Getting Started with Datto Endpoint Detection and Response (EDR)

SECURITY Datto EDR subscription with administrator-level platform access

SECURITY Service account or administrator-level rights on the target endpoint

Introduction

Datto EDR's cloud-based platform leverages forensic triage methods to independently inspect and analyze endpoint devices (workstations and servers). The platform consists of a cloud-based Console and Analysis engine hosted by Datto, and endpoint agents for non-domain devices and real-time security.

EDR inspects volatile memory and collects comprehensive endpoint forensic data across Microsoft, Linux, and Mac operating systems. It combines this information with threat intelligence sources and patented artificial intelligence-driven analysis to provide a Forensic State Analysis (FSA) of all endpoints.

This guide provides pre-deployment planning instructions for administrators deploying and configuring Datto EDR.

Preliminary planning actions

Understand the role of EDR in your organization.
Determine the solutions you'll need for a comprehensive threat defense.
Identify the endpoints you'd like to secure with EDR.
Assign ownership of the following processes to appropriate stakeholders:
- Change Management approval (internal policy & procedure)
- Firewall and networking controls
- Antivirus and security appliance configuration
- Software deployment approval (internal policy & procedure)

Determine the agent deployment and configuration methods.

Next steps

The first communication you will receive from Kaseya will include a link to your newly created EDR instance and a temporary password, unless you are protecting multiple SaaS instances with EDR. In this case, your Kaseya Account Executive will let you know when the new instance is created, and you'll use single sign-on (SSO) credentials. Once you receive the notification, you can navigate to your instance to change your password or begin the configuration process.

From here, you'll do the following:

Add additional EDR users.
- Refer to Adding new users to Datto EDR and Datto Antivirus (AV).

Deploy the Endpoint Security agent to all target systems.
- Refer to Deploying the Datto Endpoint Security agent.

NOTE If you're protecting multiple endpoints with agent installations, you'll need to repeat step 2 for each system, but you can automate the deployment process via CLI commands, Group Policy objects, or remote management tools.

Create groups for the devices you identified in your preliminary planning actions.
- Refer to Creating and managing organizations, locations, and devices.
Test your completed setup by running a manual scan of one or more devices.
- Refer to Performing a manual scan.

If your scans completed, you have successfully protected your endpoint with Datto EDR.

Need support?

Kaseya is always available to assist further. Your Kaseya Account Executive can enroll you in basic and intermediate-level platform training. For technical assistance, visit our Kaseya Support article to learn how to get in touch.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.