ForeScout | Access Ability

Featured

Success Stories

	Wellington College Prestigious, 150 year old London College Tony Whelton, Director of IT Services and Development “ForeScout does fantastic job of automating our guest and pupil network by eliminating endpoint security issues throughout the campus… we simply added computing resources for the virtual appliance and found the installation was very straight forward… giving us more flexibility to allocate capacity as we need it.” Read the full story »
	Miami Children’s Hospital South Florida’s most extensive pediatric hospital networks… Alex Naveira, Information Technology Security Officer “Patient healthcare information must only be accessed by people authorized for it… CounterAct appliance, which is being used to control access to resources in the network and to prevent malware, integrates well… looking at the policy-based behavior and the compliance of each machine.” Read the full story »
	Patelco Credit Union Among the largest credit unions in the United States John Shields, Vice President and CTO “CounterACT manages up to 400,000 devices… simple–one box, one day to install and agentless operation. It met all our needs, and we had to make no changes to our network. That’s why we chose ForeScout–imple, cost effective, easy to use.” Read the full story »
	Haworth, Inc. Leading global manufacturer of office furniture and organic workspaces… Chad Clement, Information Security Manager “”Despite that we are a Cisco and Microsoft shop, we went with ForeScou–better interface and visibility… no permanent software on endpoints… plus IDS features and the ability to assess compliance with corporate endpoint configuration standards… integrates with the BMC Remedy service-management and Qualys.”
	Omnicom Media Group Leading global advertising and marketing communications services company Kenneth Corriveau, Chief Information Officer “ForeScout simplifies policy creation and is easy to deploy… their network security solutions offer us the automated and integrated controls necessary for us to enforce access policies, including mobile security, which has become very important.”
	City of Guelph Ranked among the top ten places to live in Canada Shibu Pillai, Network Security Specialist “One thing that stood out is that ForeScout blended easily with our infrastructure, which is mainly Microsoft, Cisco and HP. Other NAC vendors required changessuch as new switches, in-line devices and agents on desktops. We were able to implement the ForeScout NAC without making changes to our infrastructure.” Read the full story »
	Travelodge Robin Bryant, Infrastructure Support Manager “Wireless network scanning was proving a very difficult PCI requirement for Travelodge IT to meet efficiently…ForeScout’s CounterACT network access control technology was identified as a potential solution…. We engaged with Axial to ensure that it did indeed meet PCI requirements and they are now providing Travelodge with a NAC Managed Service… gives us peace of mind that we are now more than satisfying this requirement.”
	London South Bank University One of London’s largest and oldest universities Phillip Wright, Network Team Leader “With CounterACT, we can keep an eye on whose antivirus is out of date; we have policies for potential malicious hosts… kill P2P applications… earned its keep during the Conficker outbreak… reduced the network team from six people to three-and-a-half network engineers–a portion of this reduction can be attributed to the automation of security processes possible through CounterACT.” Read the full story »
	Altarum Institute Nonprofit health systems research and consulting Al Wendt, Network Manager “While it’s not against policy for employees to bring in personal laptops, it does pose a threat, and the same goes for contractors. CounterACT eliminates those threats… with CounterACT protecting us, we won’t have any more two-day shutdowns due to an outbreak. The product is pretty much paying for itself.” Read the full story »
	The Doctors Company Nation’s largest insurer of physician and surgeon medical liability Johnny Lane, Network Security Engineer “CounterACT is ideally featured to help us manage the unmanaged… we were able to control access to our production LAN… distinguishing laptops from desktops and apply different security policies to each–without needlessly disrupting users or forcing agent-based authentication onto every endpoint.”
