Remediating Unmonitored Computers with an MDM Connection

  • Updated

If your Computers are shown as unmonitored, but you have successfully integrated an MDM with Vanta, follow these instructions for remediation.

Connect your MDM system

  • If you haven't done so already, connect your MDM provider to Vanta on the integrations page. Computers should be reflected here within an hour of appearing in your MDM dashboard.
  • For MDMs that offer multiple services, such as Rippling, check the settings to confirm the MDM tool has been enabled. If the toggle is greyed out, this means Vanta will only recognize devices that have been previously connected to your Vanta Instance or have the Vanta Agent installed

Screenshot_2023-05-01_at_11.11.49_am.png

Vanta Agent

  • Use the Send Reminder menu to send employees an installation reminder email, or direct your team to visit the download page at https://app.vanta.com/downloads.

Screenshot 2024-06-14 at 2.50.38 PM.png

 

Use your MDM system to install the Vanta Agent via script

  • You can deploy the Vanta agent on your MDM-provisioned computers by using the script we provide on the unmonitored section of the computers page
  • After the Agent is installed, assign the computer an account within Vanta from the inventory page by having the employee click on the toolbar icon and select Register Vanta Agent
  • This requires the unique Vanta key for your company, which must be obtained from an administrator if you do not already have access to Vanta. We are unable to give it to you since the key is confidential information. The Vanta key must be obtained by your administrator from this site's computers page and given to you. Here's how your admin can retrieve the Vanta key:
    • Visit the Computers page -> Unmonitored tab
    • Select 'View setup instructions'
    • Select 'Option 3: MDM and Vanta Agent'
    • Follow the direction for Windows

macOS

VANTA_KEY="uniqueVantaKey" bash -c "$(curl -L https://raw.githubusercontent.com/VantaInc/vanta-agent-scripts/main/beta/install-macos.sh)"

Alternatively, to automatically register employee computers, capture the employee's email address and provide it when running our download and register script.

VANTA_OWNER_EMAIL="NAME@EXAMPLE.COM" VANTA_KEY="uniqueVantaKey" bash -c "$(curl -L https://raw.githubusercontent.com/VantaInc/vanta-agent-scripts/main/beta/install-macos.sh)"

Linux

VANTA_KEY="uniqueVantaKey" bash -c "$(curl -L https://raw.githubusercontent.com/VantaInc/vanta-agent-scripts/main/beta/install-linux.sh)"

Alternatively, to automatically register employee computers, capture the employee's email address and provide it when running our download and register script.

VANTA_OWNER_EMAIL="NAME@EXAMPLE.COM" VANTA_KEY="uniqueVantaKey" bash -c "$(curl -L https://raw.githubusercontent.com/VantaInc/vanta-agent-scripts/main/beta/install-linux.sh)"

For Windows:

# Open cmd.exe as an administrator

# Download the current version of the installer

curl -Lo vanta.msi https://app.vanta.com/osquery/download/windows

# Run silent installation. In the command below, replace "name@example.com" with the employee's email address and "uniqueVantaKey" with the Vanta key provided by your admin

msiexec /i vanta.msi /passive /qn 
VANTA_KEY="uniqueVantaKey"
VANTA_OWNER_EMAIL="name@example.com"

# If there are any issues, you can get more logs in `./vanta.log` by adding the following flags.

msiexec /l*v vanta.log /i vanta.msi /passive /qn

Please send this file to support@vanta.com if you're encountering continual installation issues.

# Remove the installer

del vanta.msi