Skip to main content

Home
Help Center
Field Effect Portal
System Status
Compliance

Login
English
English French

Home
Help Center
Troubleshooting
Field Effect

Recent Searches

No recent searches

Popular Articles

Articles

Topics

Tickets

Sorry! nothing found for

Field Effect

Commonly asked questions about Field Effect

Navigate to other Help Center articles

Click a section below to navigate there, or expand it to reveal more.

How Field Effect MDR Works

Field Effect MDR Service Tiers

Tour the Field Effect MDR Portal

Appliance Dashboard: Overview & Homepage

Tour the Mobile App

Understanding a Deployment

Create your MDR Portal Account

Deployment Checklist: MDR Complete

Deployment Checklist: MDR Core

Deployment Overview for New Partners

For Partners: Setting up the Field Effect MDR Portal

Partner Playbook: Deploying Field Effect MDR

Video Showcase: Deploying Field Effect as a Partner (Port Mirrored Configuration)

Video Showcase: Setting up the Field Effect MDR Portal

Deployment Overview for New Clients

Client Playbook: Deploying MDR Complete

Client Playbook: Deploying MDR Core

Client Playbook: Deploying MDR Cloud

For Clients: Setting up the Field Effect MDR Portal

Field Effect Endpoint Agent: Operating System Requirements

Endpoint Agents: Overview

Appliance-Hosted Endpoint Agent Installers: Overview

The Downloads Page

Installing the Endpoint Agent - Windows

Deploying the Windows Agent via Intune

Installing the Endpoint Agent - macOS

Deploying the macOS Agent via JAMF

Deploying the macOS Agent via Intune

Installing the Endpoint Agent - Linux

Uninstalling the Endpoint Agent - Windows 11

Uninstalling the Endpoint Agent - Windows 11 (using cmd)

Uninstalling the Endpoint Agent - macOS

Windows Install PowerShell Script for RMM/MDM

Best Practices: Automated Agent Deployments

Uninstalling the Endpoint Agent - Linux

Uninstalling the Endpoint Agent in Bulk

For Partners: Generating a Cloud Registration Link

The Organization Profile: Overview

The Service Profile Page: Overview

The Monitoring Profile: Overview

Monitoring Profile: Editing & Updating

Escalation Contacts: Overview

Active Response: Overview

Response Policies: Overview

Response Actions: Overview

Configuring Active Response

Active Response: Example Scenarios And Common Response Events

Webinar Recording: Leveraging Active Response

The User Management page

Editing User Permissions

Searching and Filtering for users

The Data Management Page

Log Retention: Overview

Syslogs & Field Effect MDR

The Integrations Page: Overview

Cloud Monitoring: Overview & Setup

Google Workspace

Beauceron Security

Palo Alto Cortex

Authorizing Microsoft 365 Cloud Monitoring

DNS Firewall: Overview & Setup

Adjusting DNS Firewall Categories

Using the Custom Allowlist or Blocklist

Partners: Setting Up a Default DNS Policy

Mapping Safe Networks

Endpoint Agent Preferences

System Notifications

Antivirus Management: Overview

Enabling Antivirus Management

Introduction to SEAS

Using SEAS: The End User Workflow

Viewing SEAS Reports in the MDR Portal

Installing the SEAS Gmail Add-On

Using the SEAS Gmail Add-On

Using Google Routing Rules with SEAS

Installing the SEAS Outlook Add-in

Using the SEAS Outlook Add-In

Uploading Files to the MDR Portal

The Sidebar for Clients

The Sidebar for Partners

The Profile Page

Adding a Mobile Number to Your Profile

Changing Your Language in the MDR Portal

Viewing & Managing Notifications

Multi-Factor Authentication (MFA): Overview

Add an Avatar to Your MDR Portal Account

Changing Your Password

Account Locking in the MDR Portal

Single Sign-On: Overview

Client Dashboards

The Status Page

Getting to Know AROs

The Anatomy of an ARO

Working with AROs

ARO Comments & the Activity Feed

Watching & Assigning AROs

Downloading AROs (PDF)

Supplemental Insights & Raw Data

Compliance Mapping for AROs

Risk Score View: Overview

Devices Page: Overview

Devices Page: Sorting, Searching, and Filtering

Devices Page: Bulk Editing

The Accounts Page: Overview

Making Travel Exceptions from the MDR Portal

Insights: Overview

Cloud Monitoring

The DNS Firewall Page

The Reports View

Monthly Service Report

Monthly Summary

Risk Score Report

Vulnerability Report

The Supplemental Data Page - Overview

Dark Web Monitoring: Overview

Deployment Quick Start Guide

Physical Network Appliances: Overview and Specs

Webinar: Network Appliances - Beyond the Unboxing

Virtual Appliances: Overview

Accessing a Network Appliance Remotely

Installing a Virtual Appliance in AWS

Installing a Virtual Appliance in Azure

Installing a Virtual Appliance on a VMware ESX Cluster

Installing a Virtual Appliance in Google Cloud Platform

Configuring a Virtual Appliance in a Hyper-V Environment

Configuring Traffic Monitoring in Azure

Installing the Appliance in a Port Mirrored Configuration

Installing the Appliance in an Inline Configuration

Configuration Guide: Compact Sensor

Configuration Guide: Shuttle Appliance Series

Configuration Guide: Oskar

Configuration Guide: Business One (version 2)

