How to install SentinelOne agent on Windows devices?

SentinelOne is a cloud-native endpoint security platform designed to autonomously prevent, detect, and respond to cyber threats such as ransomware, fileless malware, and zero-day attacks across enterprise environments. By leveraging advanced AI and machine learning, SentinelOne continuously monitors endpoints for malicious behavior, unauthorized access, and suspicious processes.

The SentinelOne Agent, once installed on a Windows device, continuously monitors system activity and enforces real-time threat prevention and response. By providing comprehensive visibility and automated protection, SentinelOne empowers organizations to operate securely in today’s complex threat landscape.

In this document, we will explore how to deploy the SentinelOne agent on Windows devices managed by Hexnode UEM.

How to deploy SentinelOne?

Step 1: Download the latest SentinelOne agent installer package for Windows.

1. Login to your SentinelOne portal.
2. Click on Sentinels from the main navigation panel on the left.



3. On the Sentinels page, navigate to the Packages subtab and set the platform filter type to Windows.



4. Locate the package with the highest build number (latest version) and choose the MSI file type.
5. Copy the Site Token to your clipboard.
6. Generate a download URL for the downloaded MSI file by uploading it to a cloud storage platform/file sharing service.

Step 2: Deploy the SentinelOne using Hexnode UEM

There are two methods to deploy the SentinelOne on your Windows devices:

Method 1: Execute a script to deploy the application to the devices.

1. Login to the Hexnode UEM portal.
2. Go to the Manage tab and select the required devices.
3. Click on the Actions drop-down and select the Execute Custom Script option.
4. Click Choose File to upload the PowerShell script given below.
Install SentinelOne on Windows devices

$Token = "Your-site-token" $DownloadUrl = “Your-Download-URL” $InstallerPath = "C:\TEMP" $InstallerFile = Join-Path -Path $InstallerPath -ChildPath (Split-Path -Path $DownloadUrl -Leaf) #Create the temporary directory if it doesn't exist Write-Host "Creating temp directory at $InstallerPath..." try { if (-Not (Test-Path $InstallerPath)) { New-Item -Path $InstallerPath -ItemType Directory -Force -ErrorAction Stop } Write-Host "Temp directory created." } catch { Write-Host "Error creating temp directory: $($_.Exception.Message)" exit 1 } #Download the SentinelOne installer Write-Host "Downloading SentinelOne installer..." Try { Invoke-WebRequest -Uri $DownloadUrl -OutFile $InstallerFile -ErrorAction Stop Write-Host "Download completed: $InstallerFile" } catch { Write-Host "Failed to download installer: $($_.Exception.Message)" exit 1 } #Execute silent installation Write-Host "Starting installation..." try { Start-Process msiexec.exe -ArgumentList "/i "$InstallerFile" /q /norestart SITE_TOKEN=$Token" -Wait -NoNewWindow Write-Host "SentinelOne installed successfully." } catch { Write-Host "Installation failed: $($_.Exception.Message)" exit 1 }

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42

$Token = "Your-site-token"   $DownloadUrl = “Your-Download-URL” $InstallerPath = "C:\TEMP" $InstallerFile = Join-Path -Path $InstallerPath -ChildPath (Split-Path -Path $DownloadUrl -Leaf) #Create the temporary directory if it doesn't exist Write-Host "Creating temp directory at $InstallerPath..."   try   {   if (-Not (Test-Path $InstallerPath))   {   New-Item -Path $InstallerPath -ItemType Directory -Force -ErrorAction Stop   }   Write-Host "Temp directory created."   }   catch   {   Write-Host "Error creating temp directory: $($_.Exception.Message)"   exit 1   } #Download the SentinelOne installer Write-Host "Downloading SentinelOne installer..."   Try {   Invoke-WebRequest -Uri $DownloadUrl -OutFile $InstallerFile -ErrorAction Stop Write-Host "Download completed: $InstallerFile"   }   catch   {   Write-Host "Failed to download installer: $($_.Exception.Message)"   exit 1   } #Execute silent installation Write-Host "Starting installation..."   try   { Start-Process msiexec.exe -ArgumentList "/i "$InstallerFile" /q /norestart SITE_TOKEN=$Token" -Wait -NoNewWindow   Write-Host "SentinelOne installed successfully."   }   catch   {   Write-Host "Installation failed: $($_.Exception.Message)"   exit 1   }

Assign the generated download URL to the variable $Download_Url and the site token copied from the SentinelOne console to the variable $Token. This URL should be accessible by the target devices.

5. Click Execute.
6. Navigate to the Action History tab of the devices to check if the application has been installed successfully.

Method 2: Deploy the SentinelOne MSI file using the Install Application action.

1. Login to the Hexnode UEM portal.
2. Add the downloaded application to the Hexnode app inventory.
3. Next, navigate to Manage > Devices and select the required devices.
4. Click on Actions > Install Application.
5. Select the uploaded SentinelOne application from the list and click Next.
6. Click Configure to specify the app installation settings:
   • Check the Enable logging checkbox and provide the Log path to save the generated logs in an existing folder on your device.
   • Check the option Add command line parameters and specify the following parameters in the given field:
     Installation parameter

     /quiet /passive /norestart SITE_TOKEN= 'Enter site token'

     1	/quiet /passive /norestart SITE_TOKEN= 'Enter site token'

     For example, if site token = qwertyuiop, then the parameters will be,

     /quiet /passive /norestart SITE_TOKEN=qwertyuiop

7. Set the Success Criteria to Path exists.
Note:


When selecting App Exists as the success criterion, ensure that the correct App Identifier is provided. App identifiers may differ between versions of the same application. If an incorrect or outdated identifier is provided, the application installation may fail.


8. Click on Install.
9. After deployment, go to the SentinelOne portal and navigate to Sentinels > Endpoints to verify that the application has been successfully installed on the selected devices.

What happens at the device end?

The SentinelOne agent app gets installed on the device. The agent runs silently in the background and begins monitoring the device for threats in real-time.

Once installed, the device appears in the SentinelOne portal under Sentinels > Endpoints. From this portal, the device’s security status and activities can be continuously monitored and managed.