manualshive.com logo in svg

ForeScout CounterACT, Quick Installation Manual

The ForeScout CounterACT is an industry-leading network security product that ensures comprehensive threat and vulnerability management. With a hassle-free installation process, our Quick Installation Manual provides step-by-step instructions for setting up CounterACT. Download this essential manual for free from our website manualshive.com to get started with the ultimate protection for your network.

Share
Download
background image

Quick Installation Guide 

Single Appliance 

Version 8.1 

Port 

Service  

To or From 

Forescout 

Platform 

Function 

10005/TCP  SecureConnector 

for OS X 

To 

Allows SecureConnector to create a 

secure (encrypted TLS) connection to 

the Appliance from OS X machines. 

SecureConnector is an agent that 

enables management of OS X 

endpoints while they are connected to 

the network. Refer to the Forescout 

Administration Guide for more 

information about SecureConnector.  
When SecureConnector connects to an 

Appliance or to the Enterprise Manager 

it is redirected to the Appliance to 

which its host is assigned. Ensure this 

port is open to all Appliances and to 

the Enterprise Manager to allow 

transparent mobility within the 

organization. 

13000/TCP  Forescout 

platform 

From/To 

For deployments with only one 

Appliance – from the Console to the 

Appliance. 
For deployments with more than one 

Appliance – from the Console to the 

Appliance and from one Appliance to 

another. Appliance communication 

includes communication with the 

Enterprise Manager and the Recovery 

Enterprise Manager, using TLS. 

 

Monitor Interface 

The monitor interface allows the Appliance to monitor and track network traffic. Any 

available interface can be used as the monitor interface. 
Traffic is mirrored to a port on the switch and monitored by the Appliance. The use of 

802.1Q VLAN tagging depends upon the number of VLANs being mirrored. 

 

Single VLAN: When monitored traffic is generated from a single VLAN, the 

mirrored traffic does not need to be VLAN tagged. 

 

Multiple VLANs: If monitored traffic is from more than one VLAN, the 

mirrored traffic must be 802.1Q VLAN tagged. 

When two switches are connected as a redundant pair, the Appliance must monitor 

traffic from both switches. 
No IP address is required on the monitor interface. 

Response Interface 

The Appliance responds to traffic using the response interface. Response traffic is 

used to protect against malicious activity and to perform policy actions. These 

Summary of Contents for CounterACT

Page 1: ...Forescout Quick Installation Guide Single Appliance Version 8 1 ...

Page 2: ...ebsite for additional technical documentation https www forescout com company resources Have feedback or questions Write to us at documentation forescout com Legal Notice 2019 Forescout Technologies Inc All rights reserved Forescout Technologies Inc is a Delaware corporation A list of our trademarks and patents can be found at https www forescout com company legal intellectual property patents tra...

Page 3: ...able Inline Tap 11 4 IP Layer Response for Layer 3 Switch Installations 11 B Switch Setting Notes 12 VLAN 802 1Q Tags 12 Additional Guidelines 12 3 Connect Network Cables and Power On 13 A Unpack the Appliance and Connect Cables 13 B Record the Interface Assignments 13 C Power on the Appliance 14 4 Configure the Appliance 15 5 Remote Management 19 iDRAC Setup 19 Enable and Configure the iDRAC Modu...

Page 4: ...Quick Installation Guide Single Appliance Version 8 1 4 Additional Forescout Documentation 27 Documentation Downloads 27 Documentation Portal 28 Forescout Help Tools 28 ...

Page 5: ...rade path outlined in the version Release Notes For more detailed information or information about upgrade or about deploying multiple Appliances for enterprise wide network protection refer to the Forescout Installation Guide and Forescout Administration Guide See Additional Forescout Documentation for information on how to access these guides Additionally you can navigate to the support website ...

Page 6: ...ample if your policy depends on monitoring authorization events from endpoints to corporate authentication servers the Appliance will need to be installed so that it sees endpoint traffic flowing into authentication server s For more information about installation and deployment refer to the Forescout Installation Guide See Additional Forescout Documentation for information on how to access this g...

Page 7: ...y pair Use 22 TCP to access the shared virtual IP address of the pair 25 TCP SMTP From Allows the Forescout platform access to the enterprise mail relay 53 UDP DNS From Allows the Forescout platform to resolve internal IP addresses 80 TCP HTTP To Allows HTTP redirection 123 UDP NTP From Allows the Forescout platform access to a local time server or ntp forescout net By default the Forescout platfo...

