Twitter: @GoGeisler
With the rapid influx and diversity of devices connecting to enterprise networks and the ever-evolving cybersecurity threat landscape, organizations are struggling to keep their physical and virtual environments secure while embracing IoT and operational technology (OT). To help organizations tackle these challenges, ForeScout CounterACT® now features new advancements, including out-of-the- box device classification and taxonomy, enhanced scale and resiliency to manage more than one million devices within a single deployment, and a redesigned user interface for implementing consistent policies across multivendor and hybrid-cloud environments.
The following are my top 10 new features and enhancements with a short commentary after each:
- Redesigned user interface: Updated UI with new look and feel, enhanced device view with attribute categorization to facilitate quick filtering and searching, and a new policy graph feature for easy analysis of policy actions. Love the way it looks and how simple it is to use.
- Out-of-the-box classification: New classification engine and taxonomy with out-of-the-box device profiles to classify traditional, Internet of Things (IoT), Operational Technology (OT), mobile and virtual endpoints. Over 1,000 classifications—and growing—as we always want more, more, more.
- Enhanced management scale: ForeScout Enterprise Manager is capable of managing over 1M devices in heterogeneous customer environments to provide centralized monitoring, policy management and administration capabilities. I had to exercise restraint by not including a picture of Dr. Evil saying 1M.
- Failover clustering: Enables customers to deploy a cluster of CounterACT appliances in a failover configuration to provide service continuity and load redistribution with no manual intervention. Now you can recover from single or multiple points of failure without the need for idle standby appliances. It’s one more layer of efficient protection our customers can count on.
- IPv6 support: New capabilities provide visibility and network controls for IPv6 devices. IPv6 is really here.
- Non-802.1X pre-connect offering: New access control list (ACL) inventory and pre-connect enhancements offer 802.1X-like security without 802.1X complexity. It’s all about making life simpler for our customers.
- Extended Modules for NGFWs: Extended Modules for Palo Alto Networks® and Check Point® Next Generation Firewall (NGFW). Share CounterACT’s agentless visibility and granular device classification with NGFWs to automate and maintain dynamic segmentation from campus to cloud.
- Modules with cloud applications: Integrations with AWS® and VMware® vSphere® and NSX®. Just as IoT dramatically expanded the campus attack service, virtualization and cloud computing add major visibility challenges to private data centers and public cloud environments. Now customers can increase visibility and incorporate microsegmentation in the cloud similarly to what they already are capable of doing on premises.
- Extended Module for ITSM: Knowing what’s on your network is step one in any effective IT governance, security and operations strategy. The ForeScout Extended Module for ServiceNow® leverages CounterACT’s real-time visibility and provides device properties, classification, configuration and network context to ServiceNow. Customers can true-up their Configuration Management Database (CMDB) for a more accurate single source of asset knowledge.
- Extended Modules for SIEM: Extended Modules for Splunk®, QRadar and others. ForeScout shares real-time visibility of physical and virtual devices to fill in device-context gaps within Security Information and Event Management (SIEMs), allowing them to quickly correlate active threats, vulnerabilities and user behavior. We make them smarter and we like being an enforcement point as well.
Have I missed anything? Oh, wait—I had to limit this to my 10 new favorites. If you would like to see all these great new capabilities firsthand, please sign up for a demo.
