EPDR versus TDR

Can someone explain the licensing plan for EPDR versus the existing TDR? Will this be a straight replacement? Add-on? Additional or different cost?

Also, can we run EPDR concurrently with existing TDR?

Thanks.

Comments

  • John_NortonJohn_Norton WatchGuard Representative
    edited April 2021

    Hi Patrick, EDPR is not a direct replacement for TDR. EDPR is the evolution of Panda AD360 into the WatchGuard Cloud ecosystem, and will be licensed as a separate product, like AD360 is today.

    You can run the two concurrently, like with TDR+AD360, but bear in mind that EDPR is still technically in the beta phase-- while the functionality is fully featured, minor changes like directory and service names may occur when it it generally available.

  • @John_Norton said:
    Hi Patrick, EDPR is not a direct replacement for TDR. EDPR is the evolution of Panda AD360 into the WatchGuard Cloud ecosystem, and will be licensed as a separate product, like AD360 is today.

    Has this changed as running both TDR + EPDR seems excessive (and expensive cost and CPU wise)?

  • Hi, I was wondering this too. We have two M390 boxes at different locations with 150 TDR host sensor licenses each which gives us 300 host sensor licenses, plus we also bought 300 EPDR licenses.
    I'm currently running both EPDR and TDR Sensor on my work laptop. Do I need to run two? I'm confused.

    Does it mean we have 300 EPP and 600 TDR licenses?

  • @zYx said:
    Hi, I was wondering this too. We have two M390 boxes at different locations with 150 TDR host sensor licenses each which gives us 300 host sensor licenses, plus we also bought 300 EPDR licenses.
    I'm currently running both EPDR and TDR Sensor on my work laptop. Do I need to run two? I'm confused.

    Does it mean we have 300 EPP and 600 TDR licenses?

    I would like to know this as well. TDR is a resource hog and if it's redundant, I would just as soon uninstall it.

  • John_NortonJohn_Norton WatchGuard Representative
    edited December 2022

    Short answer, no-- you do not need to run TDR and EPDR side by side anymore.

    Over the last year, we have added all of TDR's relevant features and detection methods to EPDR, including things like Secure VPN to a Firebox, decoy files, and more.

    In the next few months, TDR will soon be renamed to EDR Core, and have a new agent based on the EPP/EDR/EPDR code base for better performance and upgrade flexibility. When this happens you will not be able to run EDR Core and EPDR side by side, as they utilize the same agent and have overlapping methodologies.

    As a first step that will soon be available in beta, Threat Detection in WatchGuard Cloud will be reworked and expanded to ThreatSync XDR to allow EPDR clients to correlate data with Fireboxes and have TDR-style automated actions applied to incidents. This will later also include products and actions from other WatchGuard services, but the first version will include Fireboxes and EPDR.

    Beta invites will be sent to the public soon, but if you would like early access you can contact your WatchGuard Sales team and they can request early activation of the ThreatSync beta for your account.

Sign In to comment.