TDR & Bitdefender Integratin Guide
TDR and Bitdefender Deplyment Overview Threat Detectin and Respnse (TDR) is a cllectin f advanced malware defense tls that crrelate threat indicatrs frm Firebxes and Hst Sensrs t enable real-time, autmated respnse t stp knwn, unknwn, and evasive threats. As part f the TDR slutin, yu install TDR Hst Sensrs t prvide endpint prtectin. In sme cases, the TDR Hst Sensr might have cnflicts with the antivirus sftware installed n yur endpints. T reslve this issue, yu can cnfigure exclusins in the antivirus sftware and in TDR. This dcument includes infrmatin abut the integratin f a TDR Hst Sensr with a hst that runs Bitdefender. It des nt describe the prcedure t set up Threat Detectin and Respnse. Fr infrmatin abut hw t set up yur TDR accunt, hw t enable TDR n a Firebx, and hw t install a Hst Sensr, see Quick Start Set Up Threat Detectin and Respnse. Unless therwise nted, cnfigure each TDR exclusin with these ptins, which are selected by default: Als exclude subflders Entities t exclude: Files and Prcesses i WatchGuard Technlgies, Inc.
Integratin Summary T avid cnflicts between the TDR Hst Sensr and Bitdefender GravityZne Business Security, add these exclusins: Exclusins in TDR fr Bitdefender GravityZne Business Security Fr Windws: C:\Prgram Files\Bitdefender\ C:\Prgram Files\Cmmn Files\BitDefender\ C:\PrgramData\BitDefender\ C:\Windws\Temp\tmp00*\tmp00* C:\Windws\Temp\bdcre_tmp\* Exclusins in Bitdefender GravityZne Business Security fr the TDR Hst Sensr Fr Windws: 64-bit Windws C:\Prgram Files (x86)\watchguard\threat Detectin and Respnse\ 32-bit Windws C:\Prgram Files\WatchGuard\Threat Detectin and Respnse\ Exclusins in TDR fr Bitdefender GravityZne Business Security Fr Mac: /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/library/bitdefende r/avp/antivirus.bundle/av64bit_00000/ /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/library/bitdefende r/avp/endpintsecurityfrmac.app/cntents/ /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/applicatins/bitde fender/ /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/library/bitdefende r/avp/ /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/library/bitdefende r /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/applicatins/bitde fender Exclusins in Bitdefender GravityZne Business Security fr the TDR Hst Sensr Fr Mac: /usr/lcal/watchguard If the Hst Sensr and Bitdefender GravityZne Business Security detect and respnd t a threat at the same time, this can cause high utilizatin f system resurces such as CPU, memry, and disk I/O. TDR & Bitdefender Integratin Guide ii
Cnfiguratin Details T cmplete this deplyment, yu must have: An active Threat Detectin and Respnse subscriptin with Hst Sensr licenses TDR Hst Sensr 5.2.1.8015 Firebx with Fireware v12.0 r higher Bitdefender GravityZne Business Security: Bitdefender Endpint Security Tls 6.2.25.944 r 6.2.31.985 Fr Windws Bitdefender Endpint Security Fr Mac The Windws test envirnment fr this deplyment included: Windws 7, 8, 10 Enterprise 64-bit Operating System Memry (RAM) 8 GB Prcessr 2 CPU Cres The Mac test envirnment fr this deplyment included: macos 10.13 Memry (RAM) 8 GB Prcessr Intel cre i5 iii WatchGuard Technlgies, Inc.
Cnfigure Exclusins in TDR In yur TDR accunt, add the exclusins t manually identify paths fr files and prcesses that yu d nt want Hst Sensrs t mnitr. Befre yu deply a Hst Sensr n cmputers that have Bitdefender GravityZne Business Security installed, add exclusins fr the Bitdefender GravityZne Business Security file paths as TDR Exclusins in yur TDR accunt. T exclude Bitdefender GravityZne Business Security directries, add exclusins with these paths in yur TDR accunt. Flders specified in an exclusin must end with a backslash. Exclusins fr Windws: C:\Prgram Files\Bitdefender\ C:\Prgram Files\Cmmn Files\BitDefender\ C:\PrgramData\BitDefender\ C:\Windws\Temp\tmp00*\tmp00* C:\Windws\Temp\bdcre_tmp\* Exclusins fr Mac: /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/library/bitdefender/avp /antivirus.bundle/av64bit_00000/ /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/library/bitdefender/avp /EndpintSecurityfrMac.app/Cntents/ /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/applicatins/bitdefende r/ /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/library/bitdefender/av P/ /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/library/bitdefender /private/var/flders/zz/zyxvpxvq6csfxvn_ n0000000000000/c/pkinstallsandbxmanager/*.activesandbx/rt/applicatins/bitdefende r TDR & Bitdefender Integratin Guide iv
Unless therwise nted, cnfigure each TDR exclusin with these ptins, which are selected by default: Als exclude subflders Entities t exclude: Files and Prcesses T add an exclusin in TDR: 1. Lg in t yur TDR accunt r managed accunt as a user with Operatr privileges. 2. Select Cnfiguratin > Exclusin. 3. Click Add Exclusin. The Add Exclusin dialg bx appears. 4. In the Path text bx, type the path t exclude. 5. Click Save. Repeat these steps t add each exclusin. v WatchGuard Technlgies, Inc.
