.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
QuickStart
What is NetWitness Endpoint?
NetWitness Endpoint is an endpoint detection and response tool that continuously monitors the behavior of all endpoints in the network to provide deep visibility and analysis of executables and processes. It helps to detect new, unknown, and targeted attacks, highlights suspicious activity for investigation, exposes anomalous behaviors, and determines the scope of compromise to help analysts respond to advanced threats faster.
About this Guide
This guide provides end-to-end instructions to configure NetWitness Endpoint and to use Endpoint features.
NetWitness Platform XDR Documentation in NetWitness Community Portal
The NetWitness Platform XDR product documentation is organized along functional lines. If you are looking for a specific guide or version, go to the a.
Use these links to view the NetWitness Platform 11.x documentation. Both links provide the same documentation, in these two formats:
- HTML Guides include the latest information for currently supported 11.x versions: NetWitness Platform 11.x Documentation.
- PDF Guides provide the information for a specific version: NetWitness Platform 11.7 PDFs.
Use these links to access documentation that is not related to a particular version of the software:
- Hardware setup guides: https://community.netwitness.com/t5/netwitness-platform-hardware/tkb-p/netwitness-hardware-documentation
- Documentation for RSA Content such as feeds, parsers, application rules, and reports: https://community.netwitness.com/t5/netwitness-platform-threat/tkb-p/netwitness-threat-intelligence.
Getting Started
The following tasks can be performed in any sequence.
Setup and Installation
Fresh Installation
The following tasks must be performed in the sequence listed.
Upgrade
The following tasks must be performed in the sequence listed.
Configuration
The following tasks can be performed in any sequence.
Investigation
The following tasks can be performed in any sequence.
Respond and Reporting
The following tasks can be performed in any sequence.
Maintenance
The following tasks can be performed in any sequence.
Integration (for Legacy NetWitness Endpoint)
The following tasks can be performed in any sequence.