Simplifying And Streamlining User Management

14 December, 2023 by Kirk Jensen


WatchGuard User Management Cloud

Account administrators/owners prefer to avoid juggling various user management interfaces for tasks like inviting new users, controlling user permissions and roles, enforcing multi-factor authentication (MFA), and removing users from the system. This complexity hinders user management processes and complicates auditing, posing a substantial challenge during routine compliance audits. Acknowledging this issue, we are merging the current User Manager in the WatchGuard Support Centre into WatchGuard Cloud operator management. This streamlines user management, eliminating the need for convoluted business rules across multiple interfaces.

User Management Overview

The primary interfaces for user management (depending on account tier) are the WatchGuard Portal Support Centre and WatchGuard Cloud. Tier-1 accounts require both interfaces, whereas all other account tiers utilize WatchGuard Cloud.

From the Manage Users page in the WatchGuard Portal, you can see and manage user accounts in your WatchGuard Portal account. You can also manage permissions for each user account, which control whether each user can manage specific aspects of your WatchGuard Portal account and your WatchGuard Cloud-based applications.

Users who can log in to WatchGuard Cloud to view and manage account information and configure services are called operators. Your operator role determines what information you can see and actions you can take within your account or managed accounts. There are five operator roles for Service Provider accounts:

  • Owner — Owners have full permissions within their Service Provider account and managed services. They can add custom branding options to the account. They are the only Service Provider operators who can add, edit, and delete operators for their accounts.
  • Sales — Sales operators have complete inventory and account management permissions but read-only permission for configuring services and operators.
  • Helpdesk — Helpdesk operators have full permissions to configure services and read-only permission everywhere else.
  • Auditor — Auditors have read-only permission throughout their Service Provider account.
  • No Access — Operators with the No Access role cannot log in to WatchGuard Cloud until they are assigned a different role.

What Are We Doing?

User management is fragmented across User Manager (Portal/Support Center) and WatchGuard Cloud operator management. This fragmentation can be challenging, especially for large organizations with numerous users. To simplify and streamline the process, WatchGuard is moving the functionality of User Manager in the WatchGuard Support Center to WatchGuard Cloud, creating a single interface for all operator management, regardless of account tier. This will make you more efficient, reduce support costs, improve security posture, and provide a consistent interface.

What Are the Benefits of This Change?
The transition to WatchGuard Cloud for user management offers many benefits:

  1. It streamlines account management, enabling you to handle tasks such as inviting new users and managing permissions and roles through a single interface, saving time and increasing efficiency.
  2. You gain greater autonomy over your accounts, allowing you to independently manage user permissions and roles, eliminating reliance on WatchGuard support, and providing a more flexible approach to meeting specific business requirements.
  3. Enabling owners/administrators to force the use of multi-factor authentication (MFA) significantly enhances security, making user accounts more resilient to hacking attempts, instilling confidence, and ensuring data safety.


Got a question for us?

We are here to help! Contact your Security Account Manager today to find out more!

Webinar: 2024 Predications

04 December, 2023 by Adisa Hairlahovic 

Webinar 2024 Predictions Blog 735X416 Px

What cybersecurity threats will emerge from the depths of the dark web and from the minds of threat actors in 2024? In this year’s predictions, the WatchGuard Threat Lab shares what cybersecurity and threats will look like in the next year and ways to defend your business.

Join our webinar, where Corey Nachreiner, CSO, and Marc Laliberte, director of security operations, will discuss:

  • Notable security industry trends, like managed detection and response (MDR) and security operations center (SOC) services, which have the potential to boost significant MSP growth.
  • How cyberattackers might leverage AI, your favorite tech gadgets, and more, to bypass your defenses and access your private data.
  • Possibilities for futuristic, cutting-edge cyberattacks and their consequences, such as manipulating an LLM into leaking private data.

Date: 14 December 2023

Time: 4pm – 5pm GMT

Register now!