	Daktronics The leading provider of LED scoreboards, programmable display systems, and large screen video displays Philip Egeberg, IT Security Manager “We have a geographically dispersed infrastructure and ForeScout delivered centralized, real-time visibility and control with regards to anything touching our network. ForeScout enables us to enforce an acceptable use policy including mobile devices, manage peer-to-peer (P2P) applications, and stop propagating worms and advanced persistent threats.” Read the full story »
	Lehigh Valley Hospital and Health Network Large regional network of hospitals and heath care centers Brian Martin, Info Security Manager “CounterACT was one of our smoothest – it took under a week and is now protecting over 20,000 endpoints. I was bowled over by the detection capabilities of CounterACT that you get two-in-one intrusion prevention and NAC solution in CounterACT just makes it that much better.”
	SITA UK The UK’s largest recycling and resource management company Mike Carr, IT Security Manager “CounterACT’s easy-to-implement, easy-to-use policy compliance engine helps us write and push policies tailored in real-time to address issues arising in our dynamic network… comprehensive audit reports that allow direct measurement against our many, and often granular, security policies” Read the full story »
	Albany County The oldest settlement in the nation and the capital of the State of New York Perry Blanchard, Network Security Engineer “We went through a year-long evaluation process before settling on ForeScout… it gave us far more capability at less expense than Cisco. We maintain a highly dynamic network… (With CounterACT), I can see it all, can classify it and take action on it… found unauthorized access to their network by smart phones, a rogue wireless access point and an undocumented switch. Now I have peace of mind.” Read the full story »
	ITOCHU One of Japan’s largest trading companies with over 700 subsidiaries John Budek, Infstructure Manager “ForeScout installed in a day and immediately began to deliver value. All I expected CounterACT to do was add a visitor network capability. Was I surprised! ForeScout gave me a lot more than I asked for–all in one simple integrated package.” Read the full story »
	Stroud College A distinguished university in the United Kingdom Tim Hanks, IT Service Manager “We evaluated Cisco, Bradford and open-source–ForeScout proved to be the best choice… incredibly powerful and very intuitive to use… we can identify and protect the network against computers and smartphones no matter who owned them–students, staff, contractors or guests.” Read the full story »
	The Research Institute at Nationwide Children’s Hospital One of the largest pediatric hospitals and research institutes in the United States Scott Kowal, Senior Network Engineer “CounterACT is seamless to users–they don’t even know their devices are being interrogated because it’s non-disruptive… gives us everything we need… and it does much more… recently recognized a spyware attack and immediately stopped it in its tracks… provides our helpdesk with a great deal of instant information we couldn’t get before.” Read the full story »
	Culpeper County Todd Frazier, System Administrator “You can’t secure what you can’t see–with CounterACT, we see everything coming onto our network and can block, allow or enforce and remediate in real-time… helps us comply with the Freedom of Information Act (FOIA).” Read the full story »
	Golden West College Southern California educator for trades, licensed trades and skilled professionals. Anthony Maciel, Director of Technology Support Services “ForeScout’s product installed in less than a day, and instantly started working for us. We have had zero downtime due to service breaches! And I’ve got a great solution for PCI compliance.” Read the full story »
	GTSI Government and Healthcare solutions provider Tom Kennedy, Vice President “We knew the FAA wanted an access control and intrusion prevention solution that would work ‘out of the box’ and deliver exceptional functionality at a very competitive cost. We are pleased that CounterACT fit all the requirements.”

