WGTC2501
List Price: $12,965.00
Our Price: $12,057.00
WatchGuard Threat Detection and Response 250 Host Sensor Add-on, 3 Year
#WGTC2503
List Price: $31,115.00
Our Price: $28,937.00
WatchGuard Threat Detection and Response 500 Host Sensor Add-on, 1 Year
#WGTC5001
List Price: $23,572.00
Our Price: $21,922.00
WatchGuard Threat Detection and Response 500 Host Sensor Add-on, 3 Year
#WGTC5003
List Price: $56,572.00
Our Price: $52,612.00