Fortiedr Installation and Administration Guide

Fortiedr Installation and Administration Guide

FortiEDR Installation and Administration Guide Version 4.1 FORTINET DOCUMENT LIBRARY https://docs.fortinet.com FORTINET VIDEO GUIDE https://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com FORTINET TRAINING & CERTIFICATION PROGRAM https://www.fortinet.com/support-and-training/training.html NSE INSTITUTE https://training.fortinet.com FORTIGUARD CENTER https://fortiguard.com/ END USER LICENSE AGREEMENT https://www.fortinet.com/doc/legal/EULA.pdf FEEDBACK Email: [email protected] March 2020 FortiEDR Installation and Administration Guide Table of Contents Chapter 1 – INTRODUCING FortiEDR ................................................................. 10 Introduction .............................................................................................................................................. 10 Execution Prevention ........................................................................................................................................................10 Data Exfiltration .................................................................................................................................................................10 Ransomware .....................................................................................................................................................................10 Threat Hunting ..................................................................................................................................................................11 FortiEDR Technology ........................................................................................................................................................11 FortiEDR Components ............................................................................................................................ 12 Overview ...........................................................................................................................................................................12 FortiEDR Collector ............................................................................................................................................................12 FortiEDR Core ...................................................................................................................................................................13 FortiEDR Aggregator .........................................................................................................................................................14 FortiEDR Central Manager ................................................................................................................................................14 FortiEDR Cloud Service ....................................................................................................................................................14 How Does FortiEDR Work? ..................................................................................................................... 15 Using FortiEDR – Workflow .................................................................................................................... 16 Setup Workflow Overview .................................................................................................................................................16 Ongoing Workflow Overview .............................................................................................................................................17 Chapter 2 – INSTALLING FortiEDR ..................................................................... 18 Before You Start ...................................................................................................................................... 18 System Requirements .......................................................................................................................................................18 Installing the FortiEDR Threat-hunting Repository ............................................................................... 19 Installing the FortiEDR Central Manager and FortiEDR Aggregator on the Same Machine ............... 24 FortiEDR CLI Commands .................................................................................................................................................29 Launching the FortiEDR Central Manager for the First Time ............................................................................................29 Installing the FortiEDR Core ................................................................................................................... 33 Preparing for FortiEDR Core Installation ...........................................................................................................................33 Installing the FortiEDR Core on Linux ...............................................................................................................................33 Installing FortiEDR Collectors ................................................................................................................ 38 Preparing for FortiEDR Collector Installation ....................................................................................................................38 Installing a FortiEDR Collector ..........................................................................................................................................38 Automated FortiEDR Collector Deployment on Windows .................................................................................................44 Automated FortiEDR Collector Deployment on Mac .........................................................................................................45 Creating a Custom FortiEDR Installer for Windows ..........................................................................................................46 Creating a Custom FortiEDR Installer for MAC .................................................................................................................48 FortiEDR Installation and Administration Manual 3 Fortinet Technologies Inc. Working with FortiEDR on VDI Environments ...................................................................................................................48 Working with FortiEDR on VDI Environments for Citrix XenDesktop VDI or XenApp .......................................................49 Uninstalling a FortiEDR Collector ......................................................................................................................................49 Upgrading FortiEDR Components .......................................................................................................... 50 Upgrading the Central Manager ........................................................................................................................................50 Upgrading the Aggregator .................................................................................................................................................51 Upgrading the Core ...........................................................................................................................................................51 Upgrading the Collector ....................................................................................................................................................52 Chapter 3 – SECURITY SETTINGS ...................................................................... 53 Introducing FortiEDR Security Policies ................................................................................................. 53 Exfiltration Prevention/Ransomware Prevention/Execution Prevention/Device Control ...................................................53 Protection or Simulation Mode ..........................................................................................................................................54 Security Policies Page ......................................................................................................................................................55 Setting a Security Policy's Prevention or Simulation Mode ................................................................. 56 Creating a New Security Policy .............................................................................................................. 57 Assigning a Security Policy to a Collector Group ................................................................................. 58 Playbook Policies .................................................................................................................................... 59 Automated Incident Response - Playbooks Page .............................................................................................................59 Assigned Collector Groups ...............................................................................................................................................60 Exceptions ............................................................................................................................................... 66 Chapter 4 – INVENTORY ...................................................................................... 68 Introducing the Inventory .......................................................................................................................

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    202 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us