ForeScout delivers pervasive network security by allowing organizations to continuously monitor and mitigate security exposures and cyber attacks. The company’s CounterACT™ appliance dynamically identifies and assesses all network users, endpoints and applications to provide complete visibility, intelligence and policy-based mitigation of security issues. ForeScout’s open ControlFabric™ technology allows a broad range of IT security products and management systems to share information and automate remediation actions.
Enterprise IT Security Challenges
One challenge for today’s enterprise is how to provide greater network accessibility while enforcing security standards. Attempting to maintain security policies for various types of devices and users connecting through numerous access mechanisms can be very difficult without more automated intelligence and management.
Another challenge is how to make better use of traditional IT security systems given today’s dynamic and complex network and an evolving threat landscape. Traditional IT controls are based on the reliance on endpoint security software, periodic vulnerability scans, and multitude of security products. This defense-in-depth model is a best practice, but results in a huge amount of data and often-isolated controls. When viewed as a whole, this conventional approach exhibits a number of problems such as:
- Inadequate visibility and control over all endpoints on the network, especially BYOD devices
- Lack of real-time monitoring and continuous diagnostics
- Lack of sharing of information between security products, diminishing control context
- Lack of automation to respond quickly to exposures and to contain advanced threats
The Answer – ForeScout CounterACT and ControlFabric
ForeScout CounterACT is a proven, enterprise-scale network security solution that has been adopted by over 1500 enterprises and government organizations. CounterACT natively addresses the first two problems (real-time visibility and continuous monitoring) by identifying and assessing all network users, endpoints and applications in real-time. Armed with this intelligence, CounterACT lets the organization easily phase-in powerful network and endpoint security policies.
Out-of-the-box, ForeScout CounterACT allows IT organizations to readily understand and control how all users, systems and devices, including mobile devices and VMs, access network resources and applications. Once you configure pre-defined and custom security policies within CounterACT, the system automatically:
- enforces network access policy
- controls mobile and personal device access
- eliminates network intrusion threats
- finds and fixes gaps in endpoint security
- ForeScout’s CounterACT is fast, flexible and easy for administrators to deploy, manage and maintain. Everything is contained within a single appliance that seamlessly integrates into your existing environment, offering day-one results with no changes to your network
Our ForeScout ControlFabric architecture helps solve the second set of problems listed above. ControlFabric is an open technology that enables CounterACT and other IT solutions to exchange information, gain greater operational context and automate actions. This reduces the problem of information silos. Finally, CounterACT brings real-time control and automated remediation to IT security systems that heretofore have been limited to collecting, generating, analyzing or storing information (e.g. SIEM, ADT, VA, CMDB).
ForeScout’s ControlFabric partner ecosystem supports an array of popular network and security products. CounterACT includes a range of ControlFabric integrations at no extra charge. These base integrations link CounterACT to specific network infrastructure, system management and endpoint software. ForeScout also sells and supports CounterACT integration modules that offer more advanced interoperability with leading network and security systems.
As a result, IT security managers can achieve continuous monitoring and mitigation capabilities that better leverage their existing investments, optimize their IT resources, and enhance their overall security posture.