manualshive.com logo in svg

ForeScout CounterACT, Быстрое руководство по установке

ForeScout CounterACT - это мощный продукт, обеспечивающий безопасность сети. Для быстрой установки и настройки требуется быстрое руководство. Вы можете скачать его бесплатно с нашего сайта. Важно иметь это руководство в вашем арсенале для обеспечения безопасности вашей сети. Скачайте его с manualshive.com.

Поделиться
Скачать
background image

Quick Installation Guide 

Single Appliance 

Version 8.1 

24 

7. Set Up the Forescout Console 

Install the Console 

The Console is the Forescout management application used to view important 

detailed information about endpoints and control them. This information is collected 

by CounterACT devices. Refer to the Forescout Administration Guide for more 

information. 
You must supply a machine to host the Forescout Console application software. 

Minimum hardware requirements are: 

 

Non-dedicated machine, running: 

 

Windows 7/8/8.1/10 

 

Windows Server 2008/2008 R2/2012/2012 R2/2016 

 

Linux RHEL/CentOS 7 

 

macOS 10.12/10.13/10.14 

 

2GB RAM 

 

1GB disk space 

The following method is available for performing the Console installation: 

Use the installation software built into your Appliance. 
4.

 

Open a browser window from the Console computer. 

5.

 

Type the following into the browser address line: 

http://<Appliance_ip>/install 

Where Appliance_ip is the IP address of this Appliance. The browser displays 

the Console installation window. 

6.

 

Follow the on-screen instructions. 

Log In 

After completing the installation, you can log in to the Console. 

1.

 

Select the Forescout icon from the shortcut location you created. 

Содержание CounterACT

Страница 1: ...Forescout Quick Installation Guide Single Appliance Version 8 1 ...

Страница 2: ...ebsite for additional technical documentation https www forescout com company resources Have feedback or questions Write to us at documentation forescout com Legal Notice 2019 Forescout Technologies Inc All rights reserved Forescout Technologies Inc is a Delaware corporation A list of our trademarks and patents can be found at https www forescout com company legal intellectual property patents tra...

Страница 3: ...able Inline Tap 11 4 IP Layer Response for Layer 3 Switch Installations 11 B Switch Setting Notes 12 VLAN 802 1Q Tags 12 Additional Guidelines 12 3 Connect Network Cables and Power On 13 A Unpack the Appliance and Connect Cables 13 B Record the Interface Assignments 13 C Power on the Appliance 14 4 Configure the Appliance 15 5 Remote Management 19 iDRAC Setup 19 Enable and Configure the iDRAC Modu...

Страница 4: ...Quick Installation Guide Single Appliance Version 8 1 4 Additional Forescout Documentation 27 Documentation Downloads 27 Documentation Portal 28 Forescout Help Tools 28 ...

Страница 5: ...rade path outlined in the version Release Notes For more detailed information or information about upgrade or about deploying multiple Appliances for enterprise wide network protection refer to the Forescout Installation Guide and Forescout Administration Guide See Additional Forescout Documentation for information on how to access these guides Additionally you can navigate to the support website ...

Страница 6: ...ample if your policy depends on monitoring authorization events from endpoints to corporate authentication servers the Appliance will need to be installed so that it sees endpoint traffic flowing into authentication server s For more information about installation and deployment refer to the Forescout Installation Guide See Additional Forescout Documentation for information on how to access this g...

Страница 7: ...y pair Use 22 TCP to access the shared virtual IP address of the pair 25 TCP SMTP From Allows the Forescout platform access to the enterprise mail relay 53 UDP DNS From Allows the Forescout platform to resolve internal IP addresses 80 TCP HTTP To Allows HTTP redirection 123 UDP NTP From Allows the Forescout platform access to a local time server or ntp forescout net By default the Forescout platfo...

Страница 8: ...LS 2200 TCP SecureConnector for Linux To Allows SecureConnector to create a secure encrypted SSH connection to the Appliance from Linux machines SecureConnector is a script based agent that enables management of Linux endpoints while they are connected to the network 10003 TCP SecureConnector for Windows To Allows SecureConnector to create a secure encrypted TLS connection to the Appliance from Wi...

Страница 9: ...from the Console to the Appliance and from one Appliance to another Appliance communication includes communication with the Enterprise Manager and the Recovery Enterprise Manager using TLS Monitor Interface The monitor interface allows the Appliance to monitor and track network traffic Any available interface can be used as the monitor interface Traffic is mirrored to a port on the switch and moni...

