Integrating and Deploying Datto EDR and Datto AV with VSA 10

NAVIGATION   Modules > Integrations > Datto EDR/AV

SECURITY  Administrator

Configuring the VSA 10 integration

Datto EDR/AV integration must first be enabled from the Datto EDR portal. Refer In Datto EDR in the Datto EDR documentation.

With the integration active, your VSA 10 organizations and sites will be automatically synchronized with Datto EDR . Any endpoints protected by the Endpoint Security agent will be synced as devices and assigned to their corresponding locations.

Following the initial sync, Datto EDR will continue to check in with VSA 10 every four hours and continue to replicate any new changes to organizations, locations, or devices it discovers. Additionally, the X icon will precede the names of all entities synced from VSA 10.

Access the Integration from VSA 10

  1. In the VSA 10 platform, go to the left navigation menu.
  2. Choose Datto EDR/AV tab

Datto EDR/AV Windows Agent Deployment

  1. Go to Configuration > Organizations.
  2. Select the Organization, Site, or Agent Group where you want to assign the Datto EDR/AV Deployment Policy.
  3. Click on the Policies tab and click on Edit.
  4. Under Ransomware Detection\EDR Policy assign the Datto EDR/AV Deployment policy and save changes.
  5. Datto EDR/AV Windows agents will be deployed and registered to all targeted devices.

NOTE  You can't assign a Ransomware Detection Policy and a Datto EDR/AV policy to the same device.

NOTE  Linux and MacOS agent deployment will be supported in future version of the integration. Date TBD.

NOTE  Only admin users will have the ability to deploy EDR through VSA 10.

NOTE  Removing the Datto EDR/AV policy will NOT remove the Datto EDR/AV agent from the endpoints.

Monitoring the Status of the Datto EDR/AV agent from the Device Card

Go to Devices > Device List and you can monitor the status of the EDR/AV agent from each device.

The following statuses will appear in the device card under the Endpoint Protection section as Datto EDR/AV, along with a link to view the device in the Datto EDR/AV Portal.

  • EDR Agent Status
  • AV Agent Status
  • RWD Agent Status
  • Isolation

Removing the Datto EDR/AV agent

Uninstalling the Datto EDR/AV agent is done from the Datto EDR/AV Portal.

Refer to Uninstallation in the Datto EDR documentation.

Legacy deployment instructions

If you plan on deploying Datto EDR and/or Datto AV without using the integration, you can follow the below instructions.

Using a workflow template, you can easily manage the deployment of Datto EDR and Datto AV agents on Windows machines. Complete the following steps:

  1. From the left navigation menu in VSA 10, navigate to Automation > Workflows.
  2. From the Actions drop-down menu in the upper-right corner of the Workflows page, click Create from Template.
  3. In the list of workflow templates, click Deploy Datto EDR/AV.
  4. In the Status section, turn on the Active toggle to activate the workflow.
  5. Configure the remaining settings, including specifying the devices, organizations, and scopes the agents will be deployed to. For workflow configuration instructions, refer to Creating and editing a workflow in Workflows.
  6. Click Next to proceed to the workflow canvas.
  7. Enter the URL of your Datto EDR instance as part of the first condition, and click Confirm.