Table of Contents
Advertisement
Advertisement
Table of Contents
Summary of Contents for ForeScout CounterACT
- Page 1 Forescout Quick Installation Guide Single Appliance Version 8.1...
-
Page 2: Contact Information
Legal Notice © 2019 Forescout Technologies, Inc. All rights reserved. Forescout Technologies, Inc. is a Delaware corporation. A list of our trademarks and patents can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks. Other brands, products, or service names may be trademarks or service marks of their respective owners. -
Page 3: Table Of Contents
Login to iDRAC ..................21 6. Verify Connectivity ................. 23 Verify the Management Interface Connection ..........23 Perform a Ping Test ..................23 7. Set Up the Forescout Console ..............24 Install the Console..................24 Log In ....................... 24 Perform Initial Setup .................. 25 Before You Start the Initial Setup ............. - Page 4 Quick Installation Guide Single Appliance Additional Forescout Documentation ............27 Documentation Downloads ..............27 Documentation Portal ................28 Forescout Help Tools ................28 Version 8.1...
-
Page 5: Welcome To Version 8.1
To use version 8.1, follow the approved upgrade path, outlined in the version Release Notes. For more detailed information or information about upgrade or about deploying multiple Appliances for enterprise-wide network protection, refer to the Forescout Installation Guide and Forescout Administration Guide. See Additional Forescout Documentation for information on how to access these guides. -
Page 6: Overview
For example, if your policy depends on monitoring authorization events from endpoints to corporate authentication servers, the Appliance will need to be installed so that it sees endpoint traffic flowing into authentication server(s). For more information about installation and deployment, refer to the Forescout Installation Guide. See Additional Forescout Documentation for information on how to access this guide. - Page 7 Forescout Platform 22/TCP From Allows remote inspection of OS X and Linux endpoints. Allows the Forescout platform to communicate with network switches and routers. Allows access to the Forescout platform command line interface. 2222/TCP (High Availability) Allows access to the physical Appliances that are part of the High Availability pair.
- Page 8 Appliance from Windows machines. SecureConnector is an agent that enables management of Windows endpoints while they are connected to the network. Refer to the Forescout Administration Guide for more information about SecureConnector. When SecureConnector connects to an Appliance or to the Enterprise Manager it is redirected to the Appliance to which its host is assigned.
-
Page 9: Monitor Interface
Appliance from OS X machines. SecureConnector is an agent that enables management of OS X endpoints while they are connected to the network. Refer to the Forescout Administration Guide for more information about SecureConnector. When SecureConnector connects to an... - Page 10 Quick Installation Guide Single Appliance actions may include, for example, redirecting web browsers or performing session blocking. The related switch port configuration depends upon the traffic being monitored. Any available interface can be used as the response interface. Single VLAN: When monitored traffic is generated from a single VLAN, the ...
-
Page 11: Set Up Your Switch
Quick Installation Guide Single Appliance 2. Set up your Switch A. Switch Connection Options The Appliance was designed to seamlessly integrate with a wide variety of network environments. To successfully integrate the Appliance into your network, verify that your switch is set up to monitor required traffic. Several options are available for connecting the Appliance to your switch. -
Page 12: Switch Setting Notes
Quick Installation Guide Single Appliance monitoring a link connecting two routers. This option cannot respond to Address Resolution Protocol (ARP) requests, which limits the ability of the Appliance to detect scans aimed at the IP addresses included in the monitored subnet. This limitation does not apply when traffic between two routers is being monitored. -
Page 13: Connect Network Cables And Power On
Rear Panel Sample – CounterACT Device You can replace Forescout-supplied SFPs with Finisar SFPs that have been tested and approved by Forescout. Refer to the Forescout Installation Guide for more details. B. Record the Interface Assignments After completing the Appliance installation at the data center and installing the Forescout Console, you will be prompted to register interface assignments. -
Page 14: Power On The Appliance
2. Connect the other end of the power cable to a grounded AC outlet. 3. Connect the keyboard and monitor to the Appliance or set up the Appliance for serial connection. Refer to the Forescout Installation Guide for more information. -
Page 15: Configure The Appliance
If you have a CT-xxxx Appliance, you will see either CounterACT 7.0.0 or CounterACT 8.0.0 listed as the version at the top of the menu. If you see CounterACT 7.0.0, you can either upgrade to or perform a fresh −... - Page 16 Quick Installation Guide Single Appliance If you see CounterACT 8.0.0, the menu offers an option to install 7.0.0 or − to configure 8.0.0, as shown below. If you select 7.0.0, you will not be able to reinstall 8.0.0 through the Configuration menu. See the Forescout Installation Guide version 7.0.0 for details on configuring version 7.0.0.