Cnfigure Exclusins in Bitdefender GravityZne Business Security In Bitdefender GravityZne Business Security add the exclusins t identify the paths fr files and lcatins t exclude. T prevent cnflicts between the Hst Sensr and Bitdefender GravityZne Business Security, we recmmend yu add exclusins in Bitdefender GravityZne Business Security fr the paths used by the TDR Hst Sensr. T exclude TDR Hst Sensr files n 64-bit Windws add an exclusin fr: C:\Prgram Files (x86)\watchguard\threat Detectin and Respnse\ T exclude TDR Hst Sensr files n macos add an exclusin fr: /usr/lcal/watchguard T add an exclusin in Bitdefender GravityZne Business Security Bth Windws and macos: 1. Lg int https://clud.gravityzne.bitdefender.cm/ with yur Bitdefender accunt. 2. Click Plicies n the left panel. 3. Select the plicy yu want t update. The default plicy is read-nly. T edit the default plicy, click Clne Plicy. Add the exclusins and then set the clned plicy as default. 4. Select Antimalware n the left panel. A list f ptins appears. 5. Select Settings. 6. Select the Custm Exclusins check bx. 7. Frm the Type clumn drp-dwn list select File. 8. Type the exclusin paths in the Files, flders, extensins r prcesses clumn. 9. Frm the Mdulesclumn drp-dwn list select All. 10. In the Actin clumn click +. 11. Click Save. 12. Check the plicy yu just mdified. Then select Set as default n the tp f the page t apply the plicy. The results f this testing might als apply t these prducts, which were nt tested: Bitdefender GravityZne fr Enterprise Bitdefender fr SMBs Business Security Bitdefender fr SMBs Advanced Business Security Fr infrmatin abut the integratin testing methdlgy, see TDR Testing Methdlgy. TDR & Bitdefender Integratin Guide vi
Abut This Guide Guide Type Dcumented Integratin WatchGuard r a Technlgy Partner has prvided dcumentatin demnstrating integratin. Guide Details WatchGuard prvides integratin instructins t help ur custmers cnfigure WatchGuard prducts t wrk with prducts created by ther rganizatins. If yu need mre infrmatin r technical supprt abut hw t cnfigure a third-party prduct, see the dcumentatin and supprt resurces fr that prduct. Infrmatin in this guide is subject t change withut ntice. Cmpanies, names, and data used in examples herein are fictitius unless therwise nted. N part f this guide may be reprduced r transmitted in any frm r by any means, electrnic r mechanical, fr any purpse, withut the express written permissin f WatchGuard Technlgies, Inc. Guide revised: 2/20/2018 Cpyright, Trademark, and Patent Infrmatin Cpyright 1998 2018 WatchGuard Technlgies, Inc. All rights reserved. All trademarks r trade names mentined herein, if any, are the prperty f their respective wners. Cmplete cpyright, trademark, patent, and licensing infrmatin can be fund in the Cpyright and Licensing Guide, available nline at http://www.watchguard.cm/wgrd-help/dcumentatin/verview. Abut WatchGuard WatchGuard Technlgies, Inc. is a glbal leader in netwrk security, prviding best-in-class Unified Threat Management, Next Generatin Firewall, secure Wi-Fi, and netwrk intelligence prducts and services t mre than 75,000 custmers wrldwide. The cmpany s missin is t make enterprisegrade security accessible t cmpanies f all types and sizes thrugh simplicity, making WatchGuard an ideal slutin fr Distributed Enterprises and SMBs. WatchGuard is headquartered in Seattle, Washingtn, with ffices thrughut Nrth America, Eurpe, Asia Pacific, and Latin America. T learn mre, visit WatchGuard.cm. Fr additinal infrmatin, prmtins and updates, fllw WatchGuard n Twitter, @WatchGuard n Facebk, r n the LinkedIn Cmpany page. Als, visit ur InfSec blg, Secplicity, fr real-time infrmatin abut the latest threats and hw t cpe with them at www.secplicity.rg. Address 505 Fifth Avenue Suth Suite 500 Seattle, WA 98104 Supprt www.watchguard.cm/supprt U.S. and Canada +877.232.3531 All Other Cuntries +1.206.521.3575 Sales U.S. and Canada +1.800.734.9905 All Other Cuntries +1.206.613.0895 TDR & Bitdefender Integratin Guide 7