MDR service settings
The MDR service settings page appears in the Advanced EDR console only if the customer has purchased this service from a partner. Before you fill in this form, contact your partner.
WatchGuard MDR (Managed Detection and Response) is a 24/7 cybersecurity service that enables partners to provide a managed detection and response service to customers with minimum investment in a SOC (Security Operations Center). The service monitors the security of computers in the organization, searching for threats, detecting attacks, investigating, and providing guided recommendations about how to restore affected assets and improve customer security.
The MDR service leverages innovative technologies that use artificial intelligence algorithms. Additionally, the service is fully managed by a team of cybersecurity experts, which improves customer security and cyber resilience overall and minimizes detection and response times.
For more information about the MDR module, see:
Creating and managing settings profiles: Information about how to create, edit, delete, or assign settings profiles to the computers on your network.
Accessing, controlling, and monitoring the management console: Managing user accounts and assigning permissions.
MDR service settings
Accessing the settings
In the top menu, select Settings. In the side menu, select MDR. The service allows only one settings profile, which you establish at account level and applies to all computers on the managed IT network.
Required permissions
| Permission | Access type |
|---|---|
|
Configure MDR |
Create, edit, and delete MDR settings profiles. |
|
View MDR settings |
View MDR settings profiles. |
MDR setting options
MDR settings enable customers to send partners up-to-date information about the IT network they manage. With that information, the partner can determine the cybersecurity resources they need to correctly provide the detection, protection, and response service.
To create or edit an MDR settings profile when you modify your IT infrastructure, enter the relevant information in these fields.
General
| Field | Description |
|---|---|
|
Customer business vertical |
Specify the industry or vertical your business belongs to. |
|
Number of business locations |
Specify the number of branch offices your business has. |
|
Number of employees |
Specify the number of employees who have one or more managed devices. |
|
Includes remote employees |
Specify the number of people who have one or more managed devices and work outside the business office. |
Technology
| Field | Description |
|---|---|
|
Operating systems |
Specify the operating systems in use in the network. Include computers that are not protected by Cytomic products. |
|
Hardware devices |
Specify the vendor name and types of hardware devices in the network for early identification of possible existing vulnerabilities. Include devices not protected by Cytomic products. |
|
Critical computers |
Specify computers that provide a critical service for your business. You can add individual computers or computer groups. |
Response plan
| Field | Description |
|---|---|
|
Allow WG Security Operations Center to isolate computers on the customer network |
Specify whether Cytomic is authorized to use the computer isolation feature to respond to a compromised system. For more information about how to isolate computers, see Computer isolation. |
|
Exceptions |
Specify computers for which Cytomic cannot use the computer isolation feature to respond to a compromised system. For more information about how to isolate computers, see Computer isolation. |