Category filter

Hexnode XDR: Settings Tab Reference Guide

Hexnode XDR settings enable administrators to centralize threat detection, manage user access, integrate endpoint management, and customize branding to secure and streamline organizational security operations across all endpoints.

Overview of Hexnode XDR

Extended Detection and Response (XDR) is a security architecture that integrates data from multiple security layers and endpoints. This provides security teams with a unified, high-visibility view of potential threats and system vulnerabilities.

Configuring these settings is essential for:

  • Operational Efficiency: Automating alerts and notifications.
  • Security Posture: Managing integrations and granular access controls.
  • Brand Alignment: Maintaining corporate identity within the management console.

Core Configuration Modules

Hexnode XDR consolidates essential management tools into six primary categories:

1. Notification

Notification settings allow administrators to receive automated alerts via email or webhooks regarding critical portal events, such as technician or role changes, agent deployments, and incident updates.

Supported Notification Channels:

  • Default Email Server: Notifications sent via Hexnode’s internal mail server.
  • Custom SMTP: Administrators can configure private email servers for notification delivery.
  • Webhooks: Supports real-time data delivery to third-party applications like Slack or Microsoft Teams.

2. Alert Profiles

Alert Profiles are customizable monitoring templates that define specific trigger conditions and delivery schedules for critical events occurring across managed endpoints.

Feature Description
Monitored Events Incidents, Process activity, Network changes, and System events.
Targeting Apply to individual Endpoints or Endpoint Groups.
Delivery Methods Email or Webhooks.
Schedules Immediate, Daily, Weekly, or Monthly intervals.

3. Integrations

The Integrations setting enables you to connect your existing Hexnode UEM solution with Hexnode XDR. This allows Hexnode XDR to gather endpoint data from your Hexnode UEM environment. By integrating your UEM with Hexnode XDR, you can bring managed endpoints under an umbrella of unified security framework, allowing for better threat monitoring.

Integration Workflow:

  1. Navigate to Integrations.
  2. Select the specific devices from the Hexnode UEM console to sync.
  3. Confirm the integration to trigger a silent deployment of the XDR agent.
  4. Data syncs at regular intervals to ensure continuous threat visibility.

4. Access Control

Access Control manages portal security by defining Technicians and assigning specific Roles to regulate the level of authority granted within the XDR console.

  • Roles: Permissions-based sets that determine if a user can create, modify, or delete endpoint groups, policies, or view incidents.
  • Admin Role: Provides comprehensive access to all features, configurations, and operations within the portal.

5. Brand Customization

Brand Customization provides tools to modify the visual identity of the Hexnode XDR portal, ensuring the interface aligns with organizational branding requirements.

Customizable Elements:

  • Dashboard Logo: Upload a primary logo for the main interface.
  • Login Page: Personalize the entry point for technicians.
  • Favicon: Update the browser tab icon to match corporate assets.

6. Subscription

Subscription settings provide a centralized view of licensing details, allowing administrators to monitor plan statuses, device counts, and renewal timelines.

Visible Metrics:

  • Active Plan: Current tier of service.
  • License Validity: Activation and expiry dates.
  • Device Count: Total number of endpoints covered under the current subscription.

Troubleshooting

Problem Resolution
Notifications are not being received via email. Verify the Custom SMTP settings or check if the Default Email Server is blocked by your organization’s spam filter.
XDR Agent failed to install on UEM devices. Ensure the devices are online and correctly synced under the Integrations tab. Verify that the silent deployment permission is active.
Technician cannot view specific Incidents. Navigate to Access Control > Roles and ensure the technician’s role has the “View Incidents” permission enabled.
Webhook alerts are not appearing in Slack/Teams. Validate the Webhook URL in the Alert Profiles or Notification settings and ensure the third-party app service is active.

Frequently Asked Questions

What is the benefit of integrating Hexnode UEM with XDR?

Integration allows for the automated, silent deployment of XDR agents and ensures all managed endpoints are monitored under a single security framework.

Can I set different alert frequencies for different groups?

Yes. Alert Profiles can be applied to specific Endpoint Groups with unique schedules (e.g., immediate alerts for servers, weekly summaries for workstations).

Are there different types of administrative roles?

Yes. You can create custom roles with granular permissions or use the Admin role for full system access.

Settings