Datasheets & Brochures

Brochures

• Company Overview
• CounterACT Solution Brochure

Product Datasheets

• CounterACT for Endpoint Compliance Datasheet
• CounterACT Datasheet
• CounterACT Edge Datasheet
• CounterACT Enterprise Manager Datasheet

Solution Briefs

• CounterACT for Mobile Security Solution Brief
• ForeScout-ArcSight Integration
• PCI DSS
• HIPAA
• FISMA
• SOX

Tech Briefs

• Device Host and Detection Methods
• Securing Visitor Access
• CounterACT NAC and Policy Enforcement
• USB Detection and Blocking
• NAT Detection Technical Brief
• CounterAct vs. Conficker
• Virtual Appliance Technical Brief

Product Tours & Screenshots

Product Overview

Flash Product Tour

Get an overview of the CounterACT platform – navigate or watch all four topics: Network Access Control, Mobile Security, Endpoint Compliance and Threat Prevention.

Product Demonstrations

Product Screenshots

White Papers

Network Security in the Age of *Any* Computing

Risks and Options to Control Mobile, Wireless and Endpoint Devices

Written by distinguished security industry analyst Mike Rothman of Securosis

Users want access to information on any device, from anywhere, at anytime. Whatever control you thought you had over the IT environment is gone. Users are bringing in their own personal mobile devices. Then there’s the dynamics of virtualization and coping with new world threats. This provocative paper exposes issues, processes and technical options with regards to real-world mobile, wireless and endpoint security. The comprehensive paper examines:

• Data classification and network segmentation
• Endpoint and network integration
• Policy development and enforcement
• Different available security controls
• Getting the win; defining success, planning implementation and assessing progress

 

The Pragmatic Path to Achieving NAC Results

-Essential Implementation, Process and Control Considerations

Written by distinguished security industry analyst Scott Crawford of Enterprise Management Associates

Businesses want more fluid access to data while IT organizations must maintain security. The variety of access and multitude of threats to network resources and sensitive information have given need for more flexible and automated ways to effectuate security policies, controls and enforcement – namely NAC. This in-depth, 10 page research covers the essentials to achieve NAC results:

• Use cases, scoping requirements and operational processes
• Implementation considerations; 802.1x, agents vs. agentless, network preparation
• Control considerations; options, enforcement, remediation and implementation
• Example architectures and 2 case studies

 

SANS Analyst Report on “Bring Your Own Device” Policy

- Accelerating Guest Networking, BYOD and Endpoint Security

Written by SANS analyst Mark Kadrich, SANS security evangelist and author of Endpoint SecurityAccording to Gartner, with the introduction of BYOD and associated threat vectors, Network Access Control (NAC) has emerged as the important solution for mitigating the risks of consumerization.  NAC can be used to provide secure guest networking services and management to these devices. This paper examines policies, technical considerations and approaches for using NAC to support guest networking and BYOD, as well as the need to secure today’s users and their new devices requesting access to the corporate network.

• Architectural review
• Top 10 recommendation list
• Case study illustration
• Policy development

 

Blocking Network-based Attacks with ForeScout’s CounterACT

-Automating Network Access, Endpoint Compliance and Threat Management Controls

SANS What Works: Q&A with Waqas Akkawi, director of information security at SIRVA, Inc.

This informative paper details how CounterACT addressed SIRVA’s continuous need to provide the highest level of data security by advancing intrusion prevention, network access control and endpoint compliance.  As a world-wide leader of relocation and moving solutions, ensuring data security and enabling controls with minimal administration and tuning was key.  This in-depth case study reviews the technical and process considerations, selection and deployment effort, and lessons learned – from the customer perspective. Learn how CounterACT:

• Detects and prevents sophisticated and targeted attacks
• Supports privacy laws and operational security compliance
• Enforces configuration policy and secures guest networking
• Maintains a high-level of network security via automation to optimize time and costs

 

Network Access Control and 802.1x

-Advantages, Constraints and Capabilities

Written by distinguished security industry analyst Pete Lindstrom of Spire Security

The industry has been blurring the differences between 802.1x and NAC. Some believe that 802.1x is sufficient and similar enough to a full NAC solution to start down the path of implementation. What organizations often find is that the 802.1x story seems fairly simple and easy, but the deployment is much more difficult. This paper examines the fully 802.1x and NAC details such as:

• What is 802.1x?
• What important features are missing from 802.1x?
• What alternatives exist to 802.1x and why?
• What are the hidden costs associated with rolling out NAC?
• How can commercial enterprises and government organizations benefit from NAC?

 

Continuous Endpoint Compliance

Integrating Process, Policy and Technology to Preempt Threats and Reduce Costs

Written by distinguished security industry analyst Eric Ogren of The Ogren Group

The best security teams cannot control when new advanced persistent threats, APTs, are unleashed and they discover that anti-malware and intrusion prevention products designed to protect the business against zero day and blended threats are often defeated. However, security teams can control the compliance of endpoints with security policies to keep the business from becoming a target of opportunity for attackers. This paper examines pertinent issues and available options to advance endpoint compliance, exploring:

• Key process and technology requirements
• Key visibility and control requirements
• Network-based endpoint compliance
• Case study illustrations: Banking and Government Defenses

 

Choosing a NAC Solution that is Right for Your Network

Written by ForeScout Technologies.

This paper covers the top issues with regards to considerations and technical tradeoffs when compiling requirements for Network Access Control solutions. Key topics include:

• NAC basics and real-world challenges
• Endpoint detection and interrogation
• Policy creation
• Enforcement
• Deployment

 

Planning a Successful NAC Deployment

Written by ForeScout Technologies.

