User mode solution

Available modes

• Kernel mode: Generates events and provides full Activity Monitoring and Anti-Malware functionality, but can only be enabled on systems with the required driver support.
• User mode: Generates events and enables basic functions for Anti-Malware & Activity Monitoring without any driver requirements.

  Note User mode can be enabled to run on a system without using drivers, even if the system supports the drivers required to run in kernel mode.

• Auto: Switches between kernel mode and user mode to provide the best protection available at any given time. Kernel mode is prioritized, but Server & Workload Protection will switch to user mode automatically during any driver support gaps that prevent kernel mode operation. If a system that lacks the required drivers to run in kernel mode later obtains them (from a system update, for example), then the agent automatically switches to use kernel mode and give the system full protection from Activity Monitoring and Anti-Malware.

Choose whether to use drivers for system protection

Supported agents

• Amazon Linux 2 (64-bit)
• Amazon Linux 2023 (64-bit)
• Debian 10 (64-bit)
• Debian 11 (64-bit)
• Debian 12 (64-bit)
• Oracle Linux 8 (64-bit)
• Oracle Linux 9 (64-bit)
• Red Hat Enterprise Linux 9 (64-bit)
• SUSE Linux Enterprise Server 15 (64-bit)
• Ubuntu 20.04 (64-bit)
• Ubuntu 22.04 (64-bit)