Forescout CounterACT Administrator Manual

Welcome to the official training manual for Forescout CounterACT. This document covers the essential concepts required for the administrator assessment.

1. System Architecture

• Enterprise Manager (EM): Centralized management appliance for large deployments.
• Appliances: Sensors that monitor traffic and enforce policies.
• CounterACT Console: The Windows-based GUI for administration.

2. Policy Management

Policies are the core of Forescout. They consist of:

• Scope: Which IP ranges to target.
• Main Rule: High-level filtering (e.g., Windows devices).
• Sub-Rules: Granular checks (e.g., Is Antivirus installed?).
• Actions: Response to matches (e.g., Send Email, Block Port).

3. Network Integration

Forescout integrates with switches and wireless controllers via SNMP (Read) and CLI (Write) to enforce ACLs and VLAN assignment.

Download Full PDF

← Back to Quizzes