SentinelOne Ranger®
Network Visibility & Control

A cloud delivered, software-defined network discovery solution
designed to add global network visibility and control with minimal friction.

What’s on your network?

Ranger® extends Sentinel agent function by reporting what it sees on networks and enables blocking of unauthorized devices.

No new software required. Ranger is part of the SentinelOne agent code base.
No network changes required. No network SPAN or TAP ports.
Build a policy and toggle it on. Admins can specify a different policy for each network and subnet if necessary.
Policies provide control over scan intervals, as well as what should be scanned and what should never be scanned.
Choose between auto-enabled scanning or require explicit permission if more control over the environment is needed.

Ranger is network efficient by intelligently choosing a few Sentinel agents per subnet to participate in network mapping missions.
Selected “Rangers” passively listen for network broadcast data, including ARP, DHCP, and other network observations.
Admins may customise active scan policies and specify multiple IP protocols for learning, including ICMP, SNMP, UDP, TCP, SMB, and more.
Rangers correlate all learned information within the back-end to fingerprint known and unknown devices.
Ranger reveals vital information about IP-enabled devices and produces inventories in your region or the globe in seconds.

Ranger device inventories reveal what is connected where and the protocols these devices listen on.
Get easy access to known device information via data collected by Rangers.
Find and close Sentinel agent deployment gaps with Ranger Deploy, a peer-to-peer deployment feature.
Via Deep Visibility ActiveEDR® you monitor how unknown devices communicate with managed hosts.
Isolate suspicious devices from managed devices with a click.

Do you have any questions about one of our solutions or about a product? Our specialists are happy to help.