Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Manage iSensors

isensor integrations

To view your organization’s current integrated iSensors, monitor their health, and manage their rules and registration, select Integrations → iSensors from the Secureworks® Taegis™ XDR left-hand side navigation.

This page displays the iSensors that your organization has configured in a summary card or table view.



Adjust the Page View

Switch between the summary card view and the table view of iSensors using the buttons at the top of the page.

Alter iSensor View

Alter iSensor View

View iSensor Status and Health

The iSensors page displays quick-view information about each iSensor’s current status and recent activity:

Status Description
HEALTHY The iSensor has reported in and is deployed and healthy.
WARNING The iSensor has not reported in recently or has failed to deploy correctly.
NO DATA The iSensor was previously provisioned but has not reported in recently.
NOT REGISTERED The iSensor has not yet been deployed.
Mode Description
INLINE ACTIVE The iSensor traffic passes through and will block traffic when alerted to do so.
INLINE PASSIVE The iSensor traffic passes through and will not block traffic when alerted to do so.
SNIFFER The iSensor will inspect traffic but the traffic will not pass through the iSensor.
Rule Set Description
Connectivity This rule set is designed to favor device performance over the security controls.
Security This rule set is designed to favor security controls over device performance.
Balanced This rules set is designed to balance the security needs and performance characteristics.


Run the iSensor Change Management Report for detailed information about signature and rule set updates made for each iSensor in your tenant. For more information, see iSensor Change Management Report.

View Detailed iSensor Information

Select a card from the summary card view or the iSensor name from the table view to open additional details about the iSensor.

Detailed iSensor Information

Detailed iSensor Information


The top section displays information about the iSensor, such as its name, IP address, status, mode, rule set in use, HOME_NET, and EXTERNAL_NET.


To change any of the values such as HOME_NET and EXTERNAL_NET, contact support.

Allow and Block Tabs

The Allow and Block tabs display a list of firewall rules configured on the iSensor. Allow rules allow traffic to pass while Block rules block traffic.


Select one or more rules from the list and then choose the Actions menu to Delete or Export to CSV the selected rules.

iSensor Allow/Block Actions

iSensor Allow/Block Actions

Add Allow or Block

To add a new Allow or Block rule to the iSensor:

  1. Select Add Allow or Add Block; the Add Allow/Block Rule form displays.

Add iSensor Block Rule

Add iSensor Block Rule

  1. Enter at least one Source or Destination address or range.
  2. The Ports are Destination checkbox is checked by default; uncheck this option if the port definitions for the rule are source ports.
  3. Specify the ports for the rule: All (default), a single port, a range of ports, or multiple ports separated by commas.
  4. Select the desired protocol, or leave at the default of all protocols.
  5. Select the desired time frame the rule is to be in effect, or leave at the default of always in effect.
  6. Select Deploy Rule to save the rule and attempt to deploy the rule to the iSensor.

Registration Tab

The Registration tab displays the current Registration Key and the Status of that key.

If the key is expired, select the Actions menu and choose Reactivate Key to reactivate the key for use with this iSensor.

Select the Actions menu and choose Download to download the open source files that are used on the iSensor, and if the device is a virtual device, the virtual device for setup.

iSensor Registration Actions

iSensor Registration Actions


You must be a Tenant Administrator to make changes to an iSensor.


Making changes to the Secureworks iSensor® configuration of a live iSensor carries the risk of rendering the iSensor inoperable and/or allowing or blocking certain traffic on your network. The Secureworks iSensor® will make every attempt possible to rollback to the previous configuration when a configuration change is unsuccessful. Secureworks iSensor® configuration changes should be treated with the same level of caution used for any other kind of change in your environment according to your risk and change management guidelines. You should always be prepared to redeploy to the device.


On this page: