After logging into Falcon for the first time, you’ll see a brief orientation and then be guided to download the Falcon sensor.
Installing Falcon Prevent is a lot easier than installing standard antivirus solutions. Falcon Prevent is cloud-delivered, so the backend infrastructure is already up and running; you do not need to set up a management console. The installation process is the same whether you are installing on a workstation, server, laptop, virtual instances on-premise or virtual instances in the cloud.
*Note that while Falcon supports Windows, macOS, and Linux, this trial does not include Linux. To learn more about protecting your Linux systems, please contact us.
We recommend installing on a typical laptop or desktop in your organization that is connected to the Internet. There is no malware used in this scenario, but we will start in full prevention mode.
IMPORTANT: Before you begin, be sure to uninstall your existing AV solution. Later, we will review how using “detect only” mode allows for coexistence and easy deployment transitions.
1. Download and install the Falcon sensor
a.Navigate to the Download page.
b. Click the Download button.
c. Run the downloaded installer on the target computer to begin the installation process. Accept the license agreement. Click “Install” to continue.
Need help? Contact us.
d. After the installation is complete, click “Close”.
2. Verify the sensor installation in the Falcon interface
Falcon keeps a low profile and does not show a Windows system tray icon. You can ensure that your newly installed sensor is running and has connected to the cloud via the Falcon interface.
a. n the Falcon interface, go to Hosts > Host Management
b. Verify that you see the test computer’s hostname listed. The “Prevention Policy” column should show “platform_default” as the assigned policy. In some cases, it might take a few minutes before you see your host; refresh the page if needed.
3. Verify registered AV
Within Windows, you can verify that Falcon Prevent is the active anti-virus product for the system. Note that this step does not apply to Windows Server installations: Windows Server does not feature a control panel module that shows virus protection status.
a. Locate the Security and Maintenance section of the Windows Control Panel. Depending on your version of Windows, it may be easiest to search for “security and maintenance”.
b. Review the Security Section. You may need to dismiss existing notifications and/or expand the Security Section in order to locate the Virus protection section.
c. Confirm that CrowdStrike Falcon is listed under Virus protection.
If CrowdStrike Falcon does not appear, verify that you have uninstalled any previous antivirus product. Also ensure that the Falcon prevention policies are enabled (Cloud Machine learning enabled, Sensor Machine Learning enabled, Quarantine and Security Registration enabled).
In this section, you downloaded and installed Falcon Prevent. Did you notice that the sensor was small, took very little time to download, and didn’t require a reboot? This is because CrowdStrike’s unique architecture allows us to provide all the functionality of a traditional antivirus solution while consuming a fraction of the system resources.
Next, let’s look at the Falcon interface to see how detections will appear.