This paper provides guidance to ensure Network Access Control deployment. Key topics include:

• Setting objectives
• Leveraging cross-functional project teams
• Classifying user types and devices
• Apply access controls
• Maintaining compliance enterprise-wide
• Managing policy changes
• Implementing a phased rollout strategy

 

CISO Guide: Advanced Threat Protection

Written by Bill Sieglein – President, CISO Executive Network and Scott Gordon (CISSP) – Vice President, ForeScout Technologies

Understanding and defending against zero-day threats, propagating worms, low-and-slow attacks and more targeted advanced persistent threats (APTs).

• Examine the nature of sophisticated threats and the state of defenses
• Know the current threat landscape and how they are used by attackers to threaten operations, penetrate networks and obtain sensitive data
• Assess various security technologies and their relative strengths and limitation
• Examine what can be done to minimize risks and improve an organization’s security posture
• Gain overview of ForeScout ActiveResponse™ technology

Reviews & Awards

	ForeScout Recognized as a Leader in the 2011 Magic Quadrant for Network Access Control Gartner | Lawrence Orans, John Pescatore, December 2012 “According to Gartner’s Magic Quadrant for Network Access Control, leaders are successful in selling large NAC implementations (10,000 nodes and greater) to multiple large enterprises. Leaders are pure-play NAC vendors or networking and/or security companies that have been first to market with enhanced capabilities as the market matures.Leaders have the resources to maintain their commitment to NAC, have strongchannel strength and have financial resources. They have also demonstrated a strong understanding of the future direction of NAC, including the impact of BYOD and guest networking. Leaders should not equate to a default choice for every buyer, and clients should not assume that they must buy only from vendors in the Leaders quadrant.”
	ForeScout CounterACT Receives Editor’s Choice CTR | Mark Brownstein, August 2011 “Possessing clear management, visibility and control automation advantages, ForeScout’s CounterACT is well worth considering for any organization requiring more advanced network security… I found CounterACT to be a multi-faceted, extremely powerful, exceptionally flexible and exquisitely configurable system… being both integrated and agentless, it offers a significant bang for the buck — avoiding many of the implementation and administrative issues that often plague 802.1x-only NAC products. – Awarded Editor’s Choice”
	NAC Group Test – ForeScout CounterACT, Secure Computing Magazine | Nathan Ouellette, September, 2011 “…able to configure and install the appliance in a fairly short amount of time… interface is intuitive and the reporting/dashboard features are slick…Administrators have several options to deploy… some may choose to use existing 802.1x features… others may opt to deploy the solution differently. Overall, we believe there is a good amount of flexibility… A robust NAC solution with plenty of features and a great price point. It is our Best Buy.”
	ForeScout CounterACT 6.3.4 Receives 5-star Rating ITPRO | Dave Mithchell, August 2011 “Compared with many NAC products, we found CounterACT easy to deploy and, apart from setting up switch span ports, requires no major changes to the existing network infrastructure. Its policy-based security makes it very versatile allowing administrators to provide controlled, secure network access to managed, unmanaged and guest systems as they attempt to join the network.“
	ForeScout Positioned as a Leader in NAC Industry by Independent Research Firm – Top Performer in Current Offering and Strategy ForeScout has been confirmed as a leader in Network Access Control(NAC) solutions in the June 2011 report “The Forrester Wave™: Network Access Control, Q2 2011.” The report ranks ForeScout as the industry’s top performer in both strength of current product offering and strategy… as the successful pure play in the market, we have a distinct advantage to offer the industry’s most innovative NAC solution that affords our customer’s greater flexibility, assured results and ongoing value.”