How To Choose The Right XDR Provider For Your Organisation

20 November, 2023 by Diana Harter

How to Choose XDR Provider WatchGuard

eXtended Detection and Response (XDR) technology has transformed the cybersecurity paradigm by enhancing visibility and threat detection, providing unprecedented response capabilities. It is a tool capable of monitoring the different security layers of a company, generating a single pane that unifies the detections produced in these layers.

After this detection process, XDR solutions group data into incidents and analyze them, prioritizing response action based on how critical mitigation is in each case. They also strengthen security by combining different technologies that generate more accurate detections than when they work separately. XDR provides unified visibility into all a company’s internal data and systems, automatically detects and responds to sophisticated attacks, which streamlines response procedures and increases the productivity of the security team.

What should you bear in mind when choosing an XDR provider?

According to IBM data, the global cost of data breaches reached $4.45 billion in 2023, a 15% growth in the last three years. Although this data is alarming, there are increasingly advanced solutions on the market that can protect organizations from these cyberattacks.

To find the right XDR provider for your organization, it is essential to understand your business’s specific needs and how the proposed solution can be integrated with your existing security architecture. There are a number of factors to consider when choosing the most suitable XDR provider for your company:

  • A single security platform: Deploying a large set of tools that provide a high level of security but are siloed (i.e., they do not work together) can be a double-edged sword as each solution works independently of the others. Grouping solutions together on the same security platform, where they can communicate with each other, delivers efficiencies that are worth considering.
  • Easy to deploy and manage: An XDR solution does not have to be complicated to configure and implement. Options are available to provide a unified and intuitive user experience that simplifies adaptation and learning substantially.
  • Extended visibility: The solution needs to provide greater visibility of your IT infrastructure, including desktops, laptops, servers, and networks, generating correlated detections to ensure more accurate and effective threat detection.
  • Automated response: This can counter threats quickly and efficiently, thereby minimizing incident response time. As we know, slow detection times and inaccurate response actions enable the threat to spread and, if the attack is successful, this can result in further downtime and data loss, so automation is crucial.
  • Behavioral analytics: AI-based behavioral analytics are essential to identify anomalous patterns that could indicate malicious activity.
  • Scalability: It is important that they can easily adapt as your company’s needs change, without compromising performance.

Reasons to implement XDR technology through an MSP

Integrating multiple security products from different vendors can be complicated, time-consuming, and require specialized knowledge and expertise. Managing the solution after integration into the system adds to this complexity.

The efforts and costs this process entails lead many organizations to work with managed service providers (MSPs). Outsourcing security and other critical IT functions to trusted partners with extensive industry experience is an effective way to fill that gap and leverage MSPs’ experience with customers in similar implementations. MSP services can help organizations improve security, enabling them to make a difference in the viability of their business by extending their IT security capabilities.

SSO: What Is It and What Are The Benefits for Cybersecurity

07 November, 2023 by Sam Manjarres

Sso Single Sign on Authentication WatchGuard

Single sign-on (SSO) is a tool that simplifies the authentication process by allowing users to log in and access various digital applications and services using a single set of credentials.

This authentication solution works through a central service that authenticates users once and then provides an authentication token for the applications they wish to use. This token enables applications to verify user identity without users having to re-enter their credentials.

4 main benefits of implementing SSO in your business 

First, you should bear in mind that if you don’t use an SSO tool, each website or application has its own database of user credentials. This can be problematic for your organization, as you will have to store and manage a host of different credentials for each application you use. This complicated process can lead to security issues, high management costs and inefficiencies. In contrast, deploying SSO authentication technology delivers advantages such as:

1- Increased employee and IT productivity:

Allowing access to multiple applications with a single password removes the need for users to remember and manage multiple passwords, saving time and effort. It also reduces the need for password assistance and provides quick and easy access to all applications.

2- Cost savings:

According to data from Forrester Research, each employee password reset costs your business $70. Similarly, Gartner analysts point out that 40% of calls made to the helpdesk are related to passwords and resets. An SSO solution can help reduce some of these costs.

