Regulatory Compliance

Overview

Regulatory Compliance

ForeScout’s real-time controls and automated reporting help you easily demonstrate compliance with security regulations

ForeScout CounterACT and the ControlFabric architecture address a wide range of security regulations in industries such as healthcare, financial security, education, and US government/military institutions.

The Problem

Regulatory compliance is a critical concern for many organizations.   However, implementing the proper security controls and demonstrating compliance can be very costly.

One thing that increases the cost of compliance is the fact that most security control systems are point-products which apply to just a portion of the IT infrastructure, for example, just Windows computers owned by the organization. When controls are not comprehensive, multiple tools need to be used to cover the IT spectrum.

A second driver of high compliance costs is the manual labor and effort required to produce reports. Some of this can be mitigated by specialized GRC reporting tools. However, these tools are only as good as the information that goes into them.   If information going into these tools is neither comprehensive nor automated, extra effort must be applied to produce a full compliance report.

What organizations need to minimize the costs associated with regulatory compliance is an automated, comprehensive, real-time security control and reporting system.

ForeScout’s Solution

ForeScout CounterACT is an automated security control platform that lets you see and control your network–devices, operating systems, applications, users. The comprehensive set of information gathered by ForeScout CounterACT, and the comprehensive controls that CounterACT can apply across your IT environment, help reduce your regulatory compliance costs.

ForeScout CounterACT gives you real-time visibility of your network. Reports help you monitor your level of regulatory compliance and support regulatory audits. Compliance audits that used to take days or weeks can now be produced in hours with real-time accuracy.

Through ready-made and custom-built ControlFabric integrations, you can easily export information generated by CounterACT to your other IT control and reporting systems.

Features

Features

ForeScout CounterACT automatically enforces security policies and produces automated, real-time reports that demonstrate compliance.   Features include:

Coverage

Unlike traditional agent-based security systems, ForeScout CounterACT allows you to enforce security policies on each device on your network–known and unknown, managed and unmanaged, corporate and personal.

Policy Manager

ForeScout CounterACT lets you monitor and enforce security policies for your network and endpoint computers in accordance with government regulations. Pre-built policy templates and wizards speed creation of the policies, and a built-in knowledgebase of common security configurations make it easy.

Visibility

ForeScout CounterACT can identify non-compliant computers–who owns them, where they are, and how they are non-compliant with your security policies. A few examples of security posture information that CounterACT can see are:

  • Anti-malware agent status (installed/running)
  • Anti-malware signature version
  • Patch management agent status (installed/running)
  • Operating system vulnerabilities
  • Firewall status (installed/running)
  • Processes and services installed or running
  • Registry and configuration
  • Applications installed/running
  • P2P/IM clients Installed/running
  • Peripheral devices (type, make, model)
  • Malicious traffic (worm propagation, device spoofing, intrusion, spam, etc.)
  • Rogue NAT/DHCP behavior
Compliance Engine

ForeScout CounterACT will detect when devices or users are out of compliance with your security policy. Non-compliant computers and/or users will be displayed in the main console, including the reason for non-compliance and details such as location of the device. CounterACT’s built-in compliance dashboard and canned reports let you monitor overall compliance trends.

Policy Enforcement

When CounterACT detects a policy violation, CounterACT can automatically take action such as alert, advise, restrict, remediate, and disable. Unlike first-generation products, CounterACT gives you a wide range of actions to choose from, including just-in-time notification to end-users that they have just violated security policy.

Network Access Control

ForeScout CounterACT controls network access based on the user’s identity, the roles that you have defined in your directory, and the security posture of the device.. Guests, contractors, and employees can automatically be given different levels of network access, balancing their needs with the security requirements of the organization.

Automated Reporting

Integrated reports help you monitor your level of policy compliance and fulfill regulatory audit requirements. Compliance audits that used to take days or weeks can now be produced in hours with real-time accuracy.

ForeScout CounterACT helps you meet a wide range of industry regulations, including the following:

Industry Industry Regulation Addressed
Financial PCI DSS, SOX, GLBA, FINRA (NASD, NYSE rules; SEC oversight)
Education FERPA, Higher Education Opportunity Act of 2008
Healthcare HIPAA (access control, data confidentiality, integrity, availability and more), HITECH Act (breach notification)
U.S. Government DISA STIG (Department of Defense requirements for port-based network access control), FISMA, NERC, others
Corporate governance Standards for data security (e.g. protect intellectual property), acceptable use (e.g. block use of smart phones and other unmanaged devices), endpoint and network security, and more
ControlFabric Integration

The information generated by ForeScout CounterACT can be exported to your existing GRC or reporting systems. Integrations are available for most leading SIEM systems, and end-users can build custom integrations with the Open Integration Module.

Benefits

Benefits

Real-time

Real-time information and reporting produces more accurate and timely information than periodic compliance audits.

Comprehensive

Comprehensive coverage (of the devices on your network) ensures that you get the information you need in one report.

Automated

Automated compliance reports save time and effort. Automated remediation ensure that non-compliant systems are brought into compliance without manual intervention..

Non-disruptive

Unlike simplistic products that disrupt users with heavy-handed security controls, ForeScout CounterACT offers a full spectrum of enforcement actions ranging from gentle (notifications) to assertive (update software or kill processes). The range of enforcement actions helps you be more successful by working with users, not against them.

Save money

ForeScout’s advanced automation allow large organizations to save as much as $1 million per year.

Save time

Realtime data and reports show you problems on your network right now, letting you take action while the problem still exists. And by improving your security posture, you will suffer fewer infections and be able to avoid time-consuming exercises such as repairing infected workstations..

Product Tours

Product Screenshots

Click image to enlarge.

 

 

Dashboard

ForeScout CounterACT dashboard shows you compliance trends over time.

Windows PC inventory with missing updates

ForeScout CounterACT shows you in realtime which PCs on your network contain vulnerabilities.

Virtual Client-unauthorized changes

ForeScout CounterACT can identify unauthorized changes to PC configurations or software.