FALCON PREVENT FREE TRIAL FAQ
What is Falcon Prevent?
Falcon Prevent provides next generation antivirus (NGAV) capabilities, delivering comprehensive and proven protection to defend your organization against both malware and malware-free attacks. Incorporating identification of known malware, machine learning for unknown malware, exploit blocking and advanced Indicator of Attack (IOA) behavioral techniques, CrowdStrike Falcon Prevent allows organizations to confidently replace their existing legacy AV solutions.
What operating systems are supported in the Falcon Prevent Free Trial?
Falcon supports Windows, Mac and Linux operating systems. However, the free trial will only cover Windows and Mac operating systems. If you’d like to test other sensor versions please contact us.
Supported Windows OS:
- Windows 7 SP1 x86 and x64
- Windows 7 Embedded (available from sensor build 2.28.5012)
- Windows 10, Windows 10 Anniversary Build, Windows 10 Creators Update
- Windows Server 2008 R2 SP1 x64 (OS available as x64 only)
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
Supported Mac OS:
- Apple macOS Mojave 10.14 (sensor 4.13.7501 and later)
- Apple macOS High Sierra 10.13 (sensor 3.6.5703 and later)
What browsers are supported?
The Falcon Admin UI can be accessed through Google Chrome only.
How do I add a user to the trial?
To add a second user in your organization add them as a user in the Falcon UI in the “Users” app.
How do I use the AV Resource Monitor Tool?
During the performance testing scenario, a resource monitoring tool is used to measure performance of any installed AV solution.
1. Download the tool from the link provided in the test scenario to the host being tested and launch.
2. After accepting the license agreement, simply click “Start”. Allow the tool to run for a few minutes then press “Stop”. The tool will look at a number of factors to output a score, “A” is a good score, down to “E” a poor score.
Can CrowdStrike Falcon protect endpoints if they are not connected to the cloud?
Yes, indeed, the lightweight Falcon sensor that runs on each endpoint includes all the prevention technologies required to protect the endpoint, whether it is online or offline. Those technologies include machine learning to protect against known and zero-day malware, exploit blocking, hash blocking and CrowdStrike’s behavioral artificial intelligence heuristic algorithms, known as Indicators of Attack (IOAs).
Can I use CrowdStrike Falcon to replace my current AV solution?
Yes, CrowdStrike Falcon Prevent if a fully certified AV replacement solution and allows organizations to confidently replace their existing legacy AV. Incorporating identification and prevention of known malware, machine learning for unknown malware, exploit blocking and advanced Indicator of Attack (IOA) behavioral techniques, Falcon Prevent protects against attacks whether your endpoints are online or offline. Falcon Prevent also features integration with Windows System Center, for those organizations who need to prove compliance with appropriate regulatory requirements.
Can CrowdStrike Falcon be used for compliance requirements?
Yes, CrowdStrike Falcon can help organizations in their efforts to meet numerous compliance and certification requirements. Falcon has received third-party validation for the following regulations: PCI DSS v3.2 | HIPAA | NIST | FFIEC | PCI Forensics | NSA-CIRA | SOC 2 | CSA-STAR | AMTSO | AV Comparatives.
Can Falcon Prevent block attacks?
Yes, Falcon Prevent offers powerful and comprehensive prevention capabilities. Falcon Prevent can stop execution of malicious code, block zero-day exploits, kill processes and contain command and control callbacks.
Do I need a large staff to maintain my CrowdStrike Falcon environment?
No, CrowdStrike Falcon delivers next-generation endpoint protection via the cloud. A key element of “next gen” is reducing overhead, friction and cost in protecting your environment. There is no on-premises equipment to be maintained, managed or updated. The Falcon sensor is unobtrusive in terms of endpoint system resources and updates are seamless, requiring no re-boots. The Falcon web-based management console provides an intuitive and informative view of your complete environment.
Does the Falcon sensor interfere with other endpoint software?
No, Falcon was designed to interoperate without obstructing other endpoint security solutions, including third-party AV and malware detection systems.
Do you install the same sensor on workstations and servers?
Yes, due to a non disk scanning nature of Falcon prevent, you can install on workstations and servers.
Is CrowdStrike Falcon cloud-based or on-premises?
CrowdStrike Falcon is a 100 percent cloud-based solution, offering Security as a Service (SaaS) to customers. Falcon requires no servers or controllers to be installed, freeing you from the cost and hassle of managing, maintaining and updating on-premises software or equipment.
Does Falcon Prevent protect against ransomware?
Falcon Prevent uses an array of complementary prevention and detection methods to protect against ransomware:
- Blocking of known ransomware
- Exploit blocking to stop the execution and spread of ransomware via unpatched vulnerabilities
- Machine learning for detection of previously unknown “zero-day” ransomware
- Indicators of Attack (IOAs) through behavioral analysis to identify and block additional unknown ransomware, as well as new categories of ransomware that do not use files to encrypt victims’ data
What happens at the end of my free trial?
During your free trial the Falcon web interface will indicate the number of days left in your free trial. At the end of this period access to the Falcon UI will be terminated. However if you’d like to extend your time or have additional questions, reach out on the Free Trial webpage.
How do I uninstall the Falcon sensor?
To uninstall the falcon sensor on a single host navigate to Control Panel > Programs > Programs and Features. Highlight “CrowdStrike Windows Sensor” then click “Uninstall”. Follow the prompts to complete the process. If you have installed with a password protected sensors, you will need to use the same password to uninstall.