ForeScout CounterACT is a platform that enables pervasive network security and allows IT organizations to efficiently address a numerous access, endpoint compliance and threat management challenges even within today’s complex, dynamic and expansive enterprise networks. Taking advantage of next-gen network access control (NAC) capabilities, CounterACT delivers both real-time intelligence and policy-based control to preempt threats and remediate problems while preserving business productivity.
Network Access Control
ForeScout CounterACT for Network Access Control is an network security platform that lets you see, monitor, and control your network – devices, operating systems, applications and users. ForeScout CounterACT lets employees, contractors, and guests remain productive on your network while you protect critical network resources and sensitive data.
ForeScout CounterACT delivers extensive interoperability through ControlFabric architecture. ControlFabric is an open set of integration technologies that enable ForeScout CounterACT and other solutions to exchange information and resolve a wide variety of network, security and operational issues.
Based on next-generation network access control (NAC) technologies, ForeScout CounterACT is easy to install because it requires no software, no agents, no hardware upgrades or reconfigurations. Comprehensive network access control functions are contained within a single appliance or virtual appliance.
Bring Your Own Device
The foundation of ForeScout’s mobile security solution is ForeScout CounterACT. This network-based appliance works with PCs and handheld devices. It gives you immediate, real-time visibility of device on your network without the need for agents. No software to download, no enrollment to administer. It tells you who each user is and who owns each device. It ties into directory services and provides role-based network access control. Different users and devices get different access. The price is low, and the impact to your users is trivial because it’s transparent.
If you need stronger mobile security, then we offer ForeScout CounterACT with our optional ForeScout Mobile Security Module. With this you get enhanced device security for Android and iOS devices. ForeScout Mobile Security Module gives you deep inspection of Android and iOS devices, so you can determine the device’s configuration. Is a password configured? Is encyption turned on? This lets you enforce more sophisticated network access control policies than you can with just CounterACT by itself.
ForeScout MDM Integration Module provides the most flexible, comprehensive and seamless integration between ForeScout and the leading MDM vendors: Fiberlink MaaS360, AirWatch, MobileIron, and Citrix XenMobile and SAP Afaria. This approach secures enterprise mobility by giving you the advantage of automated enrollment, on-access MDM profile checking, network mitigation and unified network security. Rather than manage separate network security policies for PCs vs. handheld devices, you can see devices (managed, unmanaged, wired and wireless, PC or mobile) and configure a single set of network access control policies – within ForeScout CounterACT. This way you can easily track and enforce those policies regardless of whether the user has a PC, a Mac, a smartphone or a tablet.
CounterACT’s support for syslog, SNMP, LEEF, and common event format (CEF) allows any SIEM / logger to capture, retain and analyze events generated from ForeScout CounterACT including real-time network access violations, endpoint compliance problems and mobile security issues. ForeScout’s SIEM Integration Integration Module supplies these integrations via one or more easily-installed plugins.
CounterACT’s threat mitigation capabilities can enforce user/device access policy and endpoint configuration compliance, as well as identify endpoint exhibiting malicious behavior (e.g. propagating worms). CounterACT can warn the user and provide the means to self-remediation (e.g. install anti-virus). Additional enforcement methods include device segregation and auto-remediation. Depending on the trigger and scripting ability of the SIEM / Logger platform, CounterACT can extend reaction options by:
- Quarantining the offending endpoint to a specified VLAN
- Attempting to background remediate the issue
- Removing the offending endpoint off the network
ForeScout CounterACT can ensure that endpoints on your network are compliant with your security policies. For example, CounterACT can ensure that antivirus is up-to-date, the operating system is properly patched, and the computer is free of illegitimate software such as P2P. Because ForeScout CounterACT is agentless, it works with your endpoints–managed and unmanaged, known and unknown, physical and virtual. CounterACT can discover weaknesses in your existing agent-based security systems that would otherwise go undetected.
When CounterACT discovers a security problem, it can automatically fix the problem, or it can leverage your existing remediation or helpdesk systems. A range of integrations are available through ForeScout’s ControlFabricarchitecture to allow you to leverage the information produced by CounterACT with other IT management systems.