Posts Tagged ‘P2P’

Enforcing your Acceptable Use Policy

Wednesday, June 30th, 2010

Would your company be more secure if all employees knew about and followed the Acceptable Use Policy?

The Acceptable Use Policy (AUP) is a cornerstone of IT security. The AUP defines how a company’s IT resources can be used. Most companies require all employees to read and sign the AUP, typically when the employee first hires on and annually thereafter.

The problem is that this is a perfunctory exercise at best. Most companies do not have a good mechanism for catching employees who violate the AUP. As a result, employees’ awareness of and level of commitment to the AUP is typically very low. In such an environment, is it no wonder that most employees feel that security is unimportant and that taking risks with IT data is acceptable.

ForeScout CounterACT lets you take a proactive stance on your AUP and provide a real sense of user participation in your security program. For example, if your organization’s AUP states that instant messaging (IM) should not be utilized, ForeScout CounterACT can be used to enforce this policy. If an employee installs IM on their company-issued computer, CounterACT can detect this, can notify the employee of the AUP violation, and can direct the employee to the intranet page where the company’s AUP is stored. Education is swift and timely. And the message is given that the organization takes security very seriously.

ForeScout CounterACT is typically purchased for network access control, but this example shows that the product is a whole lot more powerful than just NAC.

  • Share/Bookmark

Tags: , , , , , , , ,
Posted in Uncategorized | No Comments »

How to Detect, Disable & Remove
P2P with CounterACT

Wednesday, March 4th, 2009

As we said in our last blog, CounterACT is able to detect, disable and remove any P2P application running on an endpoint

ForeScout CounterACT customers will find an easy-to-use peer-to-peer compliance template (including usage guidelines and screen shots) in our online support knowledgebase.  CounterACT also support the creation and use of custom policies.

CounterACT’s clientless foundation offers the flexibility to conduct a remote inspection of the P2P application footprint without requiring a client or agent of any kind. For example, CounterACT can be used to inspect endpoints for any registry, file, service, port and/or process.

Note: When we say “without requiring a client or agent of any kind” we mean CounterACT can inspect endpoints for registry, files, services, port and/or process without relying on a client (Nessus, NMAP, etc.) to conduct compliance checks.

CounterACT also offers many techniques to mitigate the risks associated with peer-to-peer applications. For example:

CounterACT offers a template policy to kill each detected instance of a P2P process.

To complement the “Kill P2P” action, CounterACT offers alert and reporting mechanisms that can be used to auto-enforce “compliance and training” and enable forensics and continued compliance. For example, an email notification might be sent to a user whose laptop is found to be in violation of a “no P2P” security mandate; a copy of the email might be sent to the compliance and forensics staff; repeat offenders might be required to attend a code-of-conduct “refresher” course, etc.

To further alert and train users on corporate policy, CounterACT can be used to trigger other general department- or company-wide alerts (via Syslog/HTTP notifications/emails, etc.).

And to further reinforce the “Kill P2P” action, CounterACT’s powerful Run Script engine (for Windows, Macintosh and Linux operating systems) might be used to automate and centrally manage key remediation actions across the entire network (such as deleting P2P and other applications files, deploying anti-virus updates, and more).

For more information on this topic read the press release.

  • Share/Bookmark

Tags: , ,
Posted in ForeScout | No Comments »

NAC Plugs P2P Security Holes

Monday, March 2nd, 2009

It is no surprise that workers using common peer-to-peer (P2P) networks to share media files may be putting corporations at risk of data theft. But the problem and potential impact may be larger then we think.

The loss of blueprints for President Obama’s Marine One helicopter (CNET 2/28/09) to a cyber thief in Iran is just one of many recent P2P network breaches.

ForeScout CounterACT’s unique ability to see every IP device connected to the network and control all connections down to the switch port is helping corporate enterprises and federal organizations protect against such theft. With CounterACT, any P2P program running on any IP device on the network can be automatically discovered, shutdown, and de-installed in real-time, with or without notification to the end-user.

Recent incidents that could have been prevented with CounterACT include:

  • 1. A team of Dartmouth researchers found peer-to-peer (P2P) networks littered with sensitive healthcare information inadvertently made available by employees of hospitals and other healthcare facilities, as well as their collection agencies and other business partners. Scientific American, 2/20/2009
  • 2. Wagner Resource Group and Supreme Court Justice Breyer – Peer-to Peer security breach led to the loss of personal information for 800 clients of a Washington-area investment firm, including that of Supreme Court Justice Stephen Breyer that included private information, including birth dates and Social Security numbers – Nextgov, 7/10/09
  • 3. Citigroup’s ABN Amro Mortgage Group – Files containing social security numbers and other personal information on over 5,000 customers of a Citigroup’s ABN Amro Mortgage Group were inadvertently downloaded onto an Internet P2P file-sharing network – Dark Reading – 9/24/2007.

Contact us to learn more about how ForeScout CounterACT can be used to plug P2P security holes in your network.

  • Share/Bookmark

Tags: , , ,
Posted in ForeScout | No Comments »