Policy-based segmentation and enforcement
Basic access control is outdated. It’s too rigid and overbearing for users and IT. Want to use real-time device context to plan network segmentation, automatically segment devices and enforce the appropriate level of control?
Once CounterACT discovers a security problem on a device, its sophisticated policy manager can automatically execute a range of responses depending on the severity of the problem. Minor violations might result in a warning message sent to the end user. Employees and contractors who bring their own devices can be redirected to an automated onboarding portal. Serious violations could result in actions such as blocking or quarantining the device, reinstallation of a security agent, re-starting of an agent (such as third-party antivirus or encryption software) or process, triggering the endpoint to retrieve an operating system patch, segmenting to a more secure VLAN, or performing other remediation actions.
ForeScout can enforce the appropriate level of control—from modest to stringent—based on your security policies.
Remediate Malicious or High-risk Devices
Based on your security and compliance policies, CounterACT can directly remediate the problem, alert IT staff, or inform the non-compliant device user and/or redirect them to a secure self-help portal.
This real-time, agentless approach can help ensure that:
Authorized endpoints are properly configured.
Host-based security applications, such as antivirus, are installed, running and updated.
Vulnerabilities are patched and the latest versions of software are installed.
Encryption and data loss prevention agents are running properly.
Unauthorized software is disabled.
Suspicious endpoints are safely quarantined and remediated.
Learn more about Control from Real-time Use Cases
READY TO KICK THE TIRES?
Here’s your chance to put ForeScout through its paces and experience the difference of agentless visibility and control.