Help Center
14 DAY FREE TRIAL
Search Close Search
Search result for "aa"
View all results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Extended Detection & Response
  3. XDR Agent Deployment

Category filter

How to deploy Hexnode XDR agent via Intune

Microsoft Intune is a Unified Endpoint Management (UEM) solution that allows organizations to provision corporate applications, enforce device compliance policies, and secure access to company resources such as email, files, and internal networks. While Intune ensures that endpoints are securely enrolled, configured, and compliant, it does not natively provide advanced threat detection or response against modern cyberattacks.  

To address this gap within such a managed environment, organizations can strengthen their security posture by deploying Hexnode XDR, which delivers extended detection and response capabilities across endpoints. Hexnode XDR continuously monitors devices, identifies suspicious activity, and automates responses to potential threats, complementing Intune’s management and compliance features. 

This can be achieved through the deployment of the Hexnode XDR Agent via Intune. The agent enables Hexnode XDR to operate on each endpoint, ensuring that advanced threat detection and response are seamlessly extended across all managed devices. In this document, we outline how to obtain the Hexnode XDR Agent package and the different methods available to install it using Intune. 

How to obtain the Hexnode XDR Agent Package?

  1. Log into the Hexnode XDR portal.
  2. Navigate to the Endpoints tab and click on Installation.
  3. Review the available Hexnode XDR Agent packages listed. The list contains the newer and updated versions of the XDR Agent.
  4. Select the version compatible with your device and click the Download button to obtain the installer as a .msi package.
  5. Copy the portal token (the passkey required during installation at the endpoint).
  6. Distribute both the portal token and the downloaded .msi package to target endpoint devices using:
    • Intune or another UEM solution
    • USB drive
    • File-sharing platforms
    • Email
    • Remote file transfer tools

How to Install the Hexnode XDR Agent in Intune

There are multiple approaches to deploy the Hexnode XDR Agent package via Intune. Below are the recommended methods:

Method 1: Line-of-Business (LOB) App Deployment

Prerequisites

  • MSI File: Valid .msi installer (test manually first).
  • Intune Access: Admin rights in Intune portal.
  • Azure AD Devices: Devices must be Azure AD Joined or Hybrid AD Joined, and enrolled in Intune.
  • Supported Editions: Windows 10/11 Pro, Enterprise, or Education (not Home).
  • Silent Install Switches: Confirm vendor-supported silent switches (e.g., /qn) and test before rollout.

Steps to Deploy MSI Apps

  1. Download MSI Installer
    • Get the .msi file (e.g., 7-Zip from its official site).
    • Save locally or on a network share.
  2. Prepare MSI Package
    • Verify silent install parameters (e.g., /qn).
    • Download app icon/logo for Company Portal visibility.
  3. Upload MSI to Intune
    • Sign in to Intune Admin Center → Apps > All Apps > + Add.
    • Select Line-of-business app → Upload .msi file.
    • Review package details (name, platform, size).
  4. Configure App Information
    • Name, Description, Publisher: Enter details for Company Portal.
    • Install Context: Choose user/system context.
    • Ignore App Version: Yes for auto-updating apps (e.g., Chrome).
    • Command-line Arguments: Add silent install switches (e.g., /S).
    • Category, Featured App, URLs, Developer, Owner, Notes: Optional metadata.
    • Logo: Upload app icon.
  5. Assign & Create
    • Assignments:
      • Required: Auto-install on selected devices.
      • Available: Users install via Company Portal.
      • Uninstall: Removes app from selected devices.
    • Review settings → Create.

Win32 App Deployment (Advanced Customization)

This method is recommended for more complex installations that require a wrapper script, dependencies, or custom detection logic.

Step 1: Prepare the .intunewin package

You must first convert the MSI into the .intunewin format using the Microsoft Win32 Content Prep Tool.

  1. Download the tool from the official GitHub repository.
  2. Create a source folder containing your .msi file and any other installation files. Do not place the prep tool (IntuneWinAppUtil.exe) in this folder.
  3. Run IntuneWinAppUtil.exe. When prompted, provide the following information:
    • Source folder: The path to your source folder.
    • Setup file: The full filename of your .msi file.
    • Output folder: The location where the .intunewin file will be saved.
  4. The tool will create the .intunewin package in your specified output folder.

Step 2: Deploy the Win32 app in Intune

  1. Sign in to the Microsoft Intune Admin Center and go to Apps > All apps.
  2. Click + Add.
  3. From the Select app type pane, choose Windows app (Win32) and click Select.
  4. Click Select app package file, and upload the .intunewin file you created.
  5. On the App information tab, fill in the app details.
  6. On the Program tab, review the pre-populated install and uninstall commands. You can add extra command-line arguments here if needed.
  7. On the Requirements tab, specify the minimum OS and architecture (32-bit or 64-bit).
  8. On the Detection rules tab, configure how Intune will confirm the app is installed. For a standard MSI, you can select Manually configure detection rules and choose MSI as the rule type. The MSI product code should populate automatically.
  9. On the Assignments tab, select the groups to which you want to deploy the app (Required, Available, or Uninstall).
  10. Click Review + create and then Create.
Need more help?
Image of Raise a Ticket Raise a Ticket
Image of Ask Community Ask Community
Image of Chat With us Chat With us
Extended Detection & Response