Keeping your network safe is arguably the most important responsibility of any IT team. But it’s exhausting to manually manage the deployment of antivirus software for all the endpoints you manage. It only gets harder with the hybrid workforce of today.
What you need is a combination of a powerful antivirus that can keep your systems safe and a robust RMM that can take care of the deployment. That’s exactly what SuperOps and SentinelOne can do for you.
Efficiently manage threats, response, and remediation by remotely auto-deploying SentinelOne on your endpoints and keeping their network protected from online risks at all times.
What is SentinelOne?
SentinelOne is a powerful antivirus and endpoint protection software with a host of modules to fight against various cybersecurity risks. It is powered by AI to detect and monitor security breaches and threats to safeguard your IT environment. On-site installation of SentinelOne is available for Windows and Mac systems.
Configuring the SuperOps + SentinelOne integration
1. Go to Settings > Marketplace and scroll down and click on SentinelOne.
2. To connect with your existing SentinelOne account, you will need the access URL of your SentinelOne management console and your SentinelOne Admin’s API token.
3. Once the connection is successful, your SentinelOne toggle button should be automatically enabled.
👉🏻 Sidebar: Getting SentinelOne Admin’s API token
Go to your SentinelOne management console, and click on Settings > Users.
Click on the Admin user from whom you have to generate the API token and click the Options button on their pop-up.
Select Generate API token and copy it to enter it during the configuration process.
Mapping sites between SuperOps and SentinelOne
After connecting your SentinelOne account, you must map your sites from SuperOps to their respective sites in SentinelOne.
Here’s how:
1. Create a new site in SentinelOne using the site name from SuperOps if there is no site in SentinelOne yet. Just click on the Create box on the left, and your site from SuperOps will be added as a new site in SentinelOne.
2. If the site already exists in SentinelOne, select it from the drop-down menu under the "Sites in SentinelOne" column against the site you want to map it to in SuperOps.
3. If you don’t want to map a SuperOps site to a SentinelOne site, click the Ignore box on the right.
4. Once you have completed matching your sites, click on Import to begin your importing process. We will actively show the progress of this import process in the form of a status report. From the status report, you can see how many sites are created, imported, ignored, and didn’t go through the import as errors.
5. After you've successfully mapped and imported all your sites, enable SentinelOne at the policy level to deploy SentinelOne agents for your assets.
You can set this by going to Settings > Asset management > Policy management > Asset class > Antivirus.
Note: The SentinelOne agent is installed only on endpoints controlled by the given SentinelOne Admin and on sites that have been successfully mapped with SentinelOne set as their antivirus policy.
Now, you can see the antivirus in action on the Asset Summary page.
To do that, go to Modules > Assets and click on any asset from the list.
In the antivirus tab, you can see the status of the antivirus.
To check when an asset was last scanned for viruses and how many threats were detected by SentinelOne, click More info on the Anti-virus card on the Assets Summary page.
Click on the More info option on the anti-virus tab and click the Actions drop-down button. This will let you perform the following actions on the SentinelOne agent from SuperOps.
1. Full Disk Scan
2. Abort Scan
3. Uninstall the SentinelOne Agent
You can also see these actions by clicking the Actions drop-down button from the Asset summary page.