3- Lower password fatigue and stronger security:

Creating unique passwords for each account is an important security measure, but it can be difficult to implement. Users have to remember complex and different passwords for each account, which can lead to forgetfulness, password reuse, and other vulnerabilities. In fact, 44% of users say they seldom bother to reset their passwords and 32% reuse the same password on between 5 and 10 websites and applications. One of the main advantages of SSO is that it helps reduce password fatigue and improve the user experience. It also strengthens security by reducing the risk of users sharing or reusing their passwords.

4- Improved regulatory compliance posture:

SSO can help you comply with security regulatory requirements, such as GDPR, HIPAA and PCI DSS, by providing effective access controls, such as MFA, access auditing and automatic sign-off. These controls help you protect sensitive data and comply with regulatory requirements.

How to choose the right solution for your organisation?

Implementing SSO helps reduce security risks and create a seamless user experience that facilitates compliance with your organization’s security processes. However, for your SSO strategy to be successful, it is important to choose the right solution to meet your specific needs. We recommend the following checklist to help you find the right solution for your business:

  • Assess the level of security the solution provides.
  • Assess ease of use.
  • Ensure it is compatible with existing systems and applications to minimize disruption.
  • Check solution scalability.
  • Analyze the level of employee training it requires.


If you want to find out more about SSO and the role it plays in user authentication experience, do not hesitate to get in touch!

MFA Is Great…But Are You Selling Single Sign-On?

23 October, 2023 by Sam Manjarres

MFA WatchGuard AuthPoint Security

Managed service providers (MSPs) are always on the lookout for new technologies that can improve their clients’ productivity, security, and bottom line. Despite having been in the market for a long time, the shift to hybrid or remote work has brought single sign-on (SSO) authentication to the spotlight. SSO is simply an easy-to-adopt and (depending on your security vendor) affordable way to enable secure access to Cloud applications. In this blog post, we will explain why MSPs should sell SSO to their clients and how SSO can open the door to upselling multi-factor authentication (MFA.)

MSPs can use SSO and MFA as a platform to provide value-added services such as security assessments, user training, and customized policies. MSPs can use SSO and MFA to identify security gaps and vulnerabilities in their clients’ IT environments and recommend remediation strategies. The best part? As a WatchGuard partner, you can offer SSO with AuthPoint MFA or AuthPoint Total Identity Security without having to purchase additional licenses.

Top reasons to leverage SSO as a key benefit included in AuthPoint MFA or AuthPoint Total Identity Security:

Improve Productivity: SSO can make it easier for users to access multiple applications and services without having to enter separate login credentials for each one. This can save users time and reduce the risk of errors and password fatigue.

Differentiate from Competition: MSPs who sell SSO and MFA can differentiate themselves from other IT providers who do not offer these solutions or who charge extra for SSO access. With AuthPoint identity security, you can promise a comprehensive approach, at the best price.

Compliance: Many businesses are subject to industry or government regulations that require them to protect sensitive data and control access to it. SSO and MFA can help MSPs simplify compliance by providing an audit trail of user activity and enforcing access controls.

By positioning SSO as a strategic enabler and upsell opportunity for MFA and other security solutions, MSPs can strengthen their relationships with their clients and help them achieve their business goals. As Cloud-based services become more pervasive and critical to businesses, MSPs who offer SSO and MFA will be in a strong position to capture market share and build long-term partnerships.

Reach New Sales Heights in Q4 with our Lightening Strike Promotion

12 October, 2023 by Joseph Tavano

25% OFF WatchGuard WiFi 6 Access Points

Let’s finish off Q4 2023 strong by using this exciting worldwide promotion to bring in new sales!

Now, through the end of the year, you can take advantage of 25% OFF All WatchGuard Wi-Fi 6 APs. Provide lightning-fast, reliably secure Wi-Fi 6 products to your customers, with simplified management via WatchGuard Cloud. And, by combining these solutions with the other product lines within WatchGuard’s Unified Security Platform, you’re able to offer powerful XDR capabilities and comprehensive, layered security.

