Exciting news! We are redesigning the Arctic Wolf Help Documentation site to provide a better user experience. Our new site will launch on May 1, 2024.

Arctic Wolf Agent Containment Driver Installation - Unified Portal

Updated Mar 27, 2024

Install the Arctic Wolf Agent Containment Driver on Windows using the Arctic Wolf Unified Portal

Arctic Wolf® Agent containment requires that you install the Agent Containment Driver. Arctic Wolf recommends that you use the Arctic Wolf Unified Portal to install your Agent Containment Driver.

Note: You can also install the Containment Driver using the MSI file, but the Containment Driver status will not appear in the Unified Portal. For more information, see Install the Arctic Wolf Agent Containment Driver on Windows using the MSI file.

When a host is successfully contained, this notification appears: "This machine has been quarantined."

When host containment is removed, this notification appears: “This machine’s quarantine has been lifted.”

Requirements

Before you begin

Steps

  1. Install the Arctic Wolf Agent Containment Driver.
  2. (Optional) Verify that the Arctic Wolf Agent Containment service is installed.

Step 1: Install the Arctic Wolf Agent Containment Driver

  1. Sign in to the Arctic Wolf Unified Portal.

  2. Click Telemetry Management > Agents.

  3. Select the checkbox beside each Arctic Wolf Agent you want to install.

  4. Click Enable Containment Driver.

    A notification indicates that the driver is enabled. The Containment Driver status changes to Installation Pending.

Note: You do not need to restart your services after installing the Agent Containment Driver.

Step 2: Verify that the Arctic Wolf Agent Containment service is installed

This step is optional.

  1. In Windows Services, verify that the Agent Containment service is installed and running.
  2. If you installed the Containment Driver using the Arctic Wolf Dashboard, verify that the Containment Driver status displays the driver version number. For example v1.2.5.
  3. Contact your Concierge Security® Team (CST) at security@arcticwolf.com to verify that containment is working correctly.

See also