header-govt

Federal

ForeScout helps Government agencies, military and defense organizations keep networks secure and compliant with regulations such as FISMA.

Featured Video

Todd Frazier
Culpeper County
View now

Federal

White Paper

Webinar

Overview

Government agencies choose ForeScout for strong network security

ForeScout CounterACT is a network security appliance ideally suited to help local governments and Federal agencies control network access, protect sensitive data, and comply with regulations.

Government agencies have several unique characteristics that make network security very challenging:

  • Size. Large numbers of people, spread over wide geographies.
  • Connectivity. Government agencies often need to connect their networks to other public and private networks that are not completely trusted.
  • Heterogeneity. Because of government bidding requirements, government networks are typically comprised of equipment from multiple vendors.
  • Shared resources. Government agencies will often share their office space with other agencies and non-governmental entities. Physical control of the environment might not be possible.
  • Heightened need for security. State secrets and other extremely confidential information must be protected.

Government agencies also need to comply with internal government regulations such as FISMA and NERC.

Many government agencies at the Federal, state and municipal levels, and supporting contractors, use ForeScout CounterACT to accelerate “connect to comply” mandate, strengthen security enforcement, and prove regulatory compliance. ForeScout CounterACT delivers real-time visibility and control of all devices on the network.  CounterACT, a Common Criteria EAL 4+ solution, provides network access control, endpoint compliance, and threat control, all in one automated system.

Features

The features which make ForeScout CounterACT uniquely suited to address the challenges of government agencies are:

  • Scalability. ForeScout CounterACT has more large deployments than any other network access control solution. CounterACT has been proven in organizations as large as 190,000 endpoints who manage their entire network from a single centralized CounterACT enterprise manager console.
  • Compatibility. ForeScout CounterACT is an out-of-band, network-based appliance that works with your existing network infrastructure – no switch upgrades, no network reconfigurations.
  • Role-based access. ForeScout CounterACT ensures that only the right people with the right devices gain access to the right network resources. CounterACT leverages your existing directory services including user identity and role assignments.
  • Certifications. ForeScout CounterACT is a military-grade security product that has achieved widespread utilization within military environments. CounterACT has achieved the following certifications:
  • Government contracts. ForeScout CounterACT is listed in several government contracts to ease procurement:
    • GSA Schedules (also referred to as Multiple Award Schedules and Federal Supply Schedules)
    • NASA SEWP (Solutions for Enterprise-Wide Procurement) GWAC (Government-Wide Acquisition Contract)
    • ITES/2H (Managed and used by US Army. Also used by DoD and other federal agencies)
    • Encore II (Managed by DISA, Defense Information Systems Agency)

Benefits

With ForeScout CounterACT, government agencies achieve the following benefits:

Improve security
  • Ensure that unauthorized users are not on your network.
  • Reduce risk of data loss by ensuring that encryption and DLP agents are running, users are not running unauthorized applications or peripheral devices (e.g. USB memory sticks).
  • Reduce risk of infection by ensuring that antivirus is properly updated and vulnerabilities are patched.
  • Block rogue and unauthorized devices such as smartphones, tablets, wireless access points.
Save money
  • Reduce IT support costs. Large organizations have reported savings of up to $1 million per year with ForeScout CounterACT.
  • Avoid penalties of lost data. A secure network, with secure endpoints, is less likely to lose data. Avoid fines and the devastating costs of data loss.
Save time
  • Realtime information shows you problems on your network right now, so you can take action while the problem still exists.
  • Avoid time-consuming drills to repair infected workstations.
Avoid disruption
  • Unlike simplistic products that disrupt users with heavy-handed security controls, ForeScout CounterACT offers a full spectrum of enforcement actions ranging from gentle (notifications) to assertive (update software or kill processes). The range of enforcement actions helps you be more successful by working with users, not against them.
Improve network stability
  • Identify rogue network infrastructure such as wiring hubs, wireless access points, and DHCP servers. Often these unauthorized devices are the source of network instability and outages.
Painless deployment
  • ForeScout CounterACT is a simple appliance that installs out-of-band on your network.   It requires no software installation. Installation can be completed in one afternoon, full operation including policy enforcement in a matter of days.
Security Assurance
  • With EAL4+, government agencies can be assured that the specification, implementation and effectiveness of CounterACT for Network Access Control have been evaluated in a rigorous and standardized manner to meet their security and compliance needs.

Tour

 

Windows PC inventory with missing updates

ForeScout CounterACT shows you in realtime which PCs on your network contain vulnerabilities.

Virtual Client-unauthorized changes

ForeScout CounterACT can identify unauthorized changes to PC configurations or software.

Unauthorized processes

ForeScout CounterACT shows you which PCs are running unauthorized processes.

Unapproved Network WiFi device

ForeScout CounterACT identifies rogue WiFi devices.

Kill peer-to-peer user experience

ForeScout CounterACT lets you kill unauthorized software, keeping endpoint systems in compliance with your security policies.

Resources