AWS Marketplace

Creating endpoint security policies with CrowdStrike’s Falcon Endpoint Protection

The term “endpoints” usually refers to user devices, such as laptops and servers. Cloud-based endpoints, however, include more than just the device: databases, instances, services, and applications. As endpoints have changed, endpoint security has expanded from a simple antivirus solution to an integrated set of advanced visibility and security features. Endpoint security solutions now offer full protection for online and offline endpoints in cloud environments.

Many security groups are designing their cloud strategies, especially around cloud migration, with endpoint security in mind.

In this post, I will show how to find, install, and create a policy in the CrowdStrike Falcon Endpoint Protection Premium software product from AWS Marketplace.

How to create an endpoint security policy

Prerequisites

Install CrowdStrike Falcon Endpoint Protection Premium product by following these steps:

  1. Go to the product detail page in AWS Marketplace, where you’ll find a product overview, pricing and usage information, support information, and customer reviews.
  2. Click Continue to Subscribe in the upper right corner. Next, select the appropriate contract duration and options for your organization.
  3. Finally, select the Create Contract button to subscribe to CrowdStrike: Falcon Endpoint Protection Premium.

How to create an endpoint security policy using CrowdStrike Falcon Endpoint Protection Premium

  1. Once you have subscribed to CrowdStrike Falcon Endpoint Protection Premium and registered, you will be provided with a login URL. Click on this URL.
  2. At the login page, enter the email address you used for registration, click Continue, and then enter your password.
  3. You will be taken to the CrowdStrike Falcon Endpoint Protection Premium dashboard. On the left side of the dashboard, select the menu icon with three lines, as shown in the image below.

crowdstrike menu icon

  1. Select the Prevention Policies option from the menu, as shown in the image below.

crowdstrike select prevention policies

  1. You will be taken to the Prevention Policies page and may see some default policies created. Select the Add new policy option to create a new policy, as shown in the screen shot below.

crowdstrike add new policy

  1. Name your policy and add an optional description of the policy. In this example, I am naming the policy “Test1” and adding a description of “Test.” After you have named your policy, click the Create button. The screen shot below shows the New Policy Details window.

crowdstrike name policy

  1. Now you can view your new policy. Select the action items to enable. I have selected to enable the ransomware protection option, as shown in the screen shot below.

crowdstrike select ransomware protection

  1. Click the Save button at the top right to save your changes to the policy, as shown in the screen shot below.

crowdstrike save changes to policy

  1. Review the changes you made in the dialogue box that follows. Select cancel if you want to cancel; I chose Confirm, as shown in the screen shot below.

crowdstrike confirm policies

  1. Enable your new endpoint security policy by selecting the Enable option at the top right of the page, as shown in the screen shot below.

crowdstrike enable policy changes

Congratulations! Your new endpoint security policy is in place.

Conclusion

In this post, I showed you how to use CrowdStrike Falcon Endpoint Protection Premium from AWS Marketplace to create policies to help improve your endpoint security.

Next steps

For more information, view the webinar, watch a tutorial video and download the detailed seller guide, and explore CrowdStrike products in AWS Marketplace.