Страница 10: ...interface can be used as the response interface Single VLAN When monitored traffic is generated from a single VLAN the response port must belong to the same VLAN In this case the Appliance requires a single IP address on that VLAN Multiple VLANs If monitored traffic is from more than one VLAN the response port must also be configured with 802 1Q VLAN tagging for the same VLANs The Appliance requir...

Страница 11: ... and one for downstream traffic except in the case of a recombination tap which combines the two duplex streams into a single port Note that if the traffic on the tapped port is 802 1Q VLAN tagged then the response port must also be 802 1Q VLAN tagged 3 Active Injection Capable Inline Tap The Appliance can use an active inline tap If the tap is injection capable the Appliance combines the monitor ...

Страница 12: ... minimizing the number of mirroring ports If the switch cannot use an 802 1Q VLAN tag on the mirroring port then do one of the following Mirror only a single VLAN Mirror a single untagged uplink port Use the IP layer response option If the switch can only mirror one port then mirror a single uplink port This may be tagged In general if the switch strips the 802 1Q VLAN tags you must use the IP lay...

Страница 13: ... Forescout supplied SFPs with Finisar SFPs that have been tested and approved by Forescout Refer to the Forescout Installation Guide for more details B Record the Interface Assignments After completing the Appliance installation at the data center and installing the Forescout Console you will be prompted to register interface assignments These assignments referred to as Channel definitions are ent...

Страница 14: ...power connector on the Appliance rear panel 2 Connect the other end of the power cable to a grounded AC outlet 3 Connect the keyboard and monitor to the Appliance or set up the Appliance for serial connection Refer to the Forescout Installation Guide for more information 4 Power on the Appliance from the front panel ...

Страница 15: ...lightly different prompts CounterACT Appliance boot is complete Press Enter to continue 1 Press Enter If you have a Forescout 51xx Appliance the following menu appears CounterACT 8 0 0 build options 1 Configure CounterACT 2 Restore saved CounterACT configuration 3 Identify and renumber network interfaces 4 Configure keyboard layout 5 Turn machine off 6 Reboot the machine Choice 1 6 1 If you have a...

Страница 16: ... setup 3 The High Availability Mode prompt opens Press Enter to select Standard Installation 4 The CounterACT Initial Setup prompt is displayed Press Enter to continue 5 The Select CounterACT Installation Type prompt opens Type 1 and press Enter to install a standard CounterACT Appliance The setup is initialized This may take a few moments 6 The Select Licensing Mode prompt opens Select the licens...

Страница 17: ...e than one DNS server address separate each address with a space Most internal DNS servers resolve external and internal addresses but you may need to include an external resolving DNS server As nearly all DNS queries performed by the Appliance will be for internal addresses the external DNS server should be listed last 11 The Setup Summary screen is displayed You are prompted to perform general c...

Страница 18: ... to the Forescout Administration Guide for more information about license management in Per Appliance licensing mode If your Forescout deployment is operating in Flexx Licensing Mode the Entitlement administrator should receive an email when the license entitlement is created and available in the Forescout Customer Portal Once available the Deployment administrator can activate the license in the ...

Страница 19: ...eshooting and maintenance tasks Perform the following to work with the iDRAC module Enable and Configure the iDRAC Module Connect the Module to the Network Login to iDRAC Enable and Configure the iDRAC Module Change the iDRAC settings to enable remote access on the CounterACT device This section describes basic integration settings required for working with the Forescout platform To configure iDRA...

Страница 20: ...you can update a dynamic DNS Optional IPV4 Settings Verify that the Enable IPv4 field is set to Enabled Set the Enable DHCP field to Enabled to use Dynamic IP Addressing or to Disabled to use Static IP Addressing If enabled DHCP will automatically assign the IP address gateway and subnet mask to iDRAC If disabled enter values for the Static IP Address Static Gateway and Static Subnet Mask fields 6...

Страница 21: ...e levels to Administrator Change Password Set a password for user login 9 Select Back and then select Finish Confirm the changed settings The configured settings are saved and the system reboots Connect the Module to the Network The iDRAC connects to an Ethernet network It is customary to connect it to a management network The following image shows the iDRAC port location on the rear panel of the ...

Страница 22: ... 3 Select Submit For further information about iDRAC refer to the iDRAC User s Guide You can access this guide in the following location https forescout com company resources idrac 9 user guide To identify your licensing mode From the Console select Help About Forescout It is very important to update the default root password if you have not done so already ...

