Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Table of Contents
minLevel1
maxLevel6
include
outlinefalse
indent
stylenone
excludeTable of Contents
typelist
class
printabletrue

Introduction

SentinelOne (S1) is a next-generation anti-virus solution that detects and responds to cyber threats like malware and ransomware. S1 provides a lightweight single-agent approach with AI capabilities. (Source https://security.utoronto.ca/about/cyberstrategy/epp/sentinelone-project/ ).

...

This how-to will guide you through installing S1 agent on Ubuntu, however we provide installers for Linux and Windows OS available at vskey-stor.eis.utoronto.ca:/ut-vss-lib/sentinelone.

(tick) Requirements

\uD83D\uDCD8 InstructionsInstructions

  1. Login to the target server and promote as administrator/root.

  2. With your preferred SFTP client login to vskey-stor.eis.utoronto.ca using your VSS credentials and fetch any of the available installers based on the host operating system:

    Code Block
    sftp user@vskey-stor.eis.utoronto.ca
    (user@vskey-stor.eis.utoronto.ca) Password:
    Connected to vskey-stor.eis.utoronto.ca.
    sftp> get /ut-vss-lib/sentinelone/SentinelAgent_linux_x86_64_v24_1_2_6.deb
    Fetching /ut-vss-lib/sentinelone/SentinelAgent_linux_x86_64_v24_1_2_6.deb to SentinelAgent_linux_x86_64_v24_1_2_6.deb
    SentinelAgent_linux_x86_64_v24_1_2_6.deb                                                                       100%   45MB  51.8MB/s   00:00
    sftp>
  3. Run the installer:

    Code Block
    apt install ./SentinelAgent_linux_x86_64_v24_1_2_6.deb 
  4. Associate the instance with your department site token:

    Code Block
    /opt/sentinelone/bin/sentinelctl management token set {{ sentinelone_token }}
  5. Start the service

    Code Block
    /opt/sentinelone/bin/sentinelctl control start
  6. Note that the first run takes a few minutes until shown at the SentinelOne Management Console (https://cace1-201.sentinelone.net/login).

If you have any questions about S1, please reach out to the InfoSec Support teamhttps://security.utoronto.ca/about/cyberstrategy/epp/support/ .

Filter by label (Content by label)
showLabelsfalse
max5
spacescom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@32c6ab3f
sortmodified
showSpacefalse
reversetrue
typepage
labelskb-how-to-article
cqllabel = "kb-how-to-article" and type = "page" and space = "VSSPublic"