ForeScout CounterACT Quick Installation Manual Download Page 7

Page: 7 / 28

Quick Installation Guide

Single Appliance

Version 8.1

Network Access Requirements

Port

Service

To or From

Forescout

Platform

Function

22/TCP

SSH

From

Allows remote inspection of OS X and

Linux endpoints.
Allows the Forescout platform to

communicate with network switches

and routers.

Allows access to the Forescout

platform command line interface.

2222/TCP

SSH

(High Availability) Allows access to the

physical Appliances that are part of the

High Availability pair.
Use 22/TCP to access the shared

(virtual) IP address of the pair.

25/TCP

SMTP

From

Allows the Forescout platform access

to the enterprise mail relay.

53/UDP

DNS

From

Allows the Forescout platform to

resolve internal IP addresses.

80/TCP

HTTP

Allows HTTP redirection.

123/UDP

NTP

From

Allows the Forescout platform access

to a local time server or

ntp.forescout.net.
By default the Forescout platform

accesses ntp.foreScout.net

135/TCP

MS-WMI

From

Allows remote inspection of Windows

endpoints.

139/TCP

SMB, MS-RPC

From

Allows remote inspection of Windows

endpoints (For endpoints running

Windows 7 and earlier).

445/TCP

Allows remote inspection of Windows

endpoints.

Summary of Contents for CounterACT

Page 1: ...Forescout Quick Installation Guide Single Appliance Version 8 1 ...

Page 2: ...ebsite for additional technical documentation https www forescout com company resources Have feedback or questions Write to us at documentation forescout com Legal Notice 2019 Forescout Technologies Inc All rights reserved Forescout Technologies Inc is a Delaware corporation A list of our trademarks and patents can be found at https www forescout com company legal intellectual property patents tra...

Page 3: ...able Inline Tap 11 4 IP Layer Response for Layer 3 Switch Installations 11 B Switch Setting Notes 12 VLAN 802 1Q Tags 12 Additional Guidelines 12 3 Connect Network Cables and Power On 13 A Unpack the Appliance and Connect Cables 13 B Record the Interface Assignments 13 C Power on the Appliance 14 4 Configure the Appliance 15 5 Remote Management 19 iDRAC Setup 19 Enable and Configure the iDRAC Modu...

Page 4: ...Quick Installation Guide Single Appliance Version 8 1 4 Additional Forescout Documentation 27 Documentation Downloads 27 Documentation Portal 28 Forescout Help Tools 28 ...

Page 5: ...rade path outlined in the version Release Notes For more detailed information or information about upgrade or about deploying multiple Appliances for enterprise wide network protection refer to the Forescout Installation Guide and Forescout Administration Guide See Additional Forescout Documentation for information on how to access these guides Additionally you can navigate to the support website ...

Page 6: ...ample if your policy depends on monitoring authorization events from endpoints to corporate authentication servers the Appliance will need to be installed so that it sees endpoint traffic flowing into authentication server s For more information about installation and deployment refer to the Forescout Installation Guide See Additional Forescout Documentation for information on how to access this g...

Page 7: ...y pair Use 22 TCP to access the shared virtual IP address of the pair 25 TCP SMTP From Allows the Forescout platform access to the enterprise mail relay 53 UDP DNS From Allows the Forescout platform to resolve internal IP addresses 80 TCP HTTP To Allows HTTP redirection 123 UDP NTP From Allows the Forescout platform access to a local time server or ntp forescout net By default the Forescout platfo...

Page 8: ...LS 2200 TCP SecureConnector for Linux To Allows SecureConnector to create a secure encrypted SSH connection to the Appliance from Linux machines SecureConnector is a script based agent that enables management of Linux endpoints while they are connected to the network 10003 TCP SecureConnector for Windows To Allows SecureConnector to create a secure encrypted TLS connection to the Appliance from Wi...

Page 9: ...from the Console to the Appliance and from one Appliance to another Appliance communication includes communication with the Enterprise Manager and the Recovery Enterprise Manager using TLS Monitor Interface The monitor interface allows the Appliance to monitor and track network traffic Any available interface can be used as the monitor interface Traffic is mirrored to a port on the switch and moni...

Page 10: ...interface can be used as the response interface Single VLAN When monitored traffic is generated from a single VLAN the response port must belong to the same VLAN In this case the Appliance requires a single IP address on that VLAN Multiple VLANs If monitored traffic is from more than one VLAN the response port must also be configured with 802 1Q VLAN tagging for the same VLANs The Appliance requir...

Page 11: ... and one for downstream traffic except in the case of a recombination tap which combines the two duplex streams into a single port Note that if the traffic on the tapped port is 802 1Q VLAN tagged then the response port must also be 802 1Q VLAN tagged 3 Active Injection Capable Inline Tap The Appliance can use an active inline tap If the tap is injection capable the Appliance combines the monitor ...

Page 12: ... minimizing the number of mirroring ports If the switch cannot use an 802 1Q VLAN tag on the mirroring port then do one of the following Mirror only a single VLAN Mirror a single untagged uplink port Use the IP layer response option If the switch can only mirror one port then mirror a single uplink port This may be tagged In general if the switch strips the 802 1Q VLAN tags you must use the IP lay...

