Skip to content
English - United States
More support
  • There are no suggestions because the search field is empty.

Crowdstrike EDR Pre-installation task

Introduction

This guide provides a detailed process for configuring CrowdStrike Falcon to exclude specific localhost ports by creating custom firewall rules. Properly setting these exclusions is essential to ensure that applications such as the Flurp function as intended and that installation issues are minimized.

 

Steps to Add a Localhost Port Exclusion

1. Log in to the CrowdStrike Falcon Console

  • Access the CrowdStrike Falcon Console.
  • Navigate to the Firewall Management section under the Configuration app.

Placeholder for screenshot: Falcon Console main dashboard

 

2. Select or Create a Firewall Policy

  • Choose an existing firewall policy or create a new one for the target systems.

Placeholder for screenshot: Firewall Policy list and creation interface

 

3. Add a Custom Firewall Rule

Configure the new rule with the following settings:

  • Action: Allow
  • Direction: Inbound, Outbound, or Both, as required
  • Protocol: TCP, UDP, or Both, depending on application requirements
  • Local Address: 127.0.0.1 (targets localhost)
  • Remote Address: (Optional) 127.0.0.1 to restrict the rule strictly to localhost traffic
  • Port: Enter the required port number (e.g., 8080)

Placeholder for screenshot: Rule configuration panel with highlighted settings

 

 

4. Save and Deploy the Policy

  • Save your changes.
  • Deploy the updated policy to all relevant hosts.

Placeholder for screenshot: Save and deploy policy confirmation

 

 

Troubleshooting Installation Issues

If installation is unsuccessful, or the Flurp remains grey after installation:

  • Verify that the firewall rule was applied correctly.
  • Ensure that the specific port and address information matches your application's requirements.
  • Confirm that no other security software is blocking required local traffic.
  • For persistent issues, refer to the comprehensive CrowdStrike Exception Guide for further troubleshooting and advanced exclusions.

Important: If the sensor installation is blocked or the Flurp status does not return to Red, Amber, or Green, a broader CrowdStrike exception may be required.

 

Quick Checklist

  • Logged in to the CrowdStrike Falcon Console.
  • Selected or created the appropriate firewall policy.
  • Configured a firewall rule with correct settings (Action, Direction, Protocol, Local/Remote Address, Port).
  • Saved and deployed the policy to the target hosts.
  • Reviewed troubleshooting steps if issues persist.

 

For further assistance, consult your administrator or reach out to Netarx support.