Configuration Guide: Business One (version 1)

Configuration Guide: Enterprise One

Configuration Guide: Enterprise One Hundred

Quick Start | Validating Your Field Effect Setup

Field Effect Endpoint Service Validation

Validating Network Coverage

Firewall Exceptions for Network Appliances and Endpoint Agents

Logging into the Appliance Dashboard

The Alerts Page

The Agents Page

The Software Page

The Sensors Page

The DNS Activity Page

The DNS Reports Page

The Local Systems Page

The Network Activity Page

The TLS Activity Page

The Appliance Status Page: Overview

Using the Appliance Management Console (v2)

Using the Appliance Management Console (v1)

Checking Appliance Status Using the Appliance Management Console

Signing into the Mobile App

The Organization Selector for Partners

The Profile Tab

Watching AROs from the Mobile App

Field Effect APIs: Overview

Accessing Field Effect's API Documentation

Obtaining your Organization ID

License Management Portal: Overview

Manage LMP Users & Access

Manage Your Partner Profile

Onboard a New Volume License Customer

Choosing a Deployment Solution: Example Scenarios

Manage Volume Licenses

Purchasing Additional Licenses

Offboarding a Customer Account

Co-Branding & Themes for Partners

The Organization Selector for Partners

The Clients View for Partners

Default Settings for Partners

Offboarding Clients (for Partners)

Setting a Default DNS Policy for New Clients

Returning Appliances: Overview

Is Field Effect a SIEM?

What events are collected by Field Effect?

Audit Policy Requirements for Field Effect MDR

Can Field Effect ingest application logs?

Does Field Effect protect against log tampering by the originator?

Can Field Effect store (retain) logs for a required period?

Do Field Effect logs go through an analytic process?

Can Field Effect collect logs from all sources?

What is a One-day, n-day, and zero-day vulnerability?

Do you recommend disabling SMTP, IMAP and POP protocols in Office 365 for regular users?

How does Field Effect leverage AI/ML?

What are Field Effects thoughts on the use of AI?

What is the Field Effect Business Continuity Plan (BCP)?

What does Field Effect MDR do at a high level?

Does Field Effect use Sysmon and if so, how is it configured?

What technology underpins your NIDS?

Does Field Effect isolate my entire network?

How does Field Effect protect my data and information?

Field Effect and SIEMs

What is the status.json file?

How do I remove duplicate endpoints?

Would Field Effect qualify as a Data Loss Prevention (DLP) Solution?

Why was an ARO notification late?

What is an "Impossible Travel" scenario?

ARO: Suspected Typosquat Domain Detected

What's the difference between Resolving and Dismissing an ARO?

ARO: Removable Drive Detected

ARO: Secure Shell (SSH) Brute Force Attempt Detected

ARO: Tools for Remote Administration Detected on your Network

ARO: Audit Log was Cleared

ARO: New Administrative Account Detected

ARO: Insecure Encryption Supported by Server

ARO: Hosts Observed Without Field Effect Agent Installed

ARO: User Authentication Detected

Which remote control software do you monitor for?

Can I manage the travel itinerary for a user?

ARO: New Server detected

I dismissed an ARO but I just received it again!

Azure alerted me to a "User at risk detected", but Field Effect didn't send me an ARO?

ARO: Legacy Authentication Protocol Detected

Should I have MFA setup on a no-reply mailbox?

ARO: Malware Detected on SharePoint

Why didn't I get an ARO for a very high CVE

How do I disable DES and RC4 on my Domain Controller

ARO: Microsoft Windows Support Diagnostic Tool Remote Code Execution Vulnerability

ARO: VPN Authentication Detected

ARO: Email Domain Protection Recommendations

ARO: Vulnerable Software Detected - Overview

ARO: RDP Protocol Observed

Will users be able to login if a computer is isolated?

Can Field Effect MDR send an automated email to our ticketing systems when a computer is isolated?

What is the process to remove isolation and restore network connectivity to affected system in case of false positive? Can I do it myself?

How long would Field Effect take to notice an end point was infected with RansomWare?

What if my organization has another EDR service or solution with blocking capabilities?

How can I manage Active Response for a single endpoint?

My DUO 2FA code isn't working

How does cloud monitoring work?

What is detected with the Cloud Monitoring service?

Where are the cloud sensors deployed?

Is there an account limit on Office 365 domains?

Is there an alternative to using the SEAS plugins

Why did my SEAS submission come back as Inconclusive?

Do I need to use DMARC?

Resolving the "This add-in had previously been uploaded" error

Does Field Effect do any type of Windows Event Log archiving or collection?

Where are the logs stored?

What’s the price to store logs for longer than 90 days?

How will I be charged?

Which data types can be retained?

Can I store system logs generated by external systems, like a VPN solution?

Can I access the logs that are stored?

