The ForeScout Difference

ForeScout CounterACT is a different kind of product. It is:

• based on network access control (NAC) technologies ... but easier to deploy than traditional NAC products
• able to enforce endpoint security policies ... but without the blind spots of agent-based solutions
• able to control without disrupting users ... unlike traditional NAC products whose default mode of operation is to deny network access until the endpoint can prove that it is safe.

The most important differences between ForeScout CounterACT and other security products that claim to do similar things are the following:

It is easier to deploy. ForeScout CounterACT seamlessly integrates with any network environment. It requires no infrastructure changes or equipment upgrades. CounterACT is deployed out-of-band which eliminates l atency and point-of-failure issues that are common with other vendors' approaches. CounterACT can be deployed in a clientless mode which means it does not require that any software be installed on endpoints.

It provides 100% coverage. Since CounterACT is a clientless solution, it works with all type of endpoints -- managed and unmanaged, known and unknown. Nothing escapes CounterACT. If it's on the network, CounterACT sees it. Instantly.

It provides deeper profiling of your endpoints. ForeScout features the most granular host interrogation engine in the industry and can build a complete profile of information including: the identity of the person logged in, their behavior, application status (running or not running), operating systems, patch levels, security agent status, and peripheral devices (e.g. USB drives). By tapping directly into the registry and file system, CounterACT determines virtually every configuration detail and compliance state of an endpoint.

It provides a more extensive range of automated controls. Unlike early generation NAC products that employed heavy-handed controls and disrupted users, ForeScout CounterACT provides a full spectrum of enforcement options that let you tailor the response to the situation. Low-risk violations can be dealt with by providing the end-user with a notice and/or by automatically remediating the security problem; this allows the user to continue to remain productive while remediation takes place. Serious violations, such as unauthorized access to restricted network resources or worm infections, can be aggressively blocked from the network.