Endpoint Security
To learn about licensing requirements, refer to Licenses.
To learn how to integrate Datto EDR/Datto AV with Datto RMM, refer to Datto EDR Integration.
Endpoint Security in Datto RMM makes it easier to keep your endpoints secure and respond to active threats. This feature offers the following functionality:
- Endpoint Security policy: Centralized, policy-based configuration and deployment of various endpoint security technologies. Refer to Endpoint Security policy.
- Datto EDR and Datto AV: Deploy the Datto Endpoint Detection and Response (EDR) and Antivirus (AV) agent through an Endpoint Security policy to start analyzing activity on the targeted endpoints. Refer to Datto EDR and Datto AV.
- Ransomware Detection: Deploy the Datto RMM Ransomware Detection engine through an Endpoint Security policy to start analyzing file activity on the targeted endpoints. Refer to Ransomware Detection.
NOTE If you choose to run Ransomware Detection in Datto RMM, it must be disabled in Datto EDR, and vice versa. Refer to Ransomware policy in the Datto EDR Help system.
- Windows Defender Antivirus configuration management: Enforce a more secure configuration for Windows endpoints through an Endpoint Security policy. This feature allows you to configure attack surface reduction rules and scan schedules among other things. Refer to Managed Windows Defender Antivirus.
NOTE If you choose to run Windows Defender Antivirus in Datto RMM, it must be disabled in Datto EDR, and vice versa. Refer to this article in the Datto EDR Help system.
- Datto EDR and Datto AV: Deploy the Datto Endpoint Detection and Response (EDR) and Antivirus (AV) agent through an Endpoint Security policy to start analyzing activity on the targeted endpoints. Refer to Datto EDR and Datto AV.
- Endpoint Security card: View a comprehensive status of all security solutions for a device with the ability to drill into the details of a managed antivirus product. Refer to Endpoint Security in Device Summary.
- When viewing a list of devices, the following fields are available: AV Product, AV Status, EDR Install Date, EDR Status, Managed Antivirus, and RWD Status. Refer to Column Chooser - Devices.
- Endpoint Security alerts: View detailed diagnostic information and recommendations for specific security threats. Refer to Endpoint Security alerts: diagnostic information.
- Device isolation actions: These actions allow you to respond to security threats. When Ransomware Detection or Datto EDR is active, a device can be isolated (and reverted from isolation) directly from the Endpoint Security card. Refer to Endpoint Security in Device Summary.
- Datto EDR & Security Dashboard: Widgets displaying the Ransomware Detection status, Datto EDR status, and Managed Windows Defender status of your devices are available from the Widget Library. Refer to Ransomware Status, Datto EDR, and Managed Windows Defender Status. An Alerts Over Time widget, an Alerts by Category (Open) widget, and a Security Threats widget are also available from the Widget Library. All of these widgets are included in the pre-made Datto EDR & Security Dashboard, available from the Dashboard Library. Refer to Dashboards toolbar.
