EDR Is Now Integrated with RMM


As I wrote earlier this year, the move to getting everyone working from home amplified risk. With end users working remotely, in what we refer to as “hostile” network environments, bad actors stepped up their game, knowing there would be more opportunity to gain access to credentials, data, and systems no longer living behind the company firewall. Combining newer threats with the relaxed security posture of a home environment means a higher risk of compromise to data and credentials.

At the beginning of this shift, we talked at length about the fact users would need additional training, and partners should consider shifting their focus to protecting the endpoint and the data residing on it, as opposed to investing more in supporting network or on-premises solutions. As expected, many businesses have made the decision to continue to allow work from home (or anywhere). This means those solutions and processes adopted may need to become permanent (or at least stick around for a long time). 

Evolving the protections MSPs offer their customers

This is where our RMM platform really helps services providers add value for their customers in this new landscape. Being able to deploy an agent that remotely monitors, manages, and protects is key to ensuring a smooth and secure experience for end users, especially when they are distributed in many locations. Additionally, the power to deliver and manage security through the same platform adds efficiency and visibility.

Integrating EDR into the RMM platform could not have happened at a better time. The advanced threat detection and prevention capabilities that make up EDR mean that, even if a user clicks on something they shouldn’t, or a threat moves laterally in a home environment from a non-work device, advanced threats can still be stopped before they can take hold of a system being used for work purposes. So even if your partner catches a virus on their personal laptop and it attempts to spread, the work machine with EDR on it can catch it before it causes damage to that endpoint. 

Additionally, many threats alter techniques over time to evade detection from traditional antivirus and monitoring, but the actions they perform can be detected and stopped by the artificial intelligence (AI) and machine learning functionality available in SolarWinds EDR. Even more important, if an infection does try to take hold, the rollback features will allow you to restore the system to a known safe state from the dashboard without having to lose time (or risk a technician’s health) traveling to an end user’s home to resolve the issue or reformat a system.

Being able to deploy, control, and manage EDR from the RMM environment has been one of the most requested additions in our Advisory Group discussions with our product managers and partners, and it is now available in the integrations section of the RMM console. 

You can create policies and select customers, sites, and groups to deploy to. And monitoring rules will automatically be created after deployment for those systems. Ultimately, this integration helps you discover what needs attention at a given moment—right from the dashboard—and you can act to further investigate, identify, and resolve threats without having to leave the RMM platform. 

For those looking at advanced security solutions to address the new remote work environment, I recommend considering integrated EDR for the advanced protection and efficiency it can offer you. Remember—as threats evolve, so should your services!

 

Ready to learn more about the SolarWinds EDR integration in SolarWinds RMM? Read more today. 

 

Gill Langston is head security nerd for SolarWinds MSP. You can follow Gill on Twitter at @cybersec_nerd