Endpoint Detection and Response

The N-sight RMM EDR user guide documentation is located in N-ableMe. Once logged in, select Products > N-sight RMM> EDR documentation. Due to the security nature of the EDR integration, the documentation is protected with user authentication for N-ableMe.

N-able Endpoint Detection and Response (EDR) is an integrated threat management solution from SentinelOne. Combining N-sight RMM with SentinelOne's endpoint protection, EDR enables Windows devices to self-defend and heal themselves by stopping processes, quarantine, fix, and roll back events to keep devices protected.

EDR uses process behavior to monitor multiple processes to recognize attacks as they develop and respond at machine speed. This is different to signature-based detection from traditional AV solutions, which monitors processes as they execute, and not the processes that can spawn from of it.

EDR provides forensic data to mitigate threats quickly, perform network isolation, and protect against newly discovered threats.

Key features in the N-sight RMM integration include the ability to deploy EDR agents, configure profiles, and monitor devices from the dashboard.

Documentation

Information on EDR and its usage is available in the N-ableMe Endpoint Detection and Response documentation section.

Please be aware that access to this section requires an active N-ableMe login for authentication.

If you are not currently logged into N-ableMe, you will receive a prompt to enter your credentials or "Sign up now" to create an account.

Endpoint Detection and Response (EDR) via N-sight RMM is available for Windows and Apple devices only. Linux devices can be protected via the SentinelOne console, however there is currently no EDR monitoring via N-sight RMM for Linux devices. Please see the EDR Console User Guide for further details on deploying the SentinelOne Agent to Linux devices.