SentinelOne Ranger®
Network Visibility & Control

A cloud delivered, software-defined network discovery solution
designed to add global network visibility and control with minimal friction.

What’s on your network?

Ranger® extends Sentinel agent function by reporting what it sees on networks and enables blocking of unauthorized devices.

No new software required. Ranger is part of the SentinelOne agent code base.
No network changes required. No network SPAN or TAP ports.
Build a policy and toggle it on. Admins can specify a different policy for each network and subnet if needed.
Policies provide control over scan intervals and what should be scanned and what must never be scanned.
Choose between auto-enabled scanning or require explicit permission if more control is needed over the environment.

Ranger is network efficient by intelligently electing a few Sentinel agents per subnet to participate in network mapping missions.
Elected “Rangers” passively listen for network broadcast data including ARP, DHCP, and other network observances.
Admins may customize active scan policies and specify multiple IP protocols for learning including ICMP, SNMP, UDP, TCP, SMB, and more.
Rangers correlate all learned information within the backend to fingerprint known and unknown devices.
Ranger reveals vital information about IP-enabled devices and produces inventories in seconds across your region or the globe.

Ranger device inventories reveal what is connected where and the protocols these devices listen on.
Get easy access to known device information via data collected by Rangers.
Find and close Sentinel agent deployment gaps with Ranger Deploy, a peer-to-peer deployment feature.
Via Deep Visibility ActiveEDR®, monitor how unknown devices communicate with managed hosts.
Isolate suspicious devices from managed devices with a click.

Do you have any questions about one of our solutions or about a product? Our specialists are happy to help.