Network & Security

SentinelOne

Endpoint Security Software 

Last Updated: 8/8/2019

In July, Division of Information Technology and Library Services (ITLS) began a phased deployment of SentinelOne, and endpoint security software, on all Creighton owned computers. Over the last few months, ITLS has investigated, tested, and selected a new anti-malware / ransomware. SentinelOne replaces Creighton’s current endpoint protection, Kaspersky. 

Overview

SentinelOne is an advanced endpoint protection software which uses the behavior of malware in addition to file signatures to detect and protect against executable and file-less based malware/ransomware, browser and document exploits, scripts, and credential/memory scrapers.

Features

  • Runs on Windows, MacOS and Linux   
  • Can work instead of or in addition to your current antivirus.
  • Offers offline protection.
  • Protects against unknown malware (signature-less) to include executables, file-less (memory only), documents, scripts, browser based, and credential harvesting attacks.
  • Client agent is fully autonomous, lightweight, and high-performance.

Learn more about SentinelOne at https://www.sentinelone.com/.

Cost

SentinelOne is provided for all Creighton owned computers at no charge.

How to get it

Currently, Sentinel One is being deployed in the background to all Creighton owned computers across campus. You may notice a small SentinelOne icon in the system tray on your PC or the menu bar for your Mac. After the background installation is completed across campus, SentinelOne will be activated on August 18th.  At that time the software will begin actively blocking and reporting malicious activity. Kaspersky will continue to run on all Creighton owned computers until late fall.  

FAQ’s

  • How do I know if I have SentinelOne on my computer?

One way to tell is the SentinelOne icon in the system tray for PCs and on the menu bar for Macs.

  • How do I get SentinelOne?

SentinelOne was automatically installed on all Creighton owned computers.

  • What should I do if I see a notice from SentinelOne of malicious malware activity?

There's really nothing you need to do. The Infosecurity team is automatically notified of any malicious malware activity on any Creighton owned computer and will take appropriate measures. You will be contacted if needed.

  • How much does it cost?

SentinelOne is funded by ITLS for all Creighton owned computers, so there is no additional cost for your department.

  • On which Operating Systems does it run?

SentinelOne offers is available for Windows, MacOS and Linux.

  • Do I need to uninstall my old antivirus program?

SentinelOne works as a complete replacement for traditional anti-malware solutions or in conjunction with them.

  • Will SentinelOne protect me against ransomware?

Yes, SentinelOne will recognize the behaviors of ransomware and prevent it from encrypting files.    

  • Will SentinelOne slow down my system?

The SentinelOne client uses a small amount of system resources and should not impact your daily activities.

  • Does SentinelOne protect me while I am disconnected from the internet (such as during traveling)?

Yes, the client will protect against malware threats when the device is disconnected from the internet. However, the administrative visibility and functionality in the console will be lost until the device is back online.

  • If SentinelOne is replacing Kaspersky, why do I still see the icon for Kaspersky?

Kaspersky will continue to run on all Creighton owned computers until this fall so ITLS has time to ensure that SentinelOne is optimized.

  • What do I do if I see a popup expiration message from Kaspersky?

Simply select IGNORE and continue working. Kaspersky will be fully uninstalled once SentinelOne has been optimized.

Policies

Use of SentinelOne, by faculty, staff and students is governed by Creighton University’s Fair, Reasonable and Acceptable Use Policy.

Help

For help contact the myIT Service Desk.