Find and fix gaps in endpoint security, from a simple network appliance.
IDC Connect: 2014 Cyber Defense Maturity Report for U.S., U.K. & DACH. Download »
Frost & Sullivan Report: "Continuous Compliance and Next Generation NAC"
ESG Report: Optimizing
ForeScout CounterACT Platform Brochure.
ForeScout White Paper: Blueprint for Continuous Monitoring & Mitigation Download »
ControlFabric Technologies Brochure.
ForeScout Company Overview
Gartner Report: "Magic Quadrant for Network Access Control"
CSO Mag Continuous Monitoring Video
Watch Now »
ForeScout CounterACT is an automated security control platform that delivers real-time visibility and control of devices on your network. ForeScout CounterACT automatically measures compliance with your security policies and remediates endpoint security deficiencies.
Many organizations spend millions on endpoint security tools – such as antivirus, encryption, data loss prevention (DLP), and so on – only to have end users turn off or disable those tools. Even in well-managed enterprises, host-based security tools sometimes do not work properly.
Obtaining an accurate picture of what is happening on your network is extraordinarily difficult. Security teams are often unaware that the information provided to them by existing agent-based security systems (Symantec, McAfee, Trend, Sophos, etc.) or patch management systems (BigFix, Lumension, Microsoft, etc.) is incorrect. Despite the availability of sophisticated security tools, Microsoft reported in 2007 that fewer than 50% of their endpoint computers were fully compliant with their security policies.
Another problem is the fact that auditing policy compliance consumes time and resources that can be doing other things. Security teams do the best they can with limited resources, but they need automated tools to audit endpoint compliance, and provide remediation services when required.
ForeScout CounterACT solves these problems. ForeScout CounterACT can ensure that endpoints on your network are compliant with your security policies. For example, CounterACT can ensure that antivirus is up-to-date, the operating system is properly patched, and the computer is free of illegitimate software such as P2P. Because ForeScout CounterACT is agentless, it works with your endpoints–managed and unmanaged, known and unknown, physical and virtual. CounterACT can discover weaknesses in your existing agent-based security systems that would otherwise go undetected.
When CounterACT discovers a security problem, it can automatically fix the problem, or it can leverage your existing remediation or helpdesk systems. A range of integrations are available through ForeScout’s ControlFabric architecture to allow you to leverage the information produced by CounterACT with other IT management systems.
ForeScout CounterACT automatically enforces security policies on your network, which helps minimize your security risks. Features include:
ForeScout CounterACT lets you create security policies that are right for your enterprise. Pre-built policy templates and wizards speed creation of the policies, and a built-in knowledgebase of common security configurations make it easy.
ForeScout CounterACT can identify non-compliant computers – who owns them, where they are, and how they are non-compliant with your security policies. A few examples of security posture information that CounterACT can see are:
ForeScout CounterACT will detect when devices or users are out of compliance with your security policy and track down users who are engaging in risky behavior such as using P2P applications, USB drives, smart phones, and other unauthorized activities. Non-compliant computers and/or users will be displayed in the main console, including reason for non-compliance and details such as location of the device. CounterACT’s built-in compliance dashboard and canned reports let you monitor overall compliance trends.
When CounterACT detects a policy violation, CounterACT can automatically take action such as alert, advise, restrict, remediate, and disable. Unlike other products, CounterACT gives you a wide range of actions to choose from, including just-in-time notification to end-users that they have just violated security policy.
ForeScout CounterACT includes a wide range of endpoint remediation actions. CounterACT can direct the anti-virus server to auto-update the non-compliant host, or it can prompt the patch management system to update the device’s operating system, or it can disable unauthorized software. The range of actions is shown below.
The information generated by ForeScout CounterACT can be exported to your existing GRC or reporting systems. Integrations are available for most leading SIEM systems, and end-users can build custom integrations with the Open Integration Module.
ForeScout CounterACT’s RemoteControl feature extends endpoint visibility and control beyond the enterprise network. This allows you to monitor and enforce security policies on corporate and enrolled-BYOD endpoints operating outside the corporate network and in the cloud.
¹ CounterACT RemoteControl feature planned availability – early 2015
Click image to enlarge.
Best Practices Guides
Webinars and Webcasts