Skip to main content

CrowdStrike Falcon Protection (Windows EXE)

Description

Needing to deploy to Crowdstrike Falcon antivirus to your Windows fleet? FileWave has you covered.

CrowdStrike's flagship product is called Falcon, which is a cloud-native platform that combines next-generation antivirus, endpoint detection and response (EDR), threat intelligence, and proactive threat hunting. Falcon aims to provide real-time visibility into endpoint activity, rapid threat detection, and automated response to security incidents.

Ingredients

  • FileWave Admin Central
  • Crowdstrike EXE installer
  • Crowdstrike License code

Directions

Deploying the Crowdstrike Falcon to your devices

CrowdStrike deployment for Windows devices has one Fileset. This Fileset includes an EXE with launch arguments to be customized with your CrowdStrike license code.

The Fileset included with the EXE installer is the latest version of CrowdStrike. If you have an EXE installer provided by CrowdStrike, you may replace with your own EXE installer version.

CrowdStrike Windows Installation.fileset.zip

WindowsCrowdStrike.png

Customizing the Installation EXE

Editing the Fileset EXE

 

  1. Highlight the CrowdStrike Windows Installation Fileset
  2. Double-Click to open the Fileset Contents
  3. Highlight and select the .exe file.
  4. Click on 'Get Info'
 WindowsCrowdStrike1.png

Enter in your CrowdStrike License code

 

  1. Select the tab 'Executable.'
  2. Under the tab 'Launch Arguments' highlight CID=
  3. Enter in your CrowdStrike License code.
  4. Click the Apply to save your changes to the Launch Arguments
  5. Close the Get Info Window to save your changes.
 WindowsCrowdStrike2.png

Please Note: Launch Argument NO_START=1 is intended if the desired outcome if you want CrowdStrike to start after the first reboot post-install. If not, remove NO_START=1 from the Launch Argument list.

Creating a Fileset Group

Keeping your Filesets organized is good practice, especially if there are multiple Filesets for software deployment or organziation based on specific platform of deployment.

You may create a New Fileset Group, label it CrowdStrike Falcon (Windows 2023), and move the Fileset you created into this Group. Then associate the Fileset Group labeled CrowdStrike Flacon (Windows 2023) to your devices versus individual Filesets.

When ready, associate the Fileset Group labeled CrowdStrike Falcon (Windows 2023) to a few devices as a test. This is to verify and confirm that the software is installed properly based on your license code configured.

For best practice, always test a few devices before mass deployment.

Related Content

2 Comments
Michael Engelsen
Michael Engelsen  commented 9 months ago
#1

The NO_START=1 launch argument is causing problems (preventing the CrowdStrike sensor service from starting). I removed this (1) launch argument. The exe install is (now) working as-expected.

Josh Levitsky
Josh Levitsky  commented 9 months ago
#2

In reply to #1

Hi Michael. I think you'll find NO_START=1 just makes it not run until the next reboot. I suppose it could be desired to have that behavior but probably more for installing it in to an image. Maybe we should mention that and edit the template though.

Back to top