Arctic Wolf Agent Containment Driver Installation - MSI File

Updated Nov 20, 2023

Install the Arctic Wolf Agent Containment Driver on Windows using the MSI file

You can manually install the Agent Containment Driver using the MSI file. But, using this installation method, the Agent Containment Driver is not managed in the Arctic Wolf® Unified Portal or automatically updated unless you enable update drivers in the Arctic Wolf Unified Portal.

When a host is successfully contained, this PowerShell message appears: "This machine has been quarantined."

To install the Agent Containment Driver using the Arctic Wolf Unified Portal, see Install the Arctic Wolf Agent Containment Driver for more information.

Note: If you installed the Agent Containment Driver using the Arctic Wolf Unified Portal, do not install the driver using the MSI file.

Steps

  1. Install the Arctic Wolf Agent Containment Driver.
  2. (Optional) Verify that the Arctic Wolf Agent Containment service is installed.

Step 1: Install the Arctic Wolf Containment Driver using the MSI file

  1. In the Unified Portal, contact your Concierge Security® Team (CST) to download the Arctic Wolf Agent Containment installation file.

  2. Double-click the file to start the installation or use a Group Policy Object (GPO) to install the driver.

    See Create a Group Policy Object for more information.

Step 2: Verify that the Arctic Wolf Agent Containment service is installed

This is an optional step.

  1. In Windows Services, verify that the Arctic Wolf Agent Containment service is installed and running.

    Note: If you installed Containment Driver using the MSI file, the Containment Driver does not show as Deployed.

  2. Contact your Concierge Security® Team (CST) at security@arcticwolf.com to verify that containment is working correctly.

Uninstall the Arctic Wolf Agent Containment Driver from Windows that was installed with an MSI file