	CounterACT Network Access Control: Appliance Of The Future CRN / Everything Channel | Eddie Corriea, June 2011 “For its power, simplicity and revenue potential, the CRN Test Center recommends ForeScout’s CounterACT 6.3.4 network access control system… If you’re recommending only perimeter solutions and not offering your customers a network access control product for inside the firewall, you might be leaving them vulnerable to attacks from within, where networks are most vulnerable… In doing so, it offers the reseller a wealth of opportunities to offer services while also freeing up IT resources for other activities.”
	CounterACT Wins Bench Tested Product of the Year at Network Computing Awards 2011 Judged on the product’s capability and application, ForeScout CounterACT version 6.3.4 surpassed 12 other vendors in this prestigious category that gauges technical merit and suitability for purpose. The product features that shone through were summarized in Network Computing’s bench test article, which include: guest access, automation, mobile security, preempt zero-day threats, ease of deployment and agentless operation – make it superior to others.
	Info Security 2011 Winner – Best Overall Security Company of the Year ForeScout Technologies, Inc. wins “Best Overall Security Company of the Year”. Learn more
	Info Security Products Guide: 2009 Best Deployment Scenario ForeScout NAC Deployment Vastly Improves Cyber Security for Culpeper County Government in Virginia. Learn more
	Network Computing: CounterACT 6.3.3 Review CounterACT’s major strengths lie in its agent-less approach and out-of-band monitoring. Learn more
	Computing Security: CounterACT 6.3.3 Review ForeScout’s NAC policies are very versatile; they provide strong protection against zero-day threats, and add valuable controls over host USB ports. Learn more
	SC Magazine: NAC Tools Test NAC is a group of security management utilities that enforce which system should be allowed on the production network. Learn more
	Proactively Protect Your Network from Threats: ForeScout Technologies’ CounterACT Network manager Al Wendt reviews ForeScout Technologies’ CounterACT. Learn More
	NetworkWorld Clear Choice Test : NAC Mandy Andress puts 13 Network Access Control vendors to the test – ScoreCard | CounterACT Review | Overview Article
	Information Security 2007 – Emerging Technologies ForeScout Wins Gold in Emerging Technology Category of Information Security Magazine’s 2007 Readers’ Choice Award. Learn more
	SC Magazine: Policy Management Appliance Test As laws and industry regulations change, the task of ensuring policy compliance is often a quickly evolving one, reports Justin Peltier. Learn More
	NWC_CounterACT_Rollout This network access control product enforces complex policies and detects malicious behavior via continuous passive monitoring – by Mike Fratto, NWC. Learn more
	SC Magazine: Endpoint Security Appliance Test How can enterprises keep their endpoint computers secure when vendors can’t agree on what endpoint security means? Peter Stephenson compares. Learn more
	Information Security Magazine: NAC/IDP Product Test Wayne Rash puts CounterACT’s custom policies and anti-worm protection to the test on a network with managed and unmanaged switches; Windows, Linux and Novell servers; a complete VoIP system and voice gateway; an Internet gateway and rogue wireless APs. Learn more
	SC Magazine: Multifunction Appliance Test Who benefits from multifunction IT security appliances? Is an all-in-one box better than specialized devices? Peter Stephenson looks at the pros and cons. Learn more
	Independent Testing Services: CounterACT Test As the time between exploit and worm release continues to decrease, the capability to mitigate “zero day” or unknown worms becomes critical to network administrators. Independent Testing Services (ITS) put CounterACT to the test. Learn more

