Real-time Network Security Platform
ForeScout CounterACT is a real-time network security platform that lets you see and control everything on your network—all devices, all apps, all users.
SANS Critical Security Controls - See how NAC closes gaps.
Download »
EMA analyst report on assuring network access control (NAC) success. Download »
IDC analyst report on architecting a mobile security/BYOD strategy. Download »
Control who and what is accessing your network with CounterACT.
View the datasheet »
Learn more about ForeScout solutions by downloading the brochure. Download »
The Tolly Group evaluates
the leading NAC products
across 34 criteria points.
Download report »
Enable any means access to corporate network resources without compromising security. Download Snapshot»
Gartner 2012 NAC Magic Quadrant. Download Report»
CounterACT in Action Feature Film (<3 min) Watch Video»
Learn more about ForeScout solutions by downloading the brochure.
Download »
EMA analyst report on assuring network access control (NAC) success.
Download »
IDC analyst report on architecting a mobile security/BYOD strategy.
Download »
ForeScout CounterACT is a real-time network security platform that lets you see and control everything on your network—all devices, all apps, all users.
ForeScout CounterACT is a real-time network security platform that delivers dynamic visibility and control of all devices on your network. ForeScout CounterACT automatically identifies who and what is on your network, controls access to your network, measures compliance with your security policies, blocks network threats, and remediates endpoint security violations when they occur. CounterACT makes you smarter, your network more secure, and your staff less busy by automating tasks that are currently laborious.
ForeScout CounterACT employs a proven approach for IT risk management, as shown in the diagram below. Every device that accesses your network is identified, controlled, remediated (if you wish), and continuously monitored to ensure compliance and protection.
The primary solutions provided by ForeScout CounterACT are:
ForeScout CounterACT for Network Access Control enables employee, guest and contractor access your network - wherever, however and whenever – without compromising your security. CounterACT integrates with your current network, security and identity infrastructure to assure the right users and their devices gain appropriate access. Leveraging built-in policy templates, CounterACT can automatically manage employee and guest access in a way that is seamless for those that comply and automated for those that don’t. CounterACT is the most superior NAC solution on the market. Don’t just take our word for it, get a 24-page, comprehensive comparative report on the leading NAC products produced by The Tolly Group.
ForeScout CounterACT for Mobile Security provides real-time visibility and control for smartphones, tablets, netbooks and other corporate and personal mobile devices connected to your network. Our solution complements/enables Wireless Access Points (WAP), Virtual Desktop Infrastructure (VDI), Mobile Enterprise Application Platforms (MEAP) and Mobile Device Management (MDM) approaches. CounterACT can automatically identify and fingerprint managed and personal mobile devices, facility employees or guests using multiple devices, can eliminate rogue WAP, and identify malicious network activity. With CounterACT for Mobile Security, you can let users enjoy the productivity benefits of modern handhelds while you protect your network against data loss and malicious threats. Learn more about our CounterACT module that adds native support for iOS and Android platforms, options for CounterACT/MDM integration, and ForeScout’s cloud-based mobile device lifecycle management.
ForeScout MDM, powered by MaaS360, includes all of the essential functionality that you need for end-to-end management of iOS, Android, Blackberry, and Windows Phone devices. ForeScout MDM integrates with ForeScout CounterACT, our flagship network security and policy automation system, to give you unified visibility and control over everything on your network. ForeScout MDM is a cloud-based solution, so deployment is quick and easy. ForeScout MDM is powered by MaaS360, a powerful cloud-based technology used by over 1200 companies around the world, and named the “Clear Choice Test” winner by Network World.
ForeScout CounterACT for Endpoint Compliance automatically enforces security policies for everyone and everything on your network, which helps you minimize your security risks. Because ForeScout CounterACT is agentless, it works with all type of endpoints–managed and unmanaged, known and unknown, physical, mobile and virtual. CounterACT can discover security weaknesses with your existing agent-based security systems that would otherwise go undetected. Literally, CounterACT can find and fix endpoint violations without IT intervention – saving your organization considerable time, resources and money.
ForeScout’s patented ActiveResponse™ technology is included in every product that we sell. ForeScout ActiveResponse blocks both known and unknown attacks with 100% accuracy. This unique technology does not require signature updates, nor suffers from false positives. And since operates with zero maintenance, you automatically gain real-time protection inside your network in full blocking mode. ForeScout CounterACT provided zero-day protection against Conficker, Zeus and Stuxnet. To also apply advanced threat protection on the perimeter, check out our CounterACT Edge solution.
ForeScout CounterACT gives you real-time endpoint intelligence and security posture awareness. Our platform integrates with leading network, security, host-based security system (HBSS) and identity platforms to support compliance mandates. In addition, CounterACT supports the leading security information event management (SIEM) systems to provide endpoint configuration details, correlate access and compliance violations, and expedite incident response. Within CounterACT, our built-in report templates helps organizations monitor policy compliance levels, support regulatory audit requirements, and produce real-time inventory reports. As a result, CounterACT effectuates GRC initiatives and reduces auditing processes.
ForeScout CounterACT is dramatically easier and faster to deploy than traditional policy enforcement products. Here is why:
ForeScout CounterACT for Network Access Control allows guests to register for access to your network without compromising your internal network security.
ForeScout CounterACT for Mobile Security lets you see and control handheld devices on your network.
ForeScout CounterACT monitors your network to identify non-compliant computers.
ForeScout CounterACT can automatically remediate non-compliant computers.
Watch how ForeScout CounterACT lets IT managers see everything on the network−devices, users, software, peripherals, vulnerabilities, and more.
| Feature | ForeScout CounterACT | Infrastructure solutions (Cisco, Juniper, etc.) | Agent-based solutions (Symantec, etc.) |
|---|---|---|---|
| Number of components | |||
| Centralized management | |||
| Support for 802.1x port enforcement | |||
| Support for non-802.1x port enforcement | |||
| Effective on unmanaged/unknown endpoints | |||
| Support for non-desktop OS devices (iOS, Android, BlackBerry, printers, wireless access points, etc.) | |||
| Integrates with 3rd party products |
| Feature | ForeScout CounterACT | Infrastructure solutions (Cisco, Juniper, etc.) | Agent-based solutions (Symantec, etc.) |
|---|---|---|---|
| Speed of installation | |||
| Out-of-band deployment | |||
| Support for phased deployment | |||
| Centralized deployment | |||
| Decentralized deployment | |||
| Scalability |
| Feature | ForeScout CounterACT | Infrastructure solutions (Cisco, Juniper, etc.) | Agent-based solutions (Symantec, etc.) |
|---|---|---|---|
| Real-time detection of managed devices | |||
| Real-time detection of unmanaged devices | |||
| Security posture of managed endpoints | varies | ||
| Security posture of unmanaged endpoints | |||
| Real-time inventory of applications, services, users, devices, vulnerabilities | |||
| Track changes of endpoint software or configuration |
| Feature | ForeScout CounterACT | Infrastructure solutions (Cisco, Juniper, etc.) | Agent-based solutions (Symantec, etc.) |
|---|---|---|---|
| Alerting actions | |||
| Blocking actions | |||
| Switch ACL management | |||
| Role-based traffic control | varies | ||
| Quarantine | |||
| Update antivirus | |||
| Install / restart security agents | |||
| Kill process | |||
| Disable unauthorized peripheral device | |||
| Block malicious traffic on the network | |||
| Guest registration |