WatchGuard today announced Total MDR, integrating its endpoint, firewall, identity, network, and cloud security solutions into a single portal for MSPs. The new managed detection and response service includes a 24/7 security operations center (SOC) team, powered by AI and expert threat hunters. It also supports third-party cloud environments, including Microsoft 365/Azure, AWS CloudTrail, and Google Workspace.
Total MDR builds on WatchGuard’s acquisition of ActZero in January of this year. This news also follows WatchGuard’s launch of FireCloud Internet Access for hybrid SASE environments in March. And in May, WatchGuard appointed Vats Srivatsan, a cybersecurity industry veteran and operating partner at Vector Capital, WatchGuard’s majority owner, as Interim CEO, with former CEO Prakash Panjwani transitioning to board member and strategic advisor.
A Look at WatchGuard Total MDR
With the ActZero technology and team powering Total MDR, “the partner or the customer doesn’t have to take action around the clock. That’s our job,” says Hal Libby, WatchGuard’s general manager for managed services, and co-founder of ActZero. The AI analyzes telemetry from disparate sources and “spits out an easy score that either informs a human’s action or allows us to take autonomous action. It empowers the MSP partner to become the face of an MDR, to outsource the SOC while still maintaining the trusted relationship with the client.”
This first iteration of WatchGuard Total MDR is what Libby calls a “fully integrated, closed WatchGuard ecosystem.” The service manages and leverages existing WatchGuard Endpoint Detection and Response (EDR), Endpoint Protection, Detection, and Response (EPDR), Advanced Endpoint Protection, Detection, and Response (AEPDR), Firebox firewalls, AuthPoint identity controls, and Network Detection & Response (NDR), all within a single multi-tenant portal.
According to WatchGuard, the service’s AI-driven threat management cuts false positives to less than one per day.
Total MDR also includes access to technical account managers who offer ongoing threat insights, escalation support, and adaptable runbooks.
“This is a huge value add,” Libby says. “You’re basically getting access to a dedicated security engineer to help up level your ability to guide and protect your customers.”
This is in addition to the SOC personnel, who Libby says MSPs can contact at any time.
Current MSP partners can sign up for Total MDR through the partner portal, and Libby says the price will range from $8 to $10 per endpoint per month for a one- or three-year subscription. “It’s as simple as signing up through WatchGuard cloud, telling us what sort of interaction you would like the SOC to have, setting the communication pathways, the alert pathways, the response pathways, and then we do the rest behind the scenes, turn it on, and we’ll start to monitor.”
Net-new WatchGuard MSP partners will need to have WatchGuard’s EDR to leverage Total MDR, but not necessarily the rest of the integrated products, Libby says.
An Open MDR Service Is Under Development
In the second half of the year, Libby says WatchGuard will introduce an open MDR that will enable the integration of third-party technologies and additional tools to extend detection and response across more attack surfaces.
The idea is that WatchGuard wants to meet MSPs where they are, Libby says. “The MSPs hopefully love all of our products, but if you happen to like a different firewall or different endpoint, we’ll still be able to deliver a solid managed services experience for the end customers.”
He adds, “the visualization and the reporting would all be the same for the partner. The experience is nearly identical.”
The first iteration of the open service will support “most every firewall,” Libby says, and select EDR solutions. “We’ll grow that over time based on what we see in the partner community and based on the needs.”
Libby would like MSPs to know this about their efforts: “We’re trying to deliver the service that MSPs in particular need to be able to react to not only a changing threat landscape but a business one as well.”