Page 8: ...LS 2200 TCP SecureConnector for Linux To Allows SecureConnector to create a secure encrypted SSH connection to the Appliance from Linux machines SecureConnector is a script based agent that enables management of Linux endpoints while they are connected to the network 10003 TCP SecureConnector for Windows To Allows SecureConnector to create a secure encrypted TLS connection to the Appliance from Wi...

Page 9: ...from the Console to the Appliance and from one Appliance to another Appliance communication includes communication with the Enterprise Manager and the Recovery Enterprise Manager using TLS Monitor Interface The monitor interface allows the Appliance to monitor and track network traffic Any available interface can be used as the monitor interface Traffic is mirrored to a port on the switch and moni...

Page 10: ...interface can be used as the response interface Single VLAN When monitored traffic is generated from a single VLAN the response port must belong to the same VLAN In this case the Appliance requires a single IP address on that VLAN Multiple VLANs If monitored traffic is from more than one VLAN the response port must also be configured with 802 1Q VLAN tagging for the same VLANs The Appliance requir...

Page 11: ... and one for downstream traffic except in the case of a recombination tap which combines the two duplex streams into a single port Note that if the traffic on the tapped port is 802 1Q VLAN tagged then the response port must also be 802 1Q VLAN tagged 3 Active Injection Capable Inline Tap The Appliance can use an active inline tap If the tap is injection capable the Appliance combines the monitor ...

Page 12: ... minimizing the number of mirroring ports If the switch cannot use an 802 1Q VLAN tag on the mirroring port then do one of the following Mirror only a single VLAN Mirror a single untagged uplink port Use the IP layer response option If the switch can only mirror one port then mirror a single uplink port This may be tagged In general if the switch strips the 802 1Q VLAN tags you must use the IP lay...

Page 13: ... Forescout supplied SFPs with Finisar SFPs that have been tested and approved by Forescout Refer to the Forescout Installation Guide for more details B Record the Interface Assignments After completing the Appliance installation at the data center and installing the Forescout Console you will be prompted to register interface assignments These assignments referred to as Channel definitions are ent...

Page 14: ...power connector on the Appliance rear panel 2 Connect the other end of the power cable to a grounded AC outlet 3 Connect the keyboard and monitor to the Appliance or set up the Appliance for serial connection Refer to the Forescout Installation Guide for more information 4 Power on the Appliance from the front panel ...

Page 15: ...lightly different prompts CounterACT Appliance boot is complete Press Enter to continue 1 Press Enter If you have a Forescout 51xx Appliance the following menu appears CounterACT 8 0 0 build options 1 Configure CounterACT 2 Restore saved CounterACT configuration 3 Identify and renumber network interfaces 4 Configure keyboard layout 5 Turn machine off 6 Reboot the machine Choice 1 6 1 If you have a...

Page 16: ... setup 3 The High Availability Mode prompt opens Press Enter to select Standard Installation 4 The CounterACT Initial Setup prompt is displayed Press Enter to continue 5 The Select CounterACT Installation Type prompt opens Type 1 and press Enter to install a standard CounterACT Appliance The setup is initialized This may take a few moments 6 The Select Licensing Mode prompt opens Select the licens...

Page 17: ...e than one DNS server address separate each address with a space Most internal DNS servers resolve external and internal addresses but you may need to include an external resolving DNS server As nearly all DNS queries performed by the Appliance will be for internal addresses the external DNS server should be listed last 11 The Setup Summary screen is displayed You are prompted to perform general c...

Page 18: ... to the Forescout Administration Guide for more information about license management in Per Appliance licensing mode If your Forescout deployment is operating in Flexx Licensing Mode the Entitlement administrator should receive an email when the license entitlement is created and available in the Forescout Customer Portal Once available the Deployment administrator can activate the license in the ...

Page 19: ...eshooting and maintenance tasks Perform the following to work with the iDRAC module Enable and Configure the iDRAC Module Connect the Module to the Network Login to iDRAC Enable and Configure the iDRAC Module Change the iDRAC settings to enable remote access on the CounterACT device This section describes basic integration settings required for working with the Forescout platform To configure iDRA...

Page 20: ...you can update a dynamic DNS Optional IPV4 Settings Verify that the Enable IPv4 field is set to Enabled Set the Enable DHCP field to Enabled to use Dynamic IP Addressing or to Disabled to use Static IP Addressing If enabled DHCP will automatically assign the IP address gateway and subnet mask to iDRAC If disabled enter values for the Static IP Address Static Gateway and Static Subnet Mask fields 6...

Page 21: ...e levels to Administrator Change Password Set a password for user login 9 Select Back and then select Finish Confirm the changed settings The configured settings are saved and the system reboots Connect the Module to the Network The iDRAC connects to an Ethernet network It is customary to connect it to a management network The following image shows the iDRAC port location on the rear panel of the ...

