Omnicom Media Group

View the Omnicom Media Group Case Study

Omnicom Media Group Taps ForeScout CounterACT to Reduce Risks and Improve Security for 38 Offices and 5,500 Employees Across EMEA

“The platform easily adapted to our infrastructure – it literally only took a few days to deploy.”

– David King, Technical Services Director, EMEA, Omnicom Media Group


The primary business objective for OMG’s deployment of the CounterACT™ platform is to have complete, policy-based visibility with regards to who and what is on its network and to proactively protect network resources for its 38 offices and 5,500 employees in Europe, the Middle East and Africa.


CounterACT helps OMG reduce and manage risk via a simple to install appliance that offers an agentless approach and flexible policy that preserves the user experience. The system offers a wealth of interoperability characteristics that enable seamless integration across the variety of networks and systems OMG has in place throughout EMEA.

  • Delivered real-time visibility and assessment of all endpoints on the network
  • Rapid deployment using agentless approach and plug-n-play architecture to support diverse infrastructure at each site
  • Advanced threat prevention by blocking rogue devices and systems that exhibit malicious activity, such as zero-day threats and worms
  • Supports roles-based controls and audit processes, which helps OMG with Sarbanes-Oxley compliance
  • Saved hours and costs by automating identification of policy violations and informing users to remediate their systems
Customer Overview

Omnicom Media Group (OMG) is the media services division of Omnicom Group Inc. (NYSE: OMC), the leading global advertising, marketing and corporate communications company, providing services to over 5,000 clients in more than 100 countries. The company was looking for a solution that would give it complete visibility as to knowing who and what is on its network and to proactively protect network resources across 38 offices and 5,500 employees in Europe, the Middle East and Africa. The company also wanted a system that would seamlessly integrate with various operating environments without requiring material changes to the existing infrastructure at each site.

Why ForeScout

OMG implemented ForeScout CounterACT, in its U.S. offices in 2006. Because of the platform’s ability to support OMG’s diverse operating environment, the integrated functionality, the sheer level of network visibility provided via an agentless approach and the means to phase in policy without disrupting user experience, OMG chose to rollout the solution throughout its international network.

David King, technical services director, EMEA, for Omnicom Media Group, said, “In Europe, we initially deployed CounterACT in our data centre about two years ago. The platform easily adapted to our infrastructure – it literally only took a few days to deploy. As with most implementations, we are learning and tweaking functions and expanding policies every month. Most recently we deployed CounterACT in Norway, which took less than a day since we could apply many of the same rules used in the U.K. office.” King continued, “We currently have ForeScout CounterACT in four locations in Europe, and we will double that figure this year with deployments planned in Spain, France, the Czech Republic and Italy.”

How ForeScout Helped

Being a leading international company OMG has numerous security controls in place – many of which are facilitated by ForeScout CounterACT. Specific pain-points for OMG include staff use of ‘potentially unsafe’ applications, such as Dropbox and Skype, without realizing the associated security risks. With CounterACT the team was not only able to detect attempts to use these applications, but was also able to automate user notifications to let them know of approved alternative applications.

Another critical use case is in regard to validating and assuring secure and standard system configuration. In particular, CounterACT supports OMG’s implementation of Symantec’s Altiris software, an agent-based configuration management system used by operations. CounterACT’s role is to monitor that Altiris is running on every endpoint to maintain system integrity. Should Altiris be disabled, damaged, uninstalled or non-existent, CounterACT can re-activate or install the Altiris agent and inform the action via an alert to the ticketing systems. The same is true for Symantec endpoint protection such as Symantec anti-virus.

King commented, “All of our systems are managed by Symantec Altiris, and Symantec is also responsible for our endpoint protection – but they can only manage something if it is installed and properly running on a device. With CounterACT, we have a way to check, in real-time, all endpoints to make sure they have the necessary security controls in place. Our response teams are alerted of any material issues and reports are sent to the helpdesk for remediation as needed.”

OMG has also seen an increase in audit requests from their customers. “Clients are increasingly asking the question: how do I know systems are secure and that our data is safe? In response, we provide an overview of all our security tools and schedules – including NAC, vulnerability management via Qualys and patch schedules while also detailing our ITIL best practice guidelines and server security assurances. These elements give peace of mind knowing we have solid network security.”

The ForeScout Difference

Real-time Visibility

CounterACT lets OMG see, monitor and control all devices, operating systems, applications and users on the network via its agentless appliance. The system also protects the OMG network by allowing IT to instantly see and block any rogue device.

Endpoint Policy Enforcement

OMG can apply policies such as ensuring that all devices are running Altiris and up-to-date antivirus while blocking any unauthorized applications.

Regulatory Compliance

CounterACT supports OMG’s roles-based audit controls by leveraging Active Directory so they can see who is doing what; who has access to what data, etc. to help with Sarbanes-Oxley compliance.

Threat Prevention

Systems that exhibit malicious activity, such as zero-day threats and worms (including Zeus, Stuxnet and FLAME) can be blocked.

Network Performance Issues Investigation

OMG monitors application use and policies alert the IT group to unusual activities such as streaming applications.

Enabling Localization of Security Policies

Helps OMG to accommodate different data privacy laws across the EMEA region.

Time (and Cost) Savings

CounterACT enables real-time mitigation via automated actions and notifications, such as identifying systems not running Altiris.

Next Steps

The company feels it is ready for the inevitable move towards stronger policy enforcement and more automated security control including that of BYOD initiatives since CounterACT will help them tighten management of mobile devices.

About ForeScout

ForeScout enables organizations to continuously monitor and mitigate security exposures and cyber attacks. The company’s CounterACT appliance dynamically identifies and evaluates network users, endpoints and applications to provide visibility, intelligence and policy-based mitigation of security problems. ForeScout’s open ControlFabric architecture allows a broad range of IT security products and management systems to share information and automate remediation actions. Because ForeScout’s solutions are easy to deploy, unobtrusive, extensible and scalable, as of January 1, 2015, they have been chosen by more than 1,800 of the world’s most secure enterprises and government agencies in over 62 countries. Headquartered in Campbell, California, ForeScout offers its solutions through its global network of authorized partners. Learn more at