- Page 17 Mode, you can now start to work using the demo license, which is valid for 30 days. During this period, you should receive a permanent license from Forescout and place it in an accessible folder on your disk or network. Install the license from this location before the 30-day demo license expires (If necessary, you can request an extension to the demo license.).
- Page 18 Quick Installation Guide Single Appliance At least one CounterACT device must be able to access the Internet. This − connection is used to validate Forescout licenses against the Forescout License server. Licenses that cannot be authenticated for one month will be revoked.
-
Page 19: Remote Management
The Integrated Dell Remote Access Controller (iDRAC) is an integrated server system solution that gives you location–independent/OS-independent remote access over the LAN or Internet to CounterACT Appliances. Use the module to carry out KVM access, power on/off/reset and perform troubleshooting and maintenance tasks. - Page 20 Quick Installation Guide Single Appliance 5. Configure the following Network settings: Network Settings. Verify that the Enable NIC field is set to Enabled. − − Common Settings. In the DNS DRAC Name field, you can update a − dynamic DNS (Optional). IPV4 Settings.
-
Page 21: Connect The Module To The Network
8. Configure the following User Configuration fields for the ‘root’ user: Enable User. Verify that this field is set to Enabled. − The user name configured here is not the same as the Forescout user name. LAN and Serial Port User Privileges. Set privilege levels to −... - Page 22 For further information about iDRAC, refer to the iDRAC User’s Guide. You can access this guide in the following location: https://forescout.com/company/resources/idrac-9-user-guide/ To identify your licensing mode: From the Console, select Help > About Forescout. It is very important to update the default root password, if you have not done so ...
-
Page 23: Verify Connectivity
Quick Installation Guide Single Appliance 6. Verify Connectivity Verify the Management Interface Connection To test the management interface connection, log in to the Appliance and run the following command: fstool linktest The following information is displayed: Management Interface status Pinging default gateway information Ping statistics Performing Name Resolution Test Test summary... -
Page 24: Set Up The Forescout Console
The Console is the Forescout management application used to view important detailed information about endpoints and control them. This information is collected by CounterACT devices. Refer to the Forescout Administration Guide for more information. You must supply a machine to host the Forescout Console application software. -
Page 25: Perform Initial Setup
5. Select Login to launch the Console. Perform Initial Setup When you log in for the first time, the Initial Setup Wizard opens. The Wizard guides you through essential configuration steps to get the Forescout platform up and running quickly and efficiently. Version 8.1... -
Page 26: Before You Start The Initial Setup
Authentication servers, so that the Forescout platform can analyze which network hosts have successfully been authenticated Switch IP Address, Vendor and SNMP Parameters Refer to the Forescout Administration Guide or Online Help for information about working with the Wizard. Version 8.1... -
Page 27: Additional Forescout Documentation
Documentation Downloads Documentation downloads can be accessed from the Forescout Resources Page, or one of two Forescout portals, depending on which licensing mode your deployment is using. Per-Appliance Licensing Mode – Product Updates Portal Flexx Licensing Mode –... -
Page 28: Documentation Portal
Downloads. Documentation Portal The Forescout Documentation Portal is a searchable, web-based library containing information about Forescout tools, features, functionality, and integrations. If your deployment is using Flexx Licensing Mode, you may not have received credentials to access this portal.
Need help?
Do you have a question about the CounterACT and is the answer not in the manual?
Questions and answers