SentinelOne Backup Best Practice
SentinelOne Backup Best Practice Disclaimer: Disabling VSS snapshots will invalidate the Sentinel One ransomware warranty. If there are any questions on this, please contact the SOC at- [email protected] Issue Protected servers with SentinelOne installed may exhibit very slow performance and in some cases unexpectedly reboot, when SentinelOne is configured to perform VSS snapshots on the […]
SentinelOne Firewall Control
SentinelOne Firewall Control lets you manage endpoint firewall settings from your SentinelOne Management Console. Use Firewall Control to define which network traffic, applications, and connections are allowed in and out of endpoints. Firewall Control policy can be Global, for a Site, or for a Group. Groups and Sites can inherit policies or have their own. […]
How to Create a SentinelOne Site?
To create a new site in the SentinelOne console, expand the blue scope arrow pictured on the left hand side. Ensure you have selected your “Account” level as shown below, under the account you should see your different client sites. Note: New site creation can only be done by Account level Admins. Select the blue + […]
SentinelOne VM Host VSS Standby Issue with Virtual Machines
Fortify for Endpoint Security Issue An issue with VM Hosts exists that if VSS Snapshots are turned on for a drive that contains VMs, it can put the guest in a standby or paused state during a snapshot. To resolve this problem, SentinelOne snapshots need to be disabled on the host. Note: This will disable the […]
SentinelOne Not Recommended Exclusions
The list below shows items that you must NOT exclude with SentinelOne exclusions. If you create an exclusion for any of these items, you open your environment to security risk and void the SentinelOne Ransomware Warranty for the site. If you have an interoperability or false positive issue that you need help to resolve, please […]
Exclusions on SentinelOne Portal for Known Good Applications
A path exclusion may be required on the S1 portal for some applications to function as intended and avoid conflicts. If you deploy this solution, the Agent will not be able to protect the affected endpoints from exploits directed at the excluded application vulnerabilities. Microsoft SQL Servers SQL 2016 C:\program file*\Microsoft SQL Server\MSSQL13.<Instance Name>\MSSQL\Binn\SQLServr.exe C:\program […]
Pre-Deployment
Create Users in the Management Console Create SentinelOne Management Console users to let your security team log in to the Management Console and manage endpoint security. How to Create a New User in the SentinelOne Console Note: To create users to manage or view your SentinelOne console, you must have Site Admin permissions. In the SentinelOne […]
Uninstalling Agents from the CLI
Overview For Windows and macOS Agents, if Anti-Tampering is enabled, a passphrase is required to uninstall an Agent from the CLI. Take note these steps should only be attempted when uninstallation via the SentinelOne console is unsuccessful or unavailable. Note: If you are unable to uninstall the Agent with the steps in this article, please contact the SOC via phone or at To […]
Device Control
Device Control Device Control Overview SentinelOne Device Control lets you control which external devices are allowed to be used with endpoints in your organization. Use Device Control to: Block external devices that are not required, to limit data leaks. Strictly control allowed devices to prevent malicious content that can enter your network through external devices. […]
