Forescout and McAfee Team up on Continuous Monitoring and Mitigation
CounterACT NAC Achieves Interoperability with McAfee’s Leading SIEM Technology
Cupertino, Calif. — September 27, 2012 — Forescout Technologies, Inc., a leading provider of automated security control solutions for Global 1000 enterprises and government organizations, today announced that it has extended its collaboration with McAfee, the world’s largest dedicated security technology company. The integration between Forescout CounterACT and McAfee Enterprise Security Manager (ESM) provides enterprises with dynamic situational awareness of network access and endpoint compliance issues while reducing log management and threat management processes.
Forescout’s automated security platform, Forescout CounterACT, lets you see and control everything connected to your network, no matter the device or user. The platform employs multi-factor system fingerprinting technologies, such as software installation, running services, processes, open ports and network activity, and does not require an agent on the endpoint. Advanced policy enforcement capabilities allows administrators to set rules that can dynamically find and fix endpoint configuration and security issues with little or no intervention, or to automatically quarantine or remove devices in compliance violation or exhibiting malicious behavior. All CounterACT activity is recorded and sent to the McAfee ESM to fulfill reporting and auditing requirements.
The combination of endpoint classification, policy assessment, remediation and notification capabilities offers commercial enterprises and government agencies the means to progress continuous monitoring and mitigation programs.
McAfee ESM is the only SIEM built for “Big Security Data.” ESM’s ability to collect, store, and perform complex processing on billions of events provides an extensible platform to address both current and evolving needs of security information and event management. With this new integration, McAfee ESM captures, retains, and analyzes network access violations, endpoint compliance problems, and mobile security issues identified by Forescout CounterACT. This level of network access control (NAC) log integration enables security professionals to further streamline incident response, forensics, and compliance processes.
“Although many SIEM deployments have been funded to address regulatory compliance reporting requirements, the rise in successful targeted attacks has caused a growing number of organizations to use SIEM for threat management to improve security monitoring and early breach detection,” according to a recent Gartner report. “There is a danger of SIEM products (which are already complex) becoming too complex as vendors extend capabilities. Vendors that are able to provide deployment simplicity as they add function will be the most successful in the market.1”
Organizations can reduce log management system administration by employing CounterACT to:
- Check for the presence and activity of a logging application or service on an endpoint
- Install, reactivate, enforce or change a logging application or service on an endpoint based on pre-defined configuration policies
“Forescout NAC and McAfee SIEM interoperability has tremendous operational and threat prevention value for our customers,” said Sam Davis, vice president of business development at Forescout Technologies, Inc. “With this level of integration, customers can further leverage CounterACT’s automated security control capabilities to deliver dynamic network access and device intelligence while enhancing GRC processes.”
“By supporting interoperability between McAfee’s ESM SIEM and Forescout CounterACT, we can give our mutual customers an effective way to extend situational awareness and to enforce access, mobile and endpoint compliance controls for all users and devices,” said Ed Barry, vice president of the Security Innovation Alliance, McAfee. “The joint solution will enable more rapid remediation of enterprise-wide threats that can originate from non-compliant endpoints.”
As a member of the McAfee Security Innovation Alliance (SIA) program, Forescout has achieved compatibility for its integration of Forescout CounterACT Network Access Control (NAC) with McAfee ePolicy Orchestrator platform, and today’s announcement extends Forescout’s interoperability with an additional product in the McAfee portfolio, ESM.
About Forescout Technologies, Inc.
Forescout enables organizations to accelerate productivity and connectivity by allowing users to access corporate network resources where, how and when needed without compromising security. Forescout’s automated solutions for network access control, mobile security, endpoint compliance and threat prevention empower IT agility while preempting risks and eliminating remediation costs. Because the Forescout CounterACT platform is easy to deploy, unobtrusive, intelligent and scalable, it has been chosen by more than 1,300 of the world’s most secure enterprises and military installations for global deployments spanning 37 countries. Headquartered in Cupertino, California, Forescout delivers its solutions through its network of authorized partners worldwide. Learn more at www.forescout.com.
(1) Gartner, Inc., “Magic Quadrant for Security Information and Event Management,” May 12, 2012, by Mark Nicolett and Kelly M. Kavanagh.
About the Magic Quadrant
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
All names mentioned are trademarks of their respective owners.