It’s no secret that devices of all shapes and sizes are connecting to the Internet in increasing numbers. But while we hear a lot about consumer devices such as connected watches and fridges, there is less awareness that more than 5 billion1 IP-connected devices reside on enterprise networks today.
Just like the consumer world, an increasing majority of the device growth in corporate networks is in the form of IoT and operational technology (OT) systems. And managing the security hygiene and compliance posture of these devices is a daunting task that shouldn’t be underestimated.
In fact, one could argue that the main reason organizations face an increasing malware problem is because they have a device visibility problem.
These are the trends we’re tackling with our new release: CounterACT 8. We’re raising the bar on device visibility and giving you the tools to illuminate the diverse types of devices connecting to your heterogeneous networks—from campus and data center to cloud and operational technology environments. In other words, your extended enterprise.
CounterACT 8 is now Generally Available (GA) and includes several new innovations and foundational enhancements. Based on my conversations with customers, the following rise to the top of the list:
Expanded device visibility platform: CounterACT 8 delivers a single, scalable, software platform for you to gain a consolidated view of devices across your extended enterprise—traditional endpoints, mobile and IoT devices, virtual machines and cloud instances—and now OT systems. You also get expanded visibility into your IPv6-addressable systems and devices managed by cloud network controllers such as Cisco Meraki. This Visibility First approach is foundational to security because it takes just one rogue or invisible device to bring down an entire network.
Passive-only monitoring for OT environments: Industrial and critical infrastructure systems can be especially sensitive to active probing and scanning techniques. With CounterACT 8, you can now see and inventory OT devices safely using passive-only discovery and profiling techniques. Eliminate blinds spots and get an accurate, real-time inventory of OT devices without risking system and business disruption.
Auto-classification of new devices: Our popular ForeScout Device Cloud is now one of the largest crowd-sourced device intelligence repositories, with more than 3 million devices from over 500 participating customers across 10 industries. ForeScout research leverages this device intelligence to improve classification efficacy and coverage in your environments. Get the latest classification updates from ForeScout and leverage our rich taxonomy to auto-classify your IoT and OT devices.
IoT risk assessment: Weak or factory-default credentials on IoT devices offer bad actors an easy attack surface. You can now assess and identify vulnerable IoT devices using the ForeScout-provided credential library or your own custom credential library. In addition, CounterACT 8 lets you automate policy actions to isolate or segment vulnerable devices until they are remediated. Mitigate the risk of weak credentials and stop making it easy for hackers to exploit this “low-hanging-fruit” attack surface.
Device intelligence dashboard: A device visibility platform is incomplete without a dashboard. Our new web dashboard provides your security operations center (SOC) and incident response teams with a consolidated view of your device landscape along with classification, connection and compliance context. In addition, the dashboard is customizable for other IT functions such as risk, compliance and executive reporting. Get device context at your fingertips during a threat outbreak and improve your mean time to respond.
Enhanced enterprise scale: With active customer deployments of over 1 million devices, our platform is one of the most scalable in the industry. To keep pace with device growth, we have now doubled our management scale to 2 million devices in a single deployment. In addition, the new 5100 series appliances allow you to scale to 20,000 devices in a 1U rackmount appliance and monitor full 10Gbps traffic. Scale to new heights while optimizing your rack space and data center footprint.
Agile deployment options: An enterprise platform is only as good as it is easy to deploy. That’s why we keep pushing the boundaries to improve time-to-value. CounterACT 8 supports KVM (Kernel-based Virtual Machine) as a third virtual appliance deployment option, along with VMware® and Hyper-V. And intelligent IP-allocation allows you to automate IP distribution across a multi-appliance cluster instead of managing IPs per appliance. Reduce administration overhead and improve operational efficiency.
ForeScout Flexx Licensing: Now, why would I want to talk about licensing? Because I’m excited about the ease and flexibility offered by our new software-centric Flexx licensing. A centralized license pool gives you deployment flexibility and license portability so you aren’t over or under-provisioned in parts of your network. Separate software and appliance purchase options accelerate procurement cycles and allow you to grow easily with expanding business needs. In addition, you can manage and track your entitlements and licenses with our enhanced customer portal. Purchase, deploy and manage licenses with ease.
There are several more enhancements beyond what I’ve mentioned above. For additional information on CounterACT 8, click here. And don’t miss our upcoming webinars:
Visibility for the Extended Enterprise
Raising the Bar on Device Classification
IoT Risk and Posture Assessment
1 IDC, Worldwide Business Use Smartphone Forecast Update, 2015-2020; IDC, Worldwide Business Use Tablet Forecast Update, 2015-2020; IDC, Desk-Based, Notebook, Ultramobile and Mobile Phone Units (K) and Installed Base, by Country, 2014-2020; Gartner, Forecast: Internet of Things – Endpoints and Associated Services Worldwide, 2017; IDC, Worldwide and U.S. Server Forecast 2014-2018; IDC 2015 Server Virtualization and Cloud Multiclient Study
