At SentinelOne, our mission is clear: To empower the world to run securely through intelligent, data-driven, and enterprise-wide cybersecurity. Driving this mission is our dedication to providing world class service to make our customers more successful and secure.
When adopting new technologies purpose built for what’s next, we could all use some support. With the right preparation and planning, we’re here to ensure a streamlined onboarding experience so you can see faster time-to-value and protect your systems now.
Implementing SentinelOne in your environment is a straightforward process with plenty of resources and support to guide you through your journey. Follow the steps thousands of our customers have used, and read on to see just how easy onboarding can be.
The key to successful onboarding is planning. Take some time as you begin your journey to think through your timeline and priorities, how you want your environment structured, and the status of your critical systems.
When defining your hierarchy, consider which teams will manage the endpoints and respond to alerts. This is also the right time to identify some pilot users or groups. Essentially, there are the users you know who would be willing to give constructive feedback.
SentinelOne’s installation process itself is simple — there is only one agent to install and no reboot required to get your new protection capabilities going. From there, configure your policy and use our Exclusions Catalog to implement some recommended exclusions based on common products.
Many of our customers use a ‘side-by-side’ approach, installing SentinelOne on top of their existing security products. While this approach requires the proper exclusions in place for cohabitation, it allows you to get comfortable with SentinelOne capabilities, begin integration efforts, and complete any needed tuning exercises with minimal operational impact. Uninstall your previous solution and set your policy to protect against malicious threats once your teams gain confidence in using our platform.
As you begin onboarding, take advantage of all the resources we have in our Customer Community, including SentinelOne University training, Digital Guided Onboarding videos, our Getting Started Guide, and more.
Now that you’ve mapped out your strategy, it’s time to start configuring your console. Use our preconfigured Role-Based Access Controls to set up user access, or create custom roles to match your organization’s requirements. Integrate your single sign-on (SSO) and two-factor authentication (2FA) to further enhance security and access to the console.
Determine what you want your initial policy to be, and set up some test groups. If you are validating with a side-by-side approach, have your policy set to “Detect.” That way, you can monitor any alerts that are identified without worrying about operational impact due to false positives.
If you are starting with a full test environment, set the policy to “Protect” and run through your test cases. We recommend using production images where possible to get the most out of your testing, especially if you have any custom-built software.
We also recommend mapping out your integrations, including SSO, SYSLOG, SMTP, and SOC. There are integrations readily available in our Singularity Marketplace, which can further enhance your implementation.
After planning and configuration, testing begins. Start with the pilot users or groups you’ve identified and have them continue their day-to-day workflows as normal. Monitor their activity in the console to determine any potential false positives that may need to be addressed. This is also a great time to start building out and testing your deployment packages. Remember, reboots are not required at installation.
As your pilots continue, start expanding to other users across different functions to provide more visibility into software and processes within those teams. Continue to tune as needed based on the feedback and information available in the console. All of this validation early on will improve your rollout experience and minimize any operational disturbance.
With all of the preparation, configuration, and integrations completed, proceed with deployments. As with any software, we recommend following a ramp-up deployment strategy, starting with a small set of devices or a team and then expanding in increasing sizes with each wave. This helps to identify and implement any changes that may be needed early on in the process. It is also helpful to leave any critical servers or user systems until the end of your deployment plan to minimize any potential impact.
As your deployment rolls out, continue to monitor events in the console and add any exclusions as needed. Ideally, most would have been identified during piloting, but in some cases, a few users or systems could be using software that isn’t common in your organization such as special financial tools.
We’ve almost reached the end of the line — take a moment to celebrate! As part of your project closeout efforts, ensure all transition items have been completed and the incumbent software has been removed. Plan out how you will handle agent upgrades. We recommend a quarterly upgrade cycle, which you can push directly from the console to your devices. Think through what maintenance looks like, and consider reviewing your configuration, settings, and agent health on a regular basis to ensure effectiveness.
At the end of the day, a security solution is only as strong as the configuration in place. Follow our best practice recommendations and stay up-to-date on emerging features and capabilities in our Customer Community.
With the proper planning and preparation, onboarding sets you up for success right away. Here are some testimonies from other customers who were recently in your shoes:
“The entire process went smoothly, with minimal disruption to our day-to-day operations. The SentinelOne team demonstrated exceptional organization and professionalism, ensuring that each phase, from planning to implementation, was carefully coordinated and executed.”
“Following deployment, the EDR solution…is performing exceptionally well. We are already seeing benefits in terms of threat detection, incident response, and overall security posture enhancement.”
Going up against today’s threat landscape, autonomous and data-driven that can evolve as they are challenged are the key to making human lives better. SentinelOne is proud to work with our customers to help protect the things that matter most by pushing the boundaries of cybersecurity. We’re committed to the success of our customers, from small IT shops to leading Fortune 10 enterprises, and giving them the tools needed to prevent, detect, and recover from threats in real time.
Ready to come onboard? Contact us today or request a demo to see how our AI-powered solutions think for themselves and protect your future today.
See what a world-leading, enterprise-wide cybersecurity AI platform can do for your organization.