KB Article | Forcepoint Support

Problem Description

Environment

McAfee Logon Collector 3.x, 2.x

Summary

This article describes the supported platforms, environments, and operating systems for Logon Collector.
 
Logon Collector requirements:
The computer that hosts Logon Collector must meet the following requirements:
 
ComponentRequirements
Operating SystemOne of the following Microsoft operating systems:
  • Windows Server 2008 R2 (64-bit)
  • Windows Server 2012 (64-bit)
  • Windows Server 2012 R2 (64-bit)
Operating System domain controllersOne of the following Microsoft servers:
  • Windows Server 2008 R2
  • Windows Server 2012
  • Windows Server 2012 R2
RAM (memory)4 GB or higher
Disk space20 GB free space
ProcessorPentium IV 2 GHz or faster
Software frameworkMicrosoft .NET framework 3.5
Web browserOne of the following web browsers:
  • Microsoft Internet Explorer 8.x and later
  • Mozilla Firefox 25 and later
  • Google Chrome 40 and later
NOTE: Forcepoint recommends using the latest browser versions.
Network connectivityNetwork connectivity must exist from Logon Collector servers to the domain controllers of the Microsoft Active Directory domain that the Logon Collector or Logon Monitor is monitoring.
ResolutionDisplay set to a resolution of 1024x768 or greater
Monitored domainsThe domain user (entered while adding a domain in Logon Collector) must have access rights to the security events logs on each domain controller.

Domain controllers
  • The domain controller's functional level should not be higher than Logon Collector's Windows Server version.
  • The domain controllers must have port 389 enabled for LDAP and port 636 for Secure LDAP queries.
Domain Name System (DNS) resolutionProper DNS resolution is a critical prerequisite for identities collection. The computers on which the Logon Collector or Logon Monitor are installed, and the client configured to collect identities, must be configured to refer to a DNS server that must be able to:
  • Resolve any domain from which logons are collected.
  • Provide forward resolution for all domain controllers from which logons are collected.
  • Provide reverse resolution for all domain controllers from which logons are collected.
  • Provide SRV records for one or more domain controllers in the domain from which logons are collected.

Article Feedback



Thank you for the feedback and comments.