MDR Agents and Virtual Collector

Our MDR solution delivers 24x7 threat detection and response through lightweight agents and a centralized Virtual Collector.

• MDR Agents monitor endpoints in real time, collect telemetry, and enable automated containment actions. They integrate with our platform to support rapid incident response and threat hunting.

• Virtual Collector aggregates logs from across your environment, normalizes data, and securely forwards it to our cloud-native platform. It’s easy to deploy and ensures full visibility across on-premises, cloud, and hybrid systems.

Together, these components provide continuous protection, expert-led analysis, and fast remediation without the complexity of managing a traditional SOC.

You can deploy the MDR agents and Virtual Collector in two ways: directly through the MDR console or - our recommended method - using our resource package for streamlined setup and configuration.

The resource package includes:

• AMP script and documentation for installation via N-central and N-sight:

  • Adlumin installer AMP

  • N-able MDR N-central deployment guide (PDF)

  • MDR N-sight install deployment guide (PDF)

• Azure PowerShell configuration script and guide:

  • Azure_Adlumin_Setup PowerShell script

  • N-able MDR Entra ID setup documentation (PDF)

• Windows Syslog collector and documentation:

  • AdluminForwarderInstaller (MSI)

  • N-able MDR Syslog guide (PDF)

Click here to download the N-able_MDR.zip package.

Microsoft regularly reviews and updates permissions and settings. To keep up with these changes, we frequently update the Azure script. We recommend regularly checking your permission sets and rerunning the script to apply the latest permissions to your Entra ID app for existing SKUs, and make sure that full Purview auditing is enabled for your MDR tenants.