WatchGuard has rolled out an updated edition of its cloud management console for MSPs with new policy management, MFA, and threat analysis features.
Those and other enhancements are the latest steps in WatchGuard’s multi-year journey toward making WatchGuard Cloud a single-pane-of-glass administration console for multi-tenant environments, according to Andrew Young, senior vice president of product management.
“It’s that one place for MSPs to go to deliver security to their end customers,” he says.
Upgrades available now in the system include new network security policy management capabilities designed to streamline rule-setting by applying policy templates to security appliances across multiple tiers and tenants. In addition to shortening the policy-making process and reducing administrative overhead, Young notes, templates reduce configuration mistakes.
“Configuration error is one of the biggest threats to our mid-market customers,” he says.
Users can also now deploy content scanning, network inspection, content filtering, and other services backed by pre-set policies with a single click. The feature is designed to drive wider use of security functionality in WatchGuard products by lowering deployment barriers.
“The worst scenario for us is that somebody buys security and doesn’t deploy it,” Young says.
Available now as well in WatchGuard Cloud is risk-based multifactor authentication functionality that governs rules for when specific groups of users or devices are required to use WatchGuard’s AuthPoint MFA tool. Administrators can use the new feature to define a safe network location in which users may logon without MFA. Additional policy options, including geofencing rules that waive MFA mandates within specific areas and correlated time policies, will arrive later this year and beyond.
Letting users skip MFA under safe conditions reduces objections to MFA among end users , Young says. WatchGuard CTO Corey Nachreiner underscored the importance of utilizing MFA in a recent New Year’s prediction.
“We know it’s bold, but we predict that in 2021, every service that doesn’t have MFA enabled will suffer a breach or an account compromise,” he said.
A third major addition to WatchGuard Cloud is new threat analysis functionality that draws on the vendor’s ThreatSync correlation engine to alert endpoints about attacks against the network and alert WatchGuard Firebox appliances about attacks against endpoints or specific users.
The feature provides a foundation for delivering managed detection and response services, Young says, and also paves the way toward the eventual introduction of support for the endpoint protection software WatchGuard acquired along with Panda Security last March. WatchGuard expects that milestone to arrive this summer.
Panda solutions have been available for resale to members of the WatchGuardONE partner program since last October.
Introduced in 2018, WatchGuard Cloud is a core element of the vendor’s ongoing introduction of products for managed service providers. “We’ve built it from the ground up with the MSP in mind,” Young says.
The console also plays a critical role in WatchGuard’s strategic, portfolio-wide shift to a zero-trust architecture based on identity and access management.
“I’m kind of a big believer in this identity-first approach, and we’re really elevating the features of AuthPoint and identity into kind of this platform-layer feature, so that we can enable zero trust across a security infrastructure for an MSP, whether that’s endpoint, network, or cloud,” Young says.
WatchGuard Cloud is included at no extra cost in the company’s Basic Security Suite and Total Security Suite.