So Your Security Team Wants to Implement The Forescout Platform? Here’s How to Win Over the Network Team
When the information security team at Haworth Inc., a world-wide office furniture manufacturer, purchased Forescout’s solution to address network access control and other visibility challenges, they didn’t need the network team’s blessing beforehand. However, not long afterward they did.
“Sooner or later information security and networking have to be on the same page,” says Joe Cardamone, who oversees information security and privacy for Haworth’s North American operations. “Network management has to be comfortable with letting the Forescout platform integrate with your network infrastructure.”
After a proof-of-concept bakeoff between the Forescout platform and another vendor’s solution, Cardamone and his security team knew they wanted to go with Forescout. The ease of deployment and ease of use of the Forescout platform far surpassed that of the other vendor, who already had a presence in the company. So, they purchased and set out to deploy the Forescout solution. Within just seven hours out of the box, the Forescout platform provided granular visibility across 97 percent of Haworth’s global environment.
However, when Cardamone went to enable the Forescout platform to perform VLAN switching, wireless network blocks and other administrative functions on the network equipment, he encountered resistance from the network team. “They weren’t keen to allow us to have command line rights and access on SNMP into their switches right away,” recalls Cardamone.
“Of course, we wanted to get full access into the network gear, and we knew winning over the network team would be the best way to do this,” continues Cardamone. “We brainstormed with the team and attempted to provide them as much information as possible. What really sealed the deal, however, was letting the network team have carte blanche administrative access to the Forescout dashboard.'”
Cardamone installed the Forescout console on one of the network administration machines and told the network team to play around with it. “These guys are diehard fans of the other vendor but once they started exploring the Forescout platform and saw the breadth and depth of information that it provides, they understood why we needed access,” says Cardamone. “Physically using the system gave them the comfort level they needed to approve it.”
Today the Haworth network team uses the Forescout dashboard weekly to troubleshoot and locate network equipment. Network engineers are currently replacing a lot of network equipment and architecture within Haworth’s global enterprise. When problems arise, they find the Forescout dashboard very helpful, for instance, to determine which equipment is on which port or switch. In addition, Haworth’s technology support technicians and software management team both use it often—for instance, to physically locate devices and to check for noncompliant applications.
“Next time I’d let the network team have direct access to the Forescout platform from the beginning, during the decision making process. Let them experience firsthand the power Forescout provides. It speaks for itself.”
But what really sealed the deal was letting the network team have carte blanche administrative access to the Forescout dashboard.