McAfee Logon Collector 3.x, 2.x
This article describes the supported platforms, environments, and operating systems for Logon Collector.
Logon Collector requirements:
The computer that hosts Logon Collector must meet the following requirements:
|Operating System||One of the following Microsoft operating systems:
- Windows Server 2008 R2 (64-bit)
- Windows Server 2012 (64-bit)
- Windows Server 2012 R2 (64-bit)
|Operating System domain controllers||One of the following Microsoft servers:
- Windows Server 2008 R2
- Windows Server 2012
- Windows Server 2012 R2
|RAM (memory)||4 GB or higher|
|Disk space||20 GB free space|
|Processor||Pentium IV 2 GHz or faster|
|Software framework||Microsoft .NET framework 3.5|
|Web browser||One of the following web browsers:
NOTE: Forcepoint recommends using the latest browser versions.
- Microsoft Internet Explorer 8.x and later
- Mozilla Firefox 25 and later
- Google Chrome 40 and later
|Network connectivity||Network connectivity must exist from Logon Collector servers to the domain controllers of the Microsoft Active Directory domain that the Logon Collector or Logon Monitor is monitoring.|
|Resolution||Display set to a resolution of 1024x768 or greater|
|Monitored domains||The domain user (entered while adding a domain in Logon Collector) must have access rights to the security events logs on each domain controller.|
- The domain controller's functional level should not be higher than Logon Collector's Windows Server version.
- The domain controllers must have port 389 enabled for LDAP and port 636 for Secure LDAP queries.
|Domain Name System (DNS) resolution||Proper DNS resolution is a critical prerequisite for identities collection. The computers on which the Logon Collector or Logon Monitor are installed, and the client configured to collect identities, must be configured to refer to a DNS server that must be able to:
- Resolve any domain from which logons are collected.
- Provide forward resolution for all domain controllers from which logons are collected.
- Provide reverse resolution for all domain controllers from which logons are collected.
- Provide SRV records for one or more domain controllers in the domain from which logons are collected.