ForeScout CounterACT - Network Access Control Appliance

• Is your antivirus, DLP, encryption, and patch management working as well as you think?
• Are all your systems healthy and compliant with your security policy?
• Are there any unauthorized devices on your network?
• Who is using forbidden software?

In short, do you really know how secure your network is?

ForeScout CounterACT Changes the Game.

ForeScout CounterACT is an integrated security appliance that provides real-time visibility and control of everything on your network -- all devices, all operating systems, all applications, all users. Over 500 Fortune 1000 enterprises and government/military agencies worldwide use ForeScout CounterACT to improve security and save money through automation.

With CounterACT, you can:

• See and control everything on your network -- devices, users, applications
• Detect gaps or failures of your existing security systems -- such as disabled antivirus
• Enforce security policies on endpoints
• Remediate vulnerabilities
• Block attacks inside your network perimeter
• Protect sensitive data
• Provide role-based network access
• Provision secure network access for guests and contractors
• Save money by improving the efficiency of your IT operation
• Save money by automating compliance audits

The ForeScout Difference

CounterACT is based on third generation Network Access Control (NAC) technology, improving on the deployment, accuracy and enforcement challenges of previous generations. Unlike other solutions, ForeScout CounterACT installs quickly and easily. It requires ZERO changes to your existing network infrastructure. No software to install. No hardware upgrades. Find out more on The Forescout Difference.

How it Works

The ForeScout CounterACT appliance is typically deployed off the span port of a distribution switch, but there are many other configurations. The appliance always sits out-of-band, which means that it introduces zero latency and never presents a single point of failure to your network. Once deployed, the CounterACT appliance monitors all network traffic, discovers network devices, builds an inventory of device characteristics, and enforces the policies that you configure.

Benefits

Reduce IT support costs. By identifying and reducing the number of non-operative or out-of-date endpoint security agents (antivirus, anti-spyware, etc.), you can reduce the amount of time you spend chasing viruses. By identifying and reducing the number of unmanageable systems on your network, you can reduce the number of helpdesk calls to fix broken systems. Find out just how Forescout can save you money.

Improve security. Detect whether the software agents that you have already purchased -- such as antivirus, encryption, data loss prevention, and patch management -- are deployed and operational on your managed systems. Detect gaps and failures. Automatically remediate endpoint security deficiencies. Read more about Forescout's policy enforcement.

Reduce auditing costs. Inventory and compliance audits that used to take days or weeks can now be addressed in hours with real-time, accurate reports on network control and policy compliance.

Automate guest network access for enhanced productivity. Allow visitors to use your network for Internet access without compromising network security. Automatically provision guest network access based on your policies.

See everything. In order to secure your network, you must first know what devices are connected. CounterACT shows you everything on your network -- managed or unmanaged devices, wired or wireless. Identify hidden infrastructure such as unauthorized wiring hubs and rogue wireless access points. Forescout leaves no stone unturned.

Make your network self-defending. Grant network access based on user identity and roles defined in your directory services. When problems arise, choose from a full spectrum of enforcement actions ranging from gentle (alerts) to aggressive (block or disable). Read about how Forescout gives you total control.

Stop the rogues. Identify infrastructure not sanctioned by IT including wiring hubs, wireless access points, and DHCP servers.

Minimize the risk of data loss. Monitor who is engaging in risky practices such as P2P applications, USB thumb drives, smart phones, etc. Choose your level of enforcement.

Protect against attacks. ForeScout's patented threat detection engine keeps your business running by protecting your internal network against zero-day threats without risk of false-positive alarms. Read more about how Forescout keeps you up and running with total security.

Endpoint compliance. Ensure that every endpoint on your network is compliant with your security policy and regulations -- for example: require antivirus, operating system patches; forbid software such as P2P. Read more here.

The Open NAC Alternative. Unlike proprietary NAC products, CounterACT is fast and easy to install because it supports an extensive range of third-party networking and security hardware and software. CounterACT interoperates with all major vendors and works in any network environment. Read how Forescout maintains universal support.