This is an exciting opportunity to drive new Secure Wi-Fi adoption, as Wi-Fi 6 is still an important upgrade path for many customers. To accomplish this, we’ve been hard at work developing new marketing assets you can use to:

  • Upsell existing customers who are still using older APs / cross-sell to customers who do not yet use WatchGuard Secure Wi-Fi
  • Close deals with prospects
  • Initiate a competitive takeaway

Contact your Security Account Manager today to find out more!

New Endpoint Risk Assessment Tools Helps Identify Security Risks

11 October, 2023 by Kirk Jensen


Endpoint Risk Assessment Tools

As a WatchGuard partner, you know that cybersecurity is a top priority for your customers. But with so many different security solutions on the market, it can be difficult for customers to know where to start.

That’s where WatchGuard’s Endpoint Risk Assessment comes in. This free service helps you evaluate your customers’ endpoint security posture and identify any critical risks. You can then use this information to demonstrate the value of WatchGuard’s Endpoint Security solutions and sell to new customers.

Here are just a few of the benefits of using the Endpoint Risk Assessment:

  • It gives your customers a clear understanding of their current security posture and the risks they face. This information can help them make informed decisions about their security investments.
  • The assessment is non-intrusive and won’t disrupt your customers’ business operations.
  • It can help you identify critical security gaps that can be addressed with WatchGuard Endpoint Security.
  • Offering the assessment can help you identify new target customers who may not know the risks they face. This can lead to new business opportunities for you.

In addition to the benefits for your customers, the Endpoint Risk Assessment also offers several benefits for you as a partner:

  • The assessment is easy to use and can be completed in only a few weeks, depending on the number of endpoints.
  • You don’t need any special tools or expertise to use it.

Overall, the WatchGuard Endpoint Risk Assessment is a valuable tool for WatchGuard partners. It can help you boost your business and secure your customers.

Here are some tips for using the Endpoint Risk Assessment to your advantage:

  • Use the assessment results to develop a security plan for your customers: The assessment results can help you identify the specific security risks your customers face and develop a plan to address those risks.
  • The assessment can help you identify customers at high risk of a cyberattack. You can then sell WatchGuard Endpoint Security to these customers to help them improve their security posture.


If you have questions about the Endpoint Risk Assessment tool, please contact your Security Account Manager today!

WatchGuard Threat Lab Report Finds Endpoint Malware Volumes Decreasing Despite Campaigns Growing More Expansive

11 October, 2023 by Chris Warfield

WatchGuard Threat Lab Endpoint Malware

The WatchGuard Threat Lab has released the findings of its latest Internet Security Report, detailing the top malware trends and network and endpoint security threats analyzed by WatchGuard Threat Lab researchers. Key findings from the research include 95% of malware now arriving over encrypted connections, a decrease in endpoint malware volumes despite campaigns growing more widespread, ransomware detections on the decline amid a rise in double-extortion attacks, older software vulnerabilities persisting as popular targets for exploit among modern threat actors, and more.

Among the most notable findings, the latest Internet Security Report featuring data from Q2 2023 showed:

