Protect data by controlling USB ports, blocking applications like P2P and IM, ensuring that endpoints are secure, and
controlling access to your network.
IDG Connect: 2014 Cyber Defense Maturity Report for U.S., U.K. & DACH. Download »
Frost & Sullivan Report: "Continuous Compliance and Next Generation NAC"
ESG Report: Optimizing
ForeScout CounterACT Platform Brochure.
ForeScout White Paper: Blueprint for Continuous Monitoring & Mitigation Download »
ControlFabric Technologies Brochure.
ForeScout Company Overview
Gartner Report: "Magic Quadrant for Network Access Control"
CSO Mag Continuous Monitoring Video
Watch Now »
ForeScout CounterACT helps protect your sensitive data by providing real-time visibility and control of devices, users and applications on your network.
You may have already deployed data security controls such as encryption, DLP, and data access policies. These controls are good, but are they sufficient? Are they working properly on your endpoint systems? How can you be sure?
Consider these issues:
You may also have security policies that prohibit running unauthorized applications or utilizing unencrypted USB memory devices. But how do you detect whether users are complying with your policies? How do you educate users of your policies? How do you enforce your policies?
ForeScout CounterACT solves these problems. CounterACT is an automated security control platform that gives you realtime visibility and control over both managed and unmanaged endpoints. Since CounterACT operates over the network, it does not rely on host-based software, thus it avoids the complexity and problematic nature of agent-based security systems.
ForeScout CounterACT includes five layers of data security protection:
|Physical Layer||Allow only authorized users on your network|
|Network Layer||Block attacks within your network|
|System Layer||Ensure that security agents are deployed and working – antivirus, encryption, DLP, etc. – and the operating system is properly patched|
|Application Layer||Detect which computers have outdated, vulnerable applications|
|User Layer||Educate users with real-time notifications when they violate security policies. Or, prevent use of unauthorized applications or USB devices by automatically disabling them.|
ForeScout CounterACT helps you protect your sensitive data by giving you real-time visibility and control of devices, users and applications on your network. Features include:
ForeScout CounterACT lets you create and enforce security policies to protect your data. Configuration and administration is fast and easy thanks to CounterACT’s built-in policy wizard and knowledge base of device classifications, rules and reports.
ForeScout CounterACT will enforce network access policies to ensue that unauthorized users and rogue network devices are not on your network.
A secure system is less likely to lose data than one which is infected or compromised. ForeScout CounterACT ensures that your endpoint systems have up-to-date security software (antivirus, encryption, etc.) and are properly patched.
ForeScout CounterACT is agentless, which allows it to work with your endpoints–managed and unmanaged, known and unknown, physical and virtual. CounterACT can discover gaps and weaknesses in your existing agent-based security systems that would otherwise go undetected.
ForeScout CounterACT can automatically remediate endpoint security deficiencies. CounterACT includes a wide spectrum of remediation options which lets you tailor the action to fit the severity of the incidence:
These days, most attacks come from compromised systems inside the network. ForeScout CounterACT contains a patented threat-detection engine that protects your network from zero-day threats and infected systems. Our unique technology does not require signature updates or other forms of maintenance. ForeScout CounterACT provided zero-day protection against Conficker, Zeus and Stuxnet.
ForeScout CounterACT lets you monitor who is running forbidden applications such as P2P, or using USB memory sticks, etc. Send users who are violating policies just-in-time notifications, including an auditable acknowledgement that the user has read the security policy that they just violated. Optionally disable or kill prohibited devices or processes.
The information generated by ForeScout CounterACT can be exported to your other IT management and security systems. Integrations are available for most leading SIEM systems, Advanced Threat Management systems, and other endpoint management systems. Customers can build custom integrations with the Open Integration Module.
ForeScout CounterACT is an extremely valuable component of an overall data security program. Benefits include:
Unlike traditional agent-based security systems, ForeScout CounterACT is a simple appliance that installs out-of-band on your network. It requires no software installation. It works without agents.
Unlike traditional agent-based security systems, ForeScout CounterACT allows you to enforce security policies of devices on your network–known and unknown, managed and unmanaged, corporate and personal.
ForeScout CounterACT sees problems in real-time and can react without the need for manual intervention. Response is fast, and valuable time of IT administrators is not wasted.
Unlike simplistic products that disrupt users with heavy-handed security controls, ForeScout CounterACT offers a full spectrum of enforcement actions ranging from gentle (notifications) to more assertive (update software) to most aggressive (kill process, block from network). The range of enforcement actions helps you be more successful by working with users, not against them.
ForeScout CounterACT works with what you have–your existing switches, routers, firewalls, endpoints, patch management systems, antivirus systems, directories, ticketing systems. We take what you have and make it better.
ForeScout CounterACT provides useful results on Day 1 by giving you visibility to problems on your network. The built-in knowledge base helps you configure security policies quickly and accurately.
Click image to enlarge.
Webinars and Webcasts