Policy Enforcement

ForeScout CounterACT enforces security policies by monitoring the level of endpoint policy compliance, identifying systems and users that are non-compliant, and automatically remediating security problems.

Challenges

Wouldn't it be embarrassing if your organization learned - the hard way - that the endpoint security controls you spent lots of money on are not installed and working properly on 100% of your endpoints?

Many organizations spend millions on endpoint security tools - such as antivirus, encryption, data loss prevention (DLP), and so on -- only to have end users turn off or otherwise disable those tools. Even in well-managed enterprises, host-based security tools typically are out-of-date or totally non-operational on 10% to 20% of systems.

The problem can be significant. In 2007, Microsoft reported that fewer than 50% of their endpoint computers were fully compliant with their security policies.

You need a way to ensure that the security tools that you have purchased are completely deployed and operational. Unfortunately, you can't trust the tools themselves. They are blind to their blind spots and typically over-report their level of deployment. You need an independent tool to confirm proper operation and automatically remediate security deficiencies, such as updating antivirus, installing and/or activating DLP agents, etc.

And how about computers that you don't own? In today's mobile business environment, it is common to have guests and contractors trying to connect their computers to your network. This brings a risk of malware infection, or worse, loss of confidential data.

ForeScout CounterACT solves policy enforcement

Visibility
ForeScout CounterACT can identify non-compliant computers - who owns them and where they are.

Reporting
ForeScout CounterACT contains built-in and configurable reports to help you prove your level of compliance over time.

Remediation
ForeScout CounterACT can automatically remediate endpoint security deficiencies to ensure there is never a gap in your security policy.

Network Control
With ForeScout CounterACT, you can allow visitors to use your network for Internet access without compromising your internal network security. Automated procedures require no manual intervention by your IT staff.

How It Works

ForeScout CounterACT gives you the power of full policy enforcement. Here's how it works:

• Create security policies that are right for your enterprise. CounterACT includes pre-built templates and a simple, easy-to-use wizard that guides you through every step of policy creation. CounterACT will use these policies as instructions to automate your security.
• The moment a device accesses your network, CounterACT will determine what kind of device it is - everything ranging from a dumb hub to fully authenticated end user PC. See complete details.
• If the device is an end user PC, CounterACT will determine its owner via authentication credentials and/or passive listening on the network.
• CounterACT will profile the endpoint and perform an integrity check on the user's computer.
• CounterACT will then compare the authentication and integrity check results against the policies you have set.
• A policy enforcement decision will then be made on what network access levels to provide the user, and CounterACT will also apply any of the various alerting, informing, or control options.
• Once the PC is allowed the appropriate network access, CounterACT continuously monitors the traffic coming from the endpoint to ensure that the state of the endpoint does not change.

Contact us for more information on how ForeScout CounterACT can help you.