As we said in our last blog, CounterACT is able to detect, disable and remove any P2P application running on an endpoint
ForeScout CounterACT customers will find an easy-to-use peer-to-peer compliance template (including usage guidelines and screen shots) in our online support knowledgebase. CounterACT also support the creation and use of custom policies.
CounterACT’s clientless foundation offers the flexibility to conduct a remote inspection of the P2P application footprint without requiring a client or agent of any kind. For example, CounterACT can be used to inspect endpoints for any registry, file, service, port and/or process.
Note: When we say “without requiring a client or agent of any kind” we mean CounterACT can inspect endpoints for registry, files, services, port and/or process without relying on a client (Nessus, NMAP, etc.) to conduct compliance checks.
CounterACT also offers many techniques to mitigate the risks associated with peer-to-peer applications. For example:
CounterACT offers a template policy to kill each detected instance of a P2P process.
To complement the “Kill P2P” action, CounterACT offers alert and reporting mechanisms that can be used to auto-enforce “compliance and training” and enable forensics and continued compliance. For example, an email notification might be sent to a user whose laptop is found to be in violation of a “no P2P” security mandate; a copy of the email might be sent to the compliance and forensics staff; repeat offenders might be required to attend a code-of-conduct “refresher” course, etc.
To further alert and train users on corporate policy, CounterACT can be used to trigger other general department- or company-wide alerts (via Syslog/HTTP notifications/emails, etc.).
And to further reinforce the “Kill P2P” action, CounterACT’s powerful Run Script engine (for Windows, Macintosh and Linux operating systems) might be used to automate and centrally manage key remediation actions across the entire network (such as deleting P2P and other applications files, deploying anti-virus updates, and more).
For more information on this topic read the press release.
Tags: disable P2P, P2P, peer-to-peer