Regulatory Compliance
ForeScout addresses a wide range of security requirements as specified by regulations in industries including healthcare, financial security, education, and US government/military institutions.
Challenges
Regulations continue to be enacted to address confidentiality of patient data, customer account numbers, credit card numbers and more.
Adhering to these regulatory standards and preparing for the accompanying audits can be painfully time consuming and expensive unless you have an automated approach to monitoring and controlling the devices on your network, enforcing security access levels, and reporting on the level of compliance with security policies.
ForeScout Helps Ensure Regulatory Compliance
ForeScout CounterACT helps meet compliance requirements in three critical areas:
1. Monitor and Control Netword Access
- ForeScout sees and can control everything on your network - every device, every operating system, every application.
- Grant network access based on the user's identity and the roles that you have defined in your directory. Guests, contractors, and employees should automatically be given different levels of network access, balancing their needs with the security requirements of the organization.
2. Endpoint Security Policy Enforcement
- ForeScout CounterACT ensures that every endpoint on your network is compliant with your antivirus policy, is properly patched, and is free of illegitimate software such as P2P.
- With ForeScout, you can be sure that 100% of your systems are authorized to be connected to your network.
3. Comprehensive Reporting
- Integrated reports help you monitor your level of policy compliance and fulfill regulatory audit requirements.
- Compliance audits that used to take days or weeks can now be produced in hours with real-time accuracy.
Real-time visibility and control of your networks helps demonstrate compliance with numerous industry regulations. ForeScout CounterACT covers a wide range of industry regulations, as in the following examples:
| Industry | Industry Regulation Addressed |
| Financial | PCI DSS, SOX, GLBA, FINRA (NASD, NYSE rules; SEC oversight) |
| Education | FERPA, Higher Education Opportunity Act of 2008 |
| Healthcare | HIPAA (access control, data confidentiality, integrity, availability and more), HITECH Act (breach notification) |
| U.S. Government | Requirements: DISA STIG (Department of Defense requirements for port-based network access control without 802.1x), FISMA, NERC and more
Certifications: Common Criteria (EAL2, EAL4+ in progress), FIPS 140-2 Contracts: Schedules (GSA, Multiple Award, Federal Supply), NASA SEWP/GWAC, ITES/2H, Encore II |
| Corporate governance | Standards for data security (e.g. protect intellectual property), acceptable use (e.g. block use of smart phones and other unmanaged devices), endpoint and network security, and more |
To learn more about how ForeScout's solutions can help you with your compliance requirements, contact us for more information.
Contact Us
(866) 377-8771
INT +1 (408) 213-3191
“ForeScout solved our compliance and our security problems.”
Todd Frazier, Culpeper County Government
Webinars

Whitepapers

Datasheets

Flash Product Demo

Success Stories