  • Ninety-five percent of malware hides behind encryption. Most malware lurks behind SSL/TLS encryption used by secured websites. Organizations that don’t inspect SSL/TLS traffic at the network perimeter are likely missing most malware. Furthermore, zero day malware dropped to 11% of total malware detections, an all-time low. However, when inspecting malware over encrypted connections, the share of evasive detections increased to 66%, indicating attackers continue to deliver sophisticated malware primarily via encryption.
  • Total endpoint malware volume is down slightly, though widespread malware campaigns increased. There was a slight 8% decrease in endpoint malware detections in Q2 compared to the previous quarter. However, when looking at endpoint malware detections caught by 10 to 50 systems or 100 or more systems, these detections increased in volume by 22% and 21%, respectively. The increased detections among more machines indicate that widespread malware campaigns grew from Q1 to Q2 of 2023.
  • Double-extortion attacks from ransomware groups increased 72% quarter over quarter, as the Threat Lab noted 13 new extortion groups. However, the rise in double-extortion attacks occurred as ransomware detections on endpoints declined 21% quarter over quarter and 72% year over year. 
  • Six new malware variants in the Top 10 endpoint detections. Threat Lab saw a massive increase of detections of the compromised 3CX installer, accounting for 48% of the total detection volume in the Q2 Top 10 list of malware threats. Furthermore, Glupteba, a multi-faceted loader, botnet, information stealer, and cryptominer that targets victims seemingly indiscriminately worldwide, made a resurgence in early 2023 after being disrupted in 2021.
  • Threat actors increasingly leverage Windows living off-the-land binaries to deliver malware. In analyzing attack vectors and how threat actors gain access in endpoints, attacks that abused Windows OS tools like WMI and PSExec grew 29%, accounting for 17% of all total volume, while malware that used scripts like PowerShell dropped 41% in volume. Scripts remain the most common malware delivery vector, accounting for 74% of detections overall. Browser-based exploits declined 33% and account for 3% of the total volume.
  • Cybercriminals continue to target older software vulnerabilities. Threat Lab researchers found three new signatures in the Top 10 network attacks for Q2 based on older vulnerabilities. One was a 2016 vulnerability associated with an open-source learning management system (GitHub) that was retired in 2018. Others were a signature that catches integer overflows in PHP, the scripting language used by many websites, and a 2010 buffer overflow and HP management application, called Open View Network Node Manager.
  • Compromised domains at WordPress blogs and link-shortening service. In researching malicious domains, the Threat Lab team encountered instances of self-managed websites (such as WordPress blogs) and a domain-shortening service that were compromised to host either malware or malware command and control framework. Additionally, Qakbot threat actors had compromised a website dedicated to an educational contest in the Asia Pacific region to host command and control infrastructure for their botnet.

For a more in-depth view of WatchGuard’s research, read the complete Q2 2023 Internet Security Report here.

5 Key Features of a Password Manager Designed for MSPs

3rd October, 2023 by Sam Manjarres

WatchGuard Password Manager

Password managers have become more than desirable applications for any MSP wishing to offer a secure, efficient and sophisticated service. Not only have they proven to be highly effective, but they also improve the efficiency of companies’ internal processes and make life easier for users by providing them with secure login to different systems.

According to a study published by Verizon, 80% of data breaches are due to stolen passwords. Hence credential managers have become key tools to protect against cyberattacks and data exfiltration, shielding MSPs and their customers.

What features should a password manager designed for MSPs include? 

The market currently comprises a host of password managers offering different utilities. Nonetheless, there are several key features that can take a credential manager to the next level, either in terms of advanced security and reliability or regarding cost-effectiveness and flexibility. Mindful of this, here are the five key aspects that every good password manager should include:

Cross-browser compatibility:

Allows your customers to access their credentials from different platforms, unifying all devices and systems with their respective passwords to automate the identification process.

Advanced password programming:

This functionality creates reliable passwords autonomously, whether they are single-use or based on high security standards. Thanks to this feature, your customers will not need to remember or create several passwords, a process that can be tedious and compromise the security of the system.

Shared storage for IT managers and MSPs:

Enables you to share and store credentials and data securely, facilitating communication with the company.

Credential status monitoring and alerts:

Monitors the status of each user’s credentials at all times, notifying you whenever any of them are compromised or at risk.

Multi-factor authentication (MFA):

Consists of a multi-factor authentication system that makes the user registration process more reliable.  Password logins are strengthened by one or more complementary tools, such as a code sent to an alternative device linked to the account.

In short, choosing a good password manager will deliver a number of added benefits to the service you offer customers. Apart from providing an extra layer of security that protects company data, you will be able to promote tools that are easy to use and implement and that also encourage flexibility between devices in a secure manner. In addition, by offering training and long-term support, you can position yourself as a competitive, effective and trustworthy alternative. This is an important feature for any provider offering a competitive and differential service.

A password manager will help you as an MSP to develop trustworthy, accessible and efficient systems for your customers, on the one hand, protecting the organization’s internal data and, on the other hand, improving your service and adding a valuable solution to your portfolio.