Table of Contents
Table of Contents | ||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Introduction
SentinelOne (S1) is a next-generation anti-virus solution that detects and responds to cyber threats like malware and ransomware. S1 provides a lightweight single-agent approach with AI capabilities. (Source https://security.utoronto.ca/about/cyberstrategy/epp/sentinelone-project/ ).
...
This how-to will guide you through installing S1 agent on Ubuntu, however we provide installers for Linux and Windows OS available at vskey-stor.eis.utoronto.ca:/ut-vss-lib/sentinelone
.
Requirements
- Site Token. To associate your virtual instance to your department SentinelOne, you need an site token. If you have one, you are good to go. Otherwise, reach out to the Endpoint Protection Support (https://security.utoronto.ca/about/cyberstrategy/epp/support/ ) Team to get started.
- ITS Private Cloud account. Used to download the installers from the VSS User Storage (vskey-stor.eis.turoonto.ca) to the server.
- Admin Credentials. Account with administrative privileges to install the agent.
\uD83D\uDCD8 InstructionsInstructions
Login to the target server and promote as administrator/root.
With your preferred SFTP client login to vskey-stor.eis.utoronto.ca using your VSS credentials and fetch any of the available installers based on the host operating system:
Code Block sftp user@vskey-stor.eis.utoronto.ca (user@vskey-stor.eis.utoronto.ca) Password: Connected to vskey-stor.eis.utoronto.ca. sftp> get /ut-vss-lib/sentinelone/SentinelAgent_linux_x86_64_v24_1_2_6.deb Fetching /ut-vss-lib/sentinelone/SentinelAgent_linux_x86_64_v24_1_2_6.deb to SentinelAgent_linux_x86_64_v24_1_2_6.deb SentinelAgent_linux_x86_64_v24_1_2_6.deb 100% 45MB 51.8MB/s 00:00 sftp>
Run the installer:
Code Block apt install ./SentinelAgent_linux_x86_64_v24_1_2_6.deb
Associate the instance with your department site token:
Code Block /opt/sentinelone/bin/sentinelctl management token set {{ sentinelone_token }}
Start the service
Code Block /opt/sentinelone/bin/sentinelctl control start
Note that the first run takes a few minutes until shown at the SentinelOne Management Console (https://cace1-201.sentinelone.net/login).
If you have any questions about S1, please reach out to the InfoSec Support teamhttps://security.utoronto.ca/about/cyberstrategy/epp/support/ .
\uD83D\uDCCB Related Related articles
Filter by label (Content by label) | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|