September 26, 2023
ForeScout (NAC, Network Access Control) Compliance on the Mac
What you need to be compliant for NAC:
Enroll in PEAS
To enroll your Mac in PEAS, refer to KB0034657
If you are unsure whether you are enrolled in PEAS, open a Finder window and check your Applications folder for the Self Service application. If Self Service is there, then you are enrolled.
Installing the ForeScout SecureConnector
1. Open the Self Service application to download the ForeScout SecureConnector application
2. Log in using your user name and password, then click the Install button in Self Service
Note: To verify that ForeScout SecureConnector is installed, simply find it in your Applications folder, nothing else is necessary.
Installing CrowdStrike AntiVirus
1. Open the Self Service application to download the CrowdStrike AV application
2. Log in using your username and password, then click the Install button in Self Service
Note: Installing CrowdStrike AntiVirus also installs the PEAS Menu, which gives you information on CrowdStrike and Forescout
Encrypting your Mac
Any Mac that is enrolled in PEAS will prompt you for encryption on reboot if you are not encrypted. Depending on your version of the Mac operating system, it will ask when you log out, or log back in.
1. To determine if you are encrypted, open System Preferences, and click Security & Privacy
2. With FileVault selected, you will be able to see your encryption status:
- When FileVault is set to on, then your computer is encrypted.
- If FileVault is off, then your computer is not encrypted.
3. If you are enrolled in PEAS, it is recommended that you reboot, and when prompted, click Encrypt. Upon reboot, you will see this window:
4. Click Enable Now to begin the encryption process.