Страница 23: ... in to the Appliance and run the following command fstool linktest The following information is displayed Management Interface status Pinging default gateway information Ping statistics Performing Name Resolution Test Test summary Perform a Ping Test Run the following command from the Appliance to a network desktop to verify connectivity Ping network_desktop_IP_address ...

Страница 24: ...hine running Windows 7 8 8 1 10 Windows Server 2008 2008 R2 2012 2012 R2 2016 Linux RHEL CentOS 7 macOS 10 12 10 13 10 14 2GB RAM 1GB disk space The following method is available for performing the Console installation Use the installation software built into your Appliance 4 Open a browser window from the Console computer 5 Type the following into the browser address line http Appliance_ip instal...

Страница 25: ...eld enter admin 4 In the Password field enter the password you created during Appliance installation 5 Select Login to launch the Console Perform Initial Setup When you log in for the first time the Initial Setup Wizard opens The Wizard guides you through essential configuration steps to get the Forescout platform up and running quickly and efficiently ...

Страница 26: ...e network segment VLANs to which the response interface is directly connected and a permanent IP address to be used by the Forescout platform at each such VLAN IP address range that this Appliance will monitor all the internal addresses including unused addresses LDAP user account information and the LDAP server IP address Domain credentials including the domain administrative account name and pas...

Страница 27: ...provides links to the full range of technical documentation To access the Forescout Resources Page Go to https www Forescout com company resources select Technical Documentation and search for documents Product Updates Portal The Product Updates Portal provides links to Forescout version releases Base and Content Modules and eyeExtend products as well as related documentation The portal also provi...

Страница 28: ...l Go to https updates forescout com support files counteract docs_portal and use your customer support credentials to log in Forescout Help Tools Access information directly from the Console Console Help Buttons Use context sensitive Help buttons to quickly access information about the tasks and topics you are working with Forescout Administration Guide Select Forescout Help from the Help menu Plu...

Отзывы:

Нет отзывов

Похожие инструкции для CounterACT

ABB i-bus KNX IPR/S 3.5.1 Product Manual preview
i-bus KNX IPR/S 3.5.1
Бренд: ABB Страницы: 44
B+B SmartWorx UR5i v2 Libratum Start Manual preview
UR5i v2 Libratum
Бренд: B+B SmartWorx Страницы: 8
B+B SmartWorx ICR-1601 Start Manual preview
ICR-1601
Бренд: B+B SmartWorx Страницы: 8
Datasat AP20 Installation And Operating Manual preview
AP20
Бренд: Datasat Страницы: 32
XIA Pixie-4 Express Software Manual preview
Pixie-4 Express
Бренд: XIA Страницы: 17
Accusys ACS-76500 Owner'S Manual preview
ACS-76500
Бренд: Accusys Страницы: 34
Stanwax Laser S4i Manual preview
S4i
Бренд: Stanwax Laser Страницы: 9
ekwb EK-FC Installation Manual preview
EK-FC
Бренд: ekwb Страницы: 2
IBM BladeCenter Management Module Installation And User Manual preview
BladeCenter Management Module
Бренд: IBM Страницы: 184
TP-Link ER8411 Installation Manual preview
ER8411
Бренд: TP-Link Страницы: 2
Paradyne Hotwire ATM Line Cards 8335 User Manual preview
Hotwire ATM Line Cards 8335
Бренд: Paradyne Страницы: 132
Danville Signal Processing dspstak 21262sx User Manual preview
dspstak 21262sx
Бренд: Danville Signal Processing Страницы: 35
A4Tech RH-10 User Manual preview
RH-10
Бренд: A4Tech Страницы: 8
Disc Makers Reflex10 User Manual preview
Reflex10
Бренд: Disc Makers Страницы: 38
ATI Technologies RADEON 9800 PRO Getting Started Manual preview
RADEON 9800 PRO
Бренд: ATI Technologies Страницы: 20
MiWire SeaWire Pro User Manual preview
SeaWire Pro
Бренд: MiWire Страницы: 24
B&B Electronics Elinx EIR510 Series Quick Start Manual preview
Elinx EIR510 Series
Бренд: B&B Electronics Страницы: 2
Casablanca W-500 Technical Bulletin preview
W-500
Бренд: Casablanca Страницы: 13

Бренды по названию

Популярные бренды

Загрузить еще бренды