Strengthening UNLV Device Security With SentinelOne

Overview

UNLV is enhancing its cybersecurity defenses by upgrading its antivirus software to SentinelOne, a more modern, AI-driven security platform designed to better protect against today’s sophisticated cyber threats. SentinelOne utilizes AI to automatically detect, stop, and remediate malware, ransomware, phishing, and other advanced threats in real-time. This upgrade helps keep UNLV devices and data secure.

Planned Improvements

SentinelOne uses AI to identify suspicious behavior before it escalates into an incident, even from new threats it has never encountered before.

If a threat is detected, SentinelOne can automatically isolate and remediate the damage without requiring a security expert to intervene.

SentinelOne can undo changes made by a cyberattack, such as a ransomware infection, restoring your system to its healthy state before the attack occurred.

The cybersecurity team can manage and monitor the security of all devices on centralized dashboards, getting real-time insights into device health, alerts, and overall security posture. Unified management also makes it easier to deploy and update different types of devices together.

SentinelOne’s enhanced protections help UNLV meet compliance requirements (e.g., FERPA, HIPAA, NIST, etc.) for protecting sensitive university data.

Project Timeline*

  • UNLV IT Pilot | November-December 2025
    • Phase 0: SentinelOne installation on IT-managed devices
  • Campuswide Rollout | January-March 2026
    • Phase 1: SentinelOne installation on IT-managed devices
    • Phase 2: SentinelOne Installation on non-IT-managed devices
    • Phase 3: Disable and remove Sophos software and Activate SentinelOne

If your device isn’t managed by IT, contact your department’s IT support team (e.g., School of Medicine, etc.).

*Subject to change. Updates will be posted here and in official communications to users.

What to Expect

Installation process (Devices enrolled in Mobile Device Management)

  • SentinelOne will automatically install on Windows devices (via MECM) and Mac devices (via JAMF). No action is needed.

Installation process (Devices NOT enrolled in Mobile Device Management)

  • Manual installation is possible, but it is recommended to get enrolled in the proper MDM platform. If your device is supported by OIT, please submit a ticket.
  • If your device is supported by a departmental IT team, please contact that team directly.

User Impact

  • No interruptions: You can keep using your device while SentinelOne is installed. You shouldn’t notice any changes or slowdowns. If you experience issues, please submit an IT support ticket request.
  • Device protection: During the transition, IT-managed devices will stay protected. Both SentinelOne and Sophos will run simultaneously to ensure everything works correctly. Once SentinelOne security protection is enabled, Sophos will be removed from the devices.

Communications

We’ll send targeted communications to affected departments and users throughout the rollout. This includes messages when SentinelOne’s advanced protection features are turned on.

Frequently Asked Questions

Following the installation of SentinelOne, the SentinelOne icon appears in your Windows device’s system tray (located at the bottom right of your screen) or Mac device’s menu bar (located at the top right of your screen).

No. Both Sophos and SentinelOne will temporarily be on your device at the same time. Once SentinelOne’s protection features are turned on, Sophos will be removed.

SentinelOne runs quietly in the background for real-time protection, and you shouldn’t notice a difference in your device's performance. If you’re working with multiple files, you may experience some slowdown.

Contacts

Technical Assistance

Project Lead
Jason Griffin - Senior Information Security Analyst

Project Sponsor
Vito Rocco - Chief Information Security Officer