Oct 25 2019
- last edited on
Nov 30 2021
Hi Azure ATP Tech Community,
I have a few questions in relation to the update process for the sensor and am hoping you can help?
1) Do all updates (minor and major revisions) require a reboot of the DC?
2) If the answer to the above is no - what determines if a reboot is required? (IE only major revisions require reboots, or does it vary depending on what the update contains?)
3) If you check the box not to allow automatic DC reboots as part of the update process, is a health alert generated in the portal, post update to advise sec ops analysts that a reboot is pending on a particular DC?
4) If a post update reboot is pending on a DC, what state does that leave the sensor in on that DC?
For example, does it work at all? does it work with the same functionality as it had pre-update but post update enhancements don't work until post reboot, or does it simply not report to the ATP service at all (therefore making sure reboots take place are highly critical to the function of the service overall)?