Agent Containment - Manual Installation
Install the Agent Containment Driver using the msi
file
Direct link to this section
You can manually install the Agent Containment Driver using the msi
file. Using this installation method, the Agent Containment Driver is not managed in the Arctic Wolf® Unified Portal or automatically updated unless you subsequently enable update drivers in the Arctic Wolf Unified Portal. To install the Agent Containment Driver using the Arctic Wolf Unified Portal, see Install the Arctic Wolf Agent Containment Driver for more information.
Note: If you have installed the Agent Containment Driver using the Arctic Wolf Unified Portal, do not install the driver using the msi
file.
- Install the Arctic Wolf Agent Containment Driver.
- (Optional) Verify the installation.
- (Optional) Verify containment availability.
Step 1: Install the Arctic Wolf Containment Driver using the msi
file
Direct link to this section
-
Contact your Concierge Security® Team (CST) to download the Arctic Wolf Agent Containment installation file.
See Contact your Concierge Security Team in the Managed Detection and Response Dashboard.
-
Double-click the file to start the installation or use a Group Policy Object (GPO) to install the driver.
See Create a Group Policy Object in the Agent Installation guide for an example of how to use a Group Policy Object.
Step 2: (Optional) Verify the installation Direct link to this section
- Verify in Windows Services that the Arctic Wolf Agent Containment service is installed and running.
Note: If you installed Containment Driver using the msi
file, the Dashboard is not aware of the Containment Driver installation.
Step 3: (Optional) Verify containment availability Direct link to this section
-
Contact your CST to verify that containment is working correctly.
See Contact your Concierge Security Team in the Managed Detection and Response Dashboard.
Uninstall the Containment Driver that used the msi
file for install
Direct link to this section
Uninstall the Containment Driver using common methods such as Add/Remove Programs or GPO.
See Uninstall Agent in the Agent Installation guide for an example of how to use a Group Policy Object.
Collect the msi
installation log file
Direct link to this section
You may need to collect additional log information when troubleshooting.
-
In an administrative command prompt, run the following command where
<file_name.msi>
is the downloaded file:msiexec <file_name.msi> /L*v install.log
-
Rename
install.log
to<customername>-install.log
. -
Send the file to your CST.
See Contact your Concierge Security Team in the Managed Detection and Response Dashboard.