WatchGuard ThreatSync Open

Overview & Core Capabilities

Unlock a Unified Security Posture with ThreatSync Open

Modern networks rarely rely on a single vendor. ThreatSync Open bridges the gap between your WatchGuard environment and third-party security platforms. By expanding the native threat detection and response capabilities of ThreatSync, it allows organizations to ingest, monitor, and respond to external security alerts directly from the centralized WatchGuard ThreatSync Management UI.

Key Buying Benefits

Licensing & Purchasing Models

Flexible, Per-User Licensing

To use ThreatSync Open, a license must be purchased and activated via the WatchGuard Support Center. Licensing is based entirely on user count, offering scalable options depending on your organizational structure.

For Standard Subscribers

• Single License Structure: Subscriber accounts maintain one active product license.
• Easy Upgrades: Purchasing a new license key simply modifies your current active license, allowing you to seamlessly add more users or extend your expiration date.
• Co-Terming: When you add users, the new license merges with your active license. A new expiration date is automatically calculated based on the updated user count and term length, synchronizing your renewal dates. (Example: If you have 50 users and buy a term license for 100, your updated synced inventory is 150 users).

Subscription vs. Term Users

If you hold an active subscription license and decide to renew or upgrade a fixed-term license, your subscription usage is automatically adjusted. You will only be billed on a subscription basis for the users that exceed your termed license count.

Lifecycle & Expiration

What to Expect During Renewals and Expiration

Maintaining continuous security coverage is critical. ThreatSync Open features built-in grace periods to ensure your environment remains protected during the renewal process.

• Expiration Timing: Licenses officially expire the day after the expiration date at 00:00 UTC.
• 7-Day Grace Period: Upon expiration, accounts enter a 7-day grace period. Renewing within this window requires no further setup or action.
• Post-Grace Period Actions: If the license remains unrenewed after the grace period ends:
  • ThreatSync Open immediately stops monitoring and connecting to third-party security platforms.
  • Access to the ThreatSync Open management UI is disabled.
  • Historical ThreatSync Open data is permanently deleted.
• Service Provider Isolation: If an MSP holds multiple licenses and one expires, only the specific account tied to the expired license loses UI access. Fully licensed accounts experience zero interruption.