Financial Institution Protects IT Infrastructure From Rogue Devices While Gaining Real-Time Visibility and Control
CUPERTINO, Calif.— April 25, 2013 — Forescout Technologies, Inc., a leading provider of real-time network security solutions for Fortune 1000 enterprises and government organizations, today announced that Kansas-based Meritrust Credit Union selected the CounterACT® network access control (NAC) system to bring additional network security to its headquarters and branch locations, gain visibility into all network-connected devices and protect itself from the possibility of rogue devices accessing networks or information. CounterACT gives the IT team one dynamic view of the entire 15-location network and its 2,000 connected devices. It also allows them to implement their security policies and provides the capability to remediate unapproved devices or those that deviated from policy.
Forescout CounterACT provided value to Meritrust from day one. “As soon as we turned the system on, we were stunned to see how many devices we actually had on the network,” said Brian Meyer, information security officer at Meritrust. “These endpoints were noted in our static device lists, so it’s not that we didn’t know of these devices; it was the capability of seeing them all in detail on one pane of glass that was empowering. We were able to move from ‘we think we have 2,000 devices in static lists’ to ‘we know we have 2,000 devices that meet our network access policy requirements.’ Plus it brought new perspective as we could clearly see how many devices were on each segment. It allowed us to more easily track and categorize assets and apply and remediate policies to all these devices, which helped us to secure the physical layer at every location. That was huge for us.”
The key reason Meritrust chose Forescout CounterACT was its flexible and agentless approach to policy control. Explaining this advantage, Meyer stated, “In a banking environment, there are a lot of thin clients such as teller machines and embedded devices. With these systems, any extra overhead, such as installing an agent, could adversely impact performance and slow our ability to service customers. Additionally, we wanted to avoid the management nightmare of installing and maintaining an agent on each device.”
Other factors in the choice of CounterACT included its support for multiple network switch and infrastructure vendors, ease of installation and its “listen only” mode, a passive testing feature that made the deployment process risk-free, simple and unobtrusive by enabling the team to confirm all the policies were correctly configured and validated in advance of the full activation.
The Meritrust IT team cited several other benefits of using CounterACT:
- Management: Once all endpoints were visible, the team found a fair amount of older equipment housed in relatively inconspicuous places that were not accurately tracked; with Forescout CounterACT, the team knows exactly where and which devices are on the network, and they have peace of mind knowing that all devices are properly managed
- Real-time protection: If a new device attaches to the network, it is first classified, blocked and then reassigned to a quarantined area; based on predefined policies, the system then quickly determines the device’s security posture and checks whether the device is allowed on the guest or the production network
- Time savings: Not only does CounterACT keep the credit union’s networks secure, it also saves many man-hours since security, compliance and other processes are now automated; before deploying CounterACT, the Meritrust team would spend a full day tracking down information in preparation for an audit; today, the Meritrust team can automatically enforce endpoint security policy and simply click a few buttons to quickly generate a compliance report
- Monitoring: CounterACT is used for threat protection to mitigate malware attacks by using the system’s built-in behavior-based intrusion monitoring capability; any public-facing systems such as lobby devices and kiosks are closely monitored for endpoint compliance; any deviation from the desired configuration state is flagged for an immediate response
- Faster Help Desk service: The Help Desk uses the CounterACT Web portal to determine basic device location and configuration information to facilitate service tickets, expedite troubleshooting calls and help technicians quickly resolve issues, resulting in improved customer satisfaction; the team can now find systems even when the caller provides only partial information and readily see any device and issue from the CounterACT management screen
Forescout is positioned in the “Leaders” quadrant in the Gartner Inc. 2013 Magic Quadrant for Network Access Control, and Frost & Sullivan has acclaimed the company as the largest independent NAC vendor and one that is growing the fastest in the market. The Forescout product portfolio allows IT organizations to gain unified visibility and automated control for all wired and wireless, mobile and PC devices, whether managed or personal.
Tweet this: Meritrust Credit Union secures network with Forescout CounterACT http://hub.am/ZNtq1Q #Security
About Forescout Technologies, Inc.
Forescout enables organizations to accelerate productivity and connectivity by allowing users to access corporate network resources where, how and when needed without compromising security. Forescout’s real-time network security platform for access control, mobile security, endpoint compliance and threat prevention empower IT agility while preempting risks and eliminating remediation costs. Because the Forescout CounterACT solution is easy to deploy, unobtrusive, intelligent and scalable, it has been chosen by more than 1,400 of the world’s most secure enterprises and military installations for global deployments spanning 37 countries. Headquartered in Cupertino, California, Forescout delivers its solutions through its network of authorized partners worldwide. Learn more at www.forescout.com.
© Forescout Technologies 2013. Forescout CounterACT is a trademark of Forescout Technologies, Inc. All names mentioned are trademarks of their respective owners.
 Gartner, Inc. “Magic Quadrant for Network Access Control,” report G00238941, December 3, 2012, by Lawrence Orans, John Pescatore.