Integrating SentinelOne with Barracuda RMM lets you view and manage threats detected by SentinelOne without leaving Barracuda RMM. Only alarms raised by SentinelOne on managed devices will appear in Barracuda RMM.
To integrate SentinelOne, you need the following:
- A SentinelOne account with the CudaMSP role
- Valid SentinelOne credentials: Email, User API Token, and Account ID.
- SentinelOne license: You must have a SentinelOne license available.
The permissions to integrate SentinelOne. See SentinelOne Site Management in Setting Permissions for a Role.
macOS and SentinelOne
macOS devices can be protected by SentinelOne. No extra steps are required.
Deploying SentinelOne protection
The process of deploying SentinelOne protection with Barracuda RMM is the following:
- In SentinelOne, generate an API token. See SentinelOne's documentation for details.
- Link SentinelOne with Barracuda RMM. To perform this procedure, you need valid SentinelOne credentials (including an API token), a valid and available SentinelOne license, and the permissions to integrate SentinelOne. See Linking SentinelOne with Barracuda RMM.
- Link SentinelOne sites to Barracuda RMM sites. In this procedure, you associate SentinelOne sites with Barracuda RMM sites. See Linking SentinelOne Sites to Barracuda RMM Sites.
- Install the SentinelOne Agent on Barracuda RMM Devices. In this step, you choose a Default or Manual group to move the device to in SentinelOne. See Installing SentinelOne Agents on Devices.
- A SentinelOne monitoring policy must be in place on the site you want to protect. You may want to review Using the Default SentinelOne Monitoring Policies. After this final step, your devices are protected by SentinelOne.
Once you have completed these steps, you can view and manage SentinelOne alerts within Barracuda RMM. See Viewing and Managing SentinelOne Protection.