Application Persistence policies for SentinelOne
SentinelOne™ is a cybersecurity solution that develops endpoint protection and applies AI and machine learning to prevent known and unknown threats. The solution requires the installation of the SentinelOne agent on the organization's devices.
You can activate an Application Persistence policy to collect information about the functional status of the SentinelOne agents installed on your Windows devices and to view the results in reports. You can also configure the policy to reinstall the agent.
Application Persistence policies for SentinelOne are supported only on devices running a supported version of the Windows operating system and one of the following versions of the SentinelOne agent:
If you select Report higher versions as Compliant, higher versions report Compliant without running health checks.
You can configure an Application Persistence policy for SentinelOne to enable the RAR component to attempt to reinstall the SentinelOne agent if it's missing.
NOTE The Report and repair option isn't supported. Depending on the Absolute product licenses associated with your account, the Report, repair, and reinstall option may not be available.
The RAR component of the Absolute agent can respond to the following issues:
One of the following services isn't running:
If the Report, repair, and reinstall option is selected in the Application Persistence policy, the RAR component downloads and reinstalls the agent.
NOTE Downgrades are not supported. If the version installed on a device is higher than the expected version, no action is taken.
The expected version of the SentinelOne agent isn't installed
Before you activate an Application Persistence policy you need to configure the policy. You need to configure the application version in addition to the settings in Configuring Application Persistence policies.
To configure the application version:
Under SentinelOne™ version, enter the version of SentinelOne agent you expect to be running on your devices.
- The target version must be a sequence of digits separated by a period.
- You must enter the full version number, for example, 188.8.131.52.
IMPORTANT Wildcard "*" characters are not accepted.
If you selected the Report, repair, and reinstall option, you also need to configure these settings in addition to the settings in Configuring Application Persistence policies.
To configure the SentinelOne specific settings:
- Under Site Token, enter your SentinelOne management Site Token. You can find the correct token by logging in to the SentinelOne Management Console.
Under Additional installer commands, enter the applicable command line parameters to configure any optional settings not covered by the policy configurations. If you don't configure any settings, the default values shown in the SentinelOne documentation are used.