SIEM Solutions & Log Management
ForeScout CounterACT simplifies SIEM integration to gain actionable intelligence.
IDG Connect: 2014 Cyber Defense Maturity Report for U.S., U.K. & DACH. Download »
Frost & Sullivan Report: "Continuous Compliance and Next Generation NAC"
ESG Report: Optimizing
ForeScout CounterACT Platform Brochure.
ForeScout White Paper: Blueprint for Continuous Monitoring & Mitigation Download »
ControlFabric Technologies Brochure.
ForeScout Company Overview
Gartner Report: "Magic Quadrant for Network Access Control"
CSO Mag Continuous Monitoring Video
Watch Now »
“Although many SIEM deployments have been funded to address regulatory compliance reporting requirements, the rise in successful targeted attacks has caused a growing number of organizations to use SIEM for threat management to improve security monitoring and early breach detection,” according to a recent Gartner report. “There is a danger of SIEM products (which are already complex) becoming too complex as vendors extend capabilities. Vendors that are able to provide deployment simplicity as they add function will be the most successful in the market.” 1
Security information event management (SIEM) / log management solutions provide the means to aggregate, store, manage, analyze diverse event logs source which helps organizations fortify compliance programs and optimize incident response through alerting, reporting, auditing and forensics functionality. While a security best practice, these tools:
Learn why ForeScout CounterACT is the most SIEM-integrated network access and endpoint compliance solution in the industry and how CounterACT can address common SIEM / log management challenges.
Using ForeScout CounterACT, organizations can simplify deployment and on-going use of log / security information event management (SIEM) systems by facilitating logging activation and enabling vigilant monitoring of logging sources – a crucial part of any successful SIEM program. CounterACT can identify thousands of known and new endpoint devices, such as business critical servers and virtual machines, as they connect to the network, and can dynamically:
CounterACT’s support for syslog, SNMP, LEEF, and common event format (CEF) allows any SIEM / logger to capture, retain and analyze events generated from ForeScout CounterACT including real-time network access violations, endpoint compliance problems and mobile security issues. ForeScout’s SIEM Integration Integration Module supplies these integrations via one or more easily-installed plugins.
With ForeScout, organizations can take advantage of CounterACT’s multi-factor device and application fingerprinting that can identify hardware, installed software, running services and processes, open ports and other criteria. Depending on the SIEM or logging platform, ForeScout can:
CounterACT’s threat mitigation capabilities can enforce user/device access policy and endpoint configuration compliance, as well as identify endpoint exhibiting malicious behavior (e.g. propagating worms). CounterACT can warn the user and provide the means to self-remediation (e.g. install anti-virus). Additional enforcement methods include device segregation and auto-remediation. Depending on the trigger and scripting ability of the SIEM / Logger platform, CounterACT can extend reaction options by:
CounterACT network access control (NAC), endpoint compliance and log integration enables security professionals to pre-empt threats while advancing incident response, breach forensics and compliance tasks.
See how ForeScout CounterACT can simplify your SIEM deployment and implementation, lower ongoing administrative costs, enhance endpoint intelligence and extend SIEM response capabilities.
(1) Gartner, Inc., “Magic Quadrant for Security Information and Event Management,” May 12, 2012, by Mark Nicolett and Kelly M. Kavanagh.
Webinars and Webcasts