Webcasts & Podcasts

BYOD – Enabling Personal and Mobile Device Use On the Network

Mark Kadrich, author of the popular book “Endpoint Security”

Justin Webb, security analyst at Marquette University

Shibu Pillai, network security specialist at the City of Guelph

Scott Gordon, CISSP Vice President at ForeScout

Network Access Control (NAC) solutions accelerate requisite guest networking, BYOD (Bring Your Own Device) services and endpoint security.  How do you design, measure and enforce the necessary policies, procedures and counter-measures? Join this interactive webcast to learn the real-world NAC technical and business considerations in order to manage personal and mobile device security, accessibility and risk.

 

Enabling Productivity, Connectivity and Security (11 minutes)Gord Boyce, CEO at ForeScout

Richard Stiennon, security expert and industry analyst at IT-Harvest

Gord Boyce, CEO of ForeScout

How boundless network, mobile computing, IT consumerization and virtualization dynamics challenge IT organizations – and – how ForeScout has adapted its solutions to help CIOs, CSOs and IT staff enable productivity and connectivity while cost-effectively maintaining security.

Security in the Age of *Any* Computing: Risks, Options and Automation for Mobile and Endpoint Controls (60 minutes)

Mike Rothman, Analyst and President at Securosis

Scott Gordon, CISSP Vice President at ForeScout

Users want access to information on any device, from anywhere, at anytime. Then there’s the dynamics of virtualization and coping with new world threats. Whatever control you thought you had over the IT environment is gone. Lead by distinguished analyst Mike Rothman of Securosis, this webcast exposes issues, examines processes and weighs technical options that you can apply today to advance mobile, wireless and endpoint security. Explore data classification and network segmentation, policy development and enforcement, preempting access violations, and the means to automate respective security controls.

 

What Works to Prevent Network and Host-based Attacks (60 Minutes)

The SANS WhatWorks initiative employs SANS research to illuminate user stories that brings to life the benefits (and problems) of effective security tools by answering all the questions a prospective buyer might ask a satisfied (but unbiased) user. Hosted by the SANS Institute, speakers Alan Paller, director of research for the SANS Institute, and Waqas Akkawi, director of global information security at SIRVA Inc., discuss:

• Drivers for seeking more advanced network access control, endpoint compliance, and intrusion prevention technologies.

• Real-world selection processes, test criteria and technology tradeoffs.

• Means to gain operational buy-in, minimize implementation risks and extend control coverage.

• Subsequent changes to policies, procedures and the infrastructure, as well as

• Results achieved and lessons learned.

 

Advancing Network Access Control and 802.1x: Choices for Government and Military Agencies (60 minutes)

Pete Lindstrom, CISSP Research Director at Spire Security

Wallace Sann, CISSP, CISA, CIPP/G Director, Systems Engineering at ForeScout

Today’s government agencies are leveraging best-of-breed strategies to achieve strong Network Access Control (NAC) without expensive infrastructure upgrades or heavy administrative burdens. Learn how Federal and Military agencies have implemented NAC including how they overcame challenges with 802.1x. The seminar conveys actionable advice on:

• How can government organizations benefit from NAC?
• What is 802.1x?
• What important features are missing from 802.1x?
• What alternatives exist to 802.1x and why?
• What are the hidden costs associated with rolling out NAC?

 

Automating GRC and Endpoint Compliance with SIEM and NAC (60 minutes)

Eric Ogren, Principal Security Industry Analyst at The Ogren Group

Narayan Makaram, CISSP Sr Product Marketing Manager at ArcSight an HP Company

Jack Marsal, Director of Marketing at ForeScout

How can you improve security compliance AND save money? Through automation. Watch this webcast to learn about endpoint compliance issues, processes and automation considerations. This webcast, lead by Eric Ogren, principal security industry analyst at The Ogren Group, examine critical requirements and control techniques, exceptions and available technologies for end point compliance that can reduce help desk, remediation, incident management and audit expenditures. Attendees will also discover how Network Access Control and Security Information Event Management platforms can provide greater intelligence and a higher degree of security automation to enable:

• Improved operational efficiency and compliance management of endpoints
• Stronger security based on visibility of non-compliant endpoints and unauthorized users
• Real-time, automated remediation of enterprise-wide threats

Hear a real-world story about how a large bank is saving $400,000 annually through this automated GRC approach.

 

Mobile Security and Network Access Control Essentials (30 minutes)

Illena Armstrong, Editor in Chief at Secure Computing Magazine

Gil Friedrich, Vice President of Technology at ForeScout

Smartphones, tablets and personal devices are on your corporate network. Your users want personal connectivity and executives wants added productivity, but security must be maintained. What is the prudent path to satisfy all constituents? Lead by Illena Armstrong and Gil Freidrich VP of Technology at ForeScout, this timely webcast will examine: key mobile security risks, pertinent policies, control options, acceptable use practicalities and legalities, and means for effective visibility and security enforcement

 

TechForumLIVE: IT Consumerism, NAC and Security Control Automation (11 Minutes)

PriscillaTate, the director of Technology Managers Forum, interviews Gord Boyce, CEO of ForeScout Technologies about the security challenges of IT Consumerism, theNetwork Access Control (NAC) marketplace, where security control automation is heading, and ForeScout.

 

Mobile Security and Advanced Persistent Threats (16 minutes)

Francis Rose, “host of in-depth with Francis Rose”

Scott Gordon, CISSP Vice President at ForeScout

Hear ForeScout’s Scott Gordon on FederalNewsRadio 1500 AM describe how CounterACT’s automated security helps government and military agencies.