Page 13: ... Forescout supplied SFPs with Finisar SFPs that have been tested and approved by Forescout Refer to the Forescout Installation Guide for more details B Record the Interface Assignments After completing the Appliance installation at the data center and installing the Forescout Console you will be prompted to register interface assignments These assignments referred to as Channel definitions are ent...

Page 14: ...power connector on the Appliance rear panel 2 Connect the other end of the power cable to a grounded AC outlet 3 Connect the keyboard and monitor to the Appliance or set up the Appliance for serial connection Refer to the Forescout Installation Guide for more information 4 Power on the Appliance from the front panel ...

Page 15: ...lightly different prompts CounterACT Appliance boot is complete Press Enter to continue 1 Press Enter If you have a Forescout 51xx Appliance the following menu appears CounterACT 8 0 0 build options 1 Configure CounterACT 2 Restore saved CounterACT configuration 3 Identify and renumber network interfaces 4 Configure keyboard layout 5 Turn machine off 6 Reboot the machine Choice 1 6 1 If you have a...

Page 16: ... setup 3 The High Availability Mode prompt opens Press Enter to select Standard Installation 4 The CounterACT Initial Setup prompt is displayed Press Enter to continue 5 The Select CounterACT Installation Type prompt opens Type 1 and press Enter to install a standard CounterACT Appliance The setup is initialized This may take a few moments 6 The Select Licensing Mode prompt opens Select the licens...

Page 17: ...e than one DNS server address separate each address with a space Most internal DNS servers resolve external and internal addresses but you may need to include an external resolving DNS server As nearly all DNS queries performed by the Appliance will be for internal addresses the external DNS server should be listed last 11 The Setup Summary screen is displayed You are prompted to perform general c...

Page 18: ... to the Forescout Administration Guide for more information about license management in Per Appliance licensing mode If your Forescout deployment is operating in Flexx Licensing Mode the Entitlement administrator should receive an email when the license entitlement is created and available in the Forescout Customer Portal Once available the Deployment administrator can activate the license in the ...

Page 19: ...eshooting and maintenance tasks Perform the following to work with the iDRAC module Enable and Configure the iDRAC Module Connect the Module to the Network Login to iDRAC Enable and Configure the iDRAC Module Change the iDRAC settings to enable remote access on the CounterACT device This section describes basic integration settings required for working with the Forescout platform To configure iDRA...

Page 20: ...you can update a dynamic DNS Optional IPV4 Settings Verify that the Enable IPv4 field is set to Enabled Set the Enable DHCP field to Enabled to use Dynamic IP Addressing or to Disabled to use Static IP Addressing If enabled DHCP will automatically assign the IP address gateway and subnet mask to iDRAC If disabled enter values for the Static IP Address Static Gateway and Static Subnet Mask fields 6...

Page 21: ...e levels to Administrator Change Password Set a password for user login 9 Select Back and then select Finish Confirm the changed settings The configured settings are saved and the system reboots Connect the Module to the Network The iDRAC connects to an Ethernet network It is customary to connect it to a management network The following image shows the iDRAC port location on the rear panel of the ...

Page 22: ... 3 Select Submit For further information about iDRAC refer to the iDRAC User s Guide You can access this guide in the following location https forescout com company resources idrac 9 user guide To identify your licensing mode From the Console select Help About Forescout It is very important to update the default root password if you have not done so already ...

Page 23: ... in to the Appliance and run the following command fstool linktest The following information is displayed Management Interface status Pinging default gateway information Ping statistics Performing Name Resolution Test Test summary Perform a Ping Test Run the following command from the Appliance to a network desktop to verify connectivity Ping network_desktop_IP_address ...

Page 24: ...hine running Windows 7 8 8 1 10 Windows Server 2008 2008 R2 2012 2012 R2 2016 Linux RHEL CentOS 7 macOS 10 12 10 13 10 14 2GB RAM 1GB disk space The following method is available for performing the Console installation Use the installation software built into your Appliance 4 Open a browser window from the Console computer 5 Type the following into the browser address line http Appliance_ip instal...

Page 25: ...eld enter admin 4 In the Password field enter the password you created during Appliance installation 5 Select Login to launch the Console Perform Initial Setup When you log in for the first time the Initial Setup Wizard opens The Wizard guides you through essential configuration steps to get the Forescout platform up and running quickly and efficiently ...

Page 26: ...e network segment VLANs to which the response interface is directly connected and a permanent IP address to be used by the Forescout platform at each such VLAN IP address range that this Appliance will monitor all the internal addresses including unused addresses LDAP user account information and the LDAP server IP address Domain credentials including the domain administrative account name and pas...

Page 27: ...provides links to the full range of technical documentation To access the Forescout Resources Page Go to https www Forescout com company resources select Technical Documentation and search for documents Product Updates Portal The Product Updates Portal provides links to Forescout version releases Base and Content Modules and eyeExtend products as well as related documentation The portal also provi...

Page 28: ...l Go to https updates forescout com support files counteract docs_portal and use your customer support credentials to log in Forescout Help Tools Access information directly from the Console Console Help Buttons Use context sensitive Help buttons to quickly access information about the tasks and topics you are working with Forescout Administration Guide Select Forescout Help from the Help menu Plu...

Search results

Summary of Contents for CounterACT

Reviews:

Related manuals for CounterACT

Brands by name

Popular brands

ForeScout CounterACT, Quick Installation Manual

Search results

Summary of Contents for CounterACT

Reviews:

Related manuals for CounterACT

Brands by name

Popular brands