Page 22: ... 3 Select Submit For further information about iDRAC refer to the iDRAC User s Guide You can access this guide in the following location https forescout com company resources idrac 9 user guide To identify your licensing mode From the Console select Help About Forescout It is very important to update the default root password if you have not done so already ...

Page 23: ... in to the Appliance and run the following command fstool linktest The following information is displayed Management Interface status Pinging default gateway information Ping statistics Performing Name Resolution Test Test summary Perform a Ping Test Run the following command from the Appliance to a network desktop to verify connectivity Ping network_desktop_IP_address ...

Page 24: ...hine running Windows 7 8 8 1 10 Windows Server 2008 2008 R2 2012 2012 R2 2016 Linux RHEL CentOS 7 macOS 10 12 10 13 10 14 2GB RAM 1GB disk space The following method is available for performing the Console installation Use the installation software built into your Appliance 4 Open a browser window from the Console computer 5 Type the following into the browser address line http Appliance_ip instal...

Page 25: ...eld enter admin 4 In the Password field enter the password you created during Appliance installation 5 Select Login to launch the Console Perform Initial Setup When you log in for the first time the Initial Setup Wizard opens The Wizard guides you through essential configuration steps to get the Forescout platform up and running quickly and efficiently ...

Page 26: ...e network segment VLANs to which the response interface is directly connected and a permanent IP address to be used by the Forescout platform at each such VLAN IP address range that this Appliance will monitor all the internal addresses including unused addresses LDAP user account information and the LDAP server IP address Domain credentials including the domain administrative account name and pas...

Page 27: ...provides links to the full range of technical documentation To access the Forescout Resources Page Go to https www Forescout com company resources select Technical Documentation and search for documents Product Updates Portal The Product Updates Portal provides links to Forescout version releases Base and Content Modules and eyeExtend products as well as related documentation The portal also provi...

Page 28: ...l Go to https updates forescout com support files counteract docs_portal and use your customer support credentials to log in Forescout Help Tools Access information directly from the Console Console Help Buttons Use context sensitive Help buttons to quickly access information about the tasks and topics you are working with Forescout Administration Guide Select Forescout Help from the Help menu Plu...

Reviews:

No comments

Related manuals for CounterACT

3Com TokenLink Velocity 3C319 Release Note preview
TokenLink Velocity 3C319
Brand: 3Com Pages: 2
Lanpro LP-N24 Installation Instructions preview
LP-N24
Brand: Lanpro Pages: 5
ebm-papst VBH0630CTTRS Operating Instructions Manual preview
VBH0630CTTRS
Brand: ebm-papst Pages: 16
ekwb EK-FC780 GTX Jetstream Installation And Mounting Manual preview
EK-FC780 GTX Jetstream
Brand: ekwb Pages: 2
Lanner NCA-4035 User Manual preview
NCA-4035
Brand: Lanner Pages: 109
Renesas Emulator MCU Board for 38D5 Group M38D59T-RLFS User Manual preview
Emulator MCU Board for 38D5 Group M38D59T-RLFS
Brand: Renesas Pages: 4
4G Systems XSBox MOVE Quick Start Manual preview
XSBox MOVE
Brand: 4G Systems Pages: 2
Idis DR-1508P Operation Manual preview
DR-1508P
Brand: Idis Pages: 85
ZKTeco HVR0402 User Manual preview
HVR0402
Brand: ZKTeco Pages: 68
Harman crown PIP Series Reference Manual preview
crown PIP Series
Brand: Harman Pages: 16
Logicube ZCLONE User Manual preview
ZCLONE
Brand: Logicube Pages: 56
ZALMAN RESERATOR2 Installation And Operational Manual preview
RESERATOR2
Brand: ZALMAN Pages: 18
Procool SP480 Series Instructions preview
SP480 Series
Brand: Procool Pages: 2
B&B Electronics PCMCIA 232PCC2 Owner'S Manual preview
PCMCIA 232PCC2
Brand: B&B Electronics Pages: 24
Allied Telesis CentreCOM AT-3716XL Quick Install Manual preview
CentreCOM AT-3716XL
Brand: Allied Telesis Pages: 2
Gtran Wireless DotSurfer GPC-2100 User Manual preview
DotSurfer GPC-2100
Brand: Gtran Wireless Pages: 44
Aerotech QNP3 Series Hardware Manual preview
QNP3 Series
Brand: Aerotech Pages: 62
RME Audio AI4S-192 AIO User Manual preview
AI4S-192 AIO
Brand: RME Audio Pages: 7

Brands by name

Popular brands

Load more brands