Is there a best practice recommendation around log sources that should be part of log retention?

How does Log Retention affect compliance requirements?

Why cant I log into the physical appliance?

Troubleshooting Physical Appliances

Can I have confidence that my data is safe on an appliance?

We need to move the Appliance, what do I need to consider?

How does Network Monitoring Work?

Where should the appliance be located within my network architecture?

What is the difference between an inline and port mirrored install configuration?

Should the appliance be in front of or behind my firewall?

What happens if the appliance loses power? Won’t my network stop?

My router or firewall has multiple physical networks on the LAN side. Can I still use the appliance?

Can the appliance monitor internal traffic that does not go to the Internet?

Does the appliance accept inbound connections?

What does the security key do?

How does the appliance deal with VLANs or Network segmentation?

How does the Network Capture (PCAP) process work?

How is network sizing determined for a client's environment?

What are the log retention capabilities of Field Effect MDR?

How can I check my physical appliance is operating correctly?

Logging into your Physical Appliance

What happens to my data when I migrate between appliances?

Why would the Field Effect appliance need to access Tor?

How can I troubleshoot appliance connectivity issues?

Firewall Exceptions for Physical Appliances

If the Primary appliance is down, do secondary appliances also stop monitoring or reporting?

Does the DNS firewall work with Chromebooks?

Do I need to worry about attacks on our Firewall?

DNS Firewall is not working

Looking Up Domains for the DNS Firewall

Error: The organization name already exists in the DNS Firewall Service

An employee is leaving, how should I manage their Field Effect access?

What's the difference between Partner and Client users?

Can I change an email address associated with a login?

PSAs - How can I quickly Navigate to the MDR Portal from my Integration?

Autotask - The integration card is missing on the Integrations page?

Autotask - What happens if I delete an ARO task in Autotask?

Autotask - Why was I was notified that my thread threshold is exceeded?

ConnectWise - My companies aren’t available for mapping in the MDR Portal?

ConnectWise - What if I need to change the name of an organization?

ConnectWise - How can I remove unmapped statuses as choices for ARO Statuses?

ConnectWise - Why is my URL not seen as being a valid domain?

ConnectWise - Can I Move AROs to another Service Board?

ConnectWise - As a Partner, how do I deal with offboarding clients?

ConnectWise - How do I disable this Integration for a single company?

ConnectWise - What if ConnectWise become unreachable?

ConnectWise - Why won’t my status changes to AROs in the Portal sync to ConnectWise?

ConnectWise - How do I change my ConnectWise board for AROs?

Troubleshooting the Endpoint Agent

What Endpoint agents are currently available?

Troubleshooting manual endpoint installation issues for Windows

Troubleshooting manual endpoint installation issues for QNAP

Why am I getting the error "Missing License File"

Can I use a different license.key after I have installed an agent?

How can I stop users uninstalling the Field Effect endpoint agent?

Access the Windows Command Prompt as an administrator

Why can't I see a new Endpoint in the MDR Portal?

How do I remove a device from the Endpoint Devices page?

Am I running Windows 32-bit or 64-bit?

Using Field Effect MDR alongside other Security Solutions

What is the refresh time for an endpoint agent?

Windows Events Logged by the Endpoint Agent

Why am I seeing TOR Project exit nodes in my report?

Can I breakdown the Security Events summary in the Weekly Report?

Why am I seeing logins from unexpected countries on my Monthly Report?

Can I find out more about the Most Resolved Domains listed in the Monthly Report?

Can I find out more about the My Network Summary graph?

What are the "Beacons" mentioned in a report?

As a partner, why am I not receiving reports for one of my clients?

Supplemental Data Table: Email Protection DNS Record Configuration Issues

Supplemental Data Tables - Out-of-Date and End of Life Operating Systems

Supplemental Data Table: Vulnerable Software

Video Showcase: Account Creation & User Management

Video Showcase: The DNS Firewall

Video Showcase: Physical Appliances

Video Showcase: Deploying Field Effect as a Client (Port Mirrored Configuration)

Video Showcase: Using the Field Effect MDR Portal

Is Field Effect a SIEM?
What events are collected by Field Effect?
Audit Policy Requirements for Field Effect MDR
Can Field Effect ingest application logs?
Does Field Effect protect against log tampering by the originator?
Can Field Effect store (retain) logs for a required period?
Do Field Effect logs go through an analytic process?
Can Field Effect collect logs from all sources?
What is a One-day, n-day, and zero-day vulnerability?
Do you recommend disabling SMTP, IMAP and POP protocols in Office 365 for regular users?
How does Field Effect leverage AI/ML?
What are Field Effects thoughts on the use of AI?
What is the Field Effect Business Continuity Plan (BCP)?
What does Field Effect MDR do at a high level?
Does Field Effect use Sysmon and if so, how is it configured?
What technology underpins your NIDS?
Does Field Effect isolate my entire network?
How does Field Effect protect my data and information?
Glossary
Field Effect and SIEMs

FIELDEFFECT.COM • TERMS OF SERVICE • PRIVACY POLICY

Copyright © Field Effect Software Inc. All Rights Reserved.