Will Endpoint Security work offline?

Hello, if I deploy Endpoint Security to hundreds of computers, and suddenly they cannot contact Elastic Cloud for a few hours, will they continue to run, protect, and download the virus database and all?

Hi @lamp123432

Yes, if Endpoint Security is not able to connect to Kibana or Elasticsearch it will continue to protect your system and download needed updates (assuming it can connect to download them). Alerts and events that could not be sent to Elasticsearch will be cached locally and sent when a connection is available (up to a pretty sizable buffer of 500MB of compressed data).

1 Like