We are pleased to let you know that coming September 5th, N-able EDR users will have available two new features for your use: Attack Surface Management (powered by SentinelOne RANGER®) and SentinelOne Rogues™. These capabilities will be available for Standalone EDR and our new Enhanced Integrated version.Read more: EDR Advance Notice: Attack Surface Management (powered by SentinelOne Ranger) and SentinelOne Rogue
SentinelOne Rogues is a free Add-On and provides visibility of endpoints connected to your network that are not currently protected by EDR but can be. Once enabled Rogues feature, your existing SentinelOne Endpoints become scanners. SentinelOne Agents scan your local subnet to identify and manage connected endpoints on which the Agent is not yet installed.
- Enterprise-wide visibility of unprotected endpoints.
- Discover gaps in your SentinelOne deployment.
- Simple snapshot of unsecured endpoints on which to install the Agent.
Rogues can be enabled individually on any Site. Once enabled all, one or multiple selected Windows or macOS Agents of this Site or Account can be scanners.
Once enabled a new section titled ‘Network Rogues’ is provided in the Sentinels section of your EDR Console
Completed Rogues scans will populate a wide variety of information allowing you to determine which endpoints require EDR broken out by Operating Systems. It also gives you a sneak peek at the billable add on Ranger, keep reading to learn all about Ranger!
please be sure to read the full supporting documentation available here at our new N-able Me: https://me.n-able.com/
Network Attack Surface Management (Powered by SentinelOne Ranger)
SentinelOne Ranger is a billable Add-On you can self-enable giving full visibility of all devices connected to your network. Ranger Agents scan your corporate environment to identify and manage connected devices, even those not protected by or supported by SentinelOne.
Ranger identifies devices as:
- Secured – End-user computer or laptop, or server, on which the SentinelOne Agent is installed.
- Unsecured – Endpoint of supported hardware, running a supported OS, on which the Agent is not yet installed.
- Unsupported – Hardware or software that are not compatible with the SentinelOne Agent (such as mobile phones, Android tablets, and UNIX servers).
- Unknown – Device that is not secured, but we cannot determine if is supported by the SentinelOne Agent or not.
- Enterprise-wide visibility of connected devices.
- Intelligent and automatic scan management for best discovery coverage with minimal network traffic footprint.
- Simple map of unsecured endpoints on which to install the Agent.
- Enriched Threat Hunting with unsecured device information as part of an IOC investigation.
- Network isolation for unwanted devices to reduce the attack surface.
- Easy deployment of Ranger as an integrated solution with SentinelOne Agent and Management Console.
- Easy network scale with zero configuration to discover new networks and subnets.
- Rogues can be enabled individually on any Site.
Once enabled all, one or multiple selected Windows or macOS Agents of this Site or Account can be scanners.
Once enabled a new section “Ranger” appears down the left menu options of your EDR Console
Completed Rangers scans results populate within the Device Inventory table with not only great insights but actionable controls.
Easily Filter your results
Flexible configuration options allowing you to ease into Ranger
Ranger provides a number of actions such as:
- The ability to deploy EDR easily from the Ranger screen,
- Update Device Fingerprinting
- Provide Review Device notes and status
- Apply tags
- One click Isolation
- And the ability to easily punt to COMPLETE license Deep Visibility for active analysis.
If you haven’t yet checked out Deep Visibility EDR users can easily self-enable by creating new Sites using SentinelOne’s Complete License bringing with it the power of Proactive threat hunting.
To learn more about pricing for Ranger and Complete Licenses with Deep Visibility please reach out to your Partner Success Manager
Please be advised no console update will be required on September 5th this will be a console enablement exercise only. There will be no downtime, and all endpoints remain protected.
One final reminder don’t forget to check out the full supporting EDR documentation for Ranger and Rogue on our new N-able Me Site: https://me.n-able.com/
As always, feedback is welcomed