Ornamental dots. Two rows of three dots. The top row is a light blue. The bottom row is one light blue dot followed by two orange dots. Press

Forescout Partners with McAfee to Deliver Dynamic Endpoint Protection

pdf Download PDF

CAMPBELL, Calif., October 29, 2014 Forescout Technologies, Inc., the leading provider of pervasive network security solutions for Global 2000 enterprises and government organizations, announced it has partnered with McAfee, part of Intel Security, to provide a new and enhanced interoperability between Forescout CounterACT® and McAfee solutions. This will be demonstrated in booth 206 at McAfee FOCUS 14, taking place October 27-29 in Las Vegas. The integrations will showcase the combined abilities of Forescout products, McAfee products and the McAfee Data Exchange Layer (DXL) to enable customers to protect infrastructure while supporting initiatives such as bring your own device (BYOD). Forescout CounterACT will leverage the McAfee Threat Intelligence Exchange (TIE) to make enforcement and remediation decisions based on relevant security information shared between endpoints, gateways and other security products. This rapid information dissemination is part of a more proactive, integrated approach to fortifying a security posture.

“Given the dynamic nature of next-generation threats, organizations can no longer rely on isolated security solutions,” said Christopher Kissel, industry analyst, Network Security, at Frost & Sullivan. “To ensure the most comprehensive levels of protection, an integrated approach that speeds response is necessary to address advanced threats and close potential endpoint compliance gaps.”

Forescout’s pervasive network security platform, CounterACT, enables IT organizations to efficiently address network visibility, access control, endpoint compliance and threat management challenges in today’s increasingly complex enterprise networks. McAfee TIE solutions combining Forescout CounterACT and other McAfee products to be showcased at FOCUS 14 include:

  • McAfee Threat Intelligence Exchange (TIE) and Data Exchange Layer (DXL) Interoperability – Forescout will demonstrate CounterACT interoperability with McAfee TIE by leveraging McAfee DXL and how CounterACT can onboard a BYOD laptop and verify the hashes of running processes against the McAfee TIE’s file reputation repository. CounterACT can then apply appropriate access policy and remediation actions based on whether or not any malicious files are detected. This interoperability showcases how organizations can extend their security controls to BYOD laptops that may not be running McAfee endpoint protection agents.
  • McAfee ePolicy Orchestrator (ePO) Software Integration – Updated to support McAfee ePO 5.1.1, CounterACT integrates bi-directionally, consuming information about endpoint properties and notifying McAfee ePO of changes. Both systems can then take action. For example, CounterACT detects devices as they connect to the network, validates that the device and user are authorized, and then assesses the device security posture, including whether or not the McAfee ePO host agent is installed, running and up-to-date. When non-compliance is identified, CounterACT can inform McAfee ePO to take action, or CounterACT can attempt to remediate the violation directly. In addition, Forescout will showcase how CounterACT can take quarantine actions based on malware or other violations detected by McAfee ePO software, including new malware detections identified using McAfee TIE.
  • McAfee Vulnerability Manager (MVM) integration – The new integration between Forescout and MVM harnesses CounterACT’s real-time network visibility and automated controls for more comprehensive, efficient and timely vulnerability assessment and risk mitigation. CounterACT informs McAfee MVM as soon as a device connects to the network, thereby enabling real-time vulnerability scanning of endpoints, including transient devices that may be missed by periodic polling. CounterACT then leverages the real-time MVM scan information for policy-based access control and remediation, such as quarantining or remediating vulnerable systems. This integration supports MVM version 7.5 and above.

“We are pleased to be partnering with Forescout to help enable adaptive endpoint protection,” said Ed Barry, vice president of Global Technology Alliances at McAfee, part of Intel Security. “The real-time capabilities that CounterACT brings to McAfee ePO software, MVM and TIE by leveraging both the ControlFabric® architecture and McAfee DXL gives joint customers the ability to monitor their corporate and BYOD endpoints in real time for indicators of compromise (IOCs) and non-compliance, ultimately providing them with actionable intelligence to help increase overall security posture.”

“The growing breadth and sheer velocity of malware, advanced persistent threats (APTs) and zero-day exploits necessitates a more forward-looking approach to threat management,” said Wallace Sann, federal CTO at Forescout. “By combining the functionality of CounterACT with McAfee solutions, mutual customers can detect, contain and remediate potential exposures more efficiently and effectively.”

Beyond exhibiting at McAfee FOCUS 14, Forescout invites attendees to participate in its breakout session, entitled “Endpoint Visibility, Control and Automation,” led by Sann. The session will be held on Wednesday, October 29 at 2:30 p.m. in room Bellini 2001-2002.

 Interoperability for McAfee ePO versions 4.6 and 5.1 or higher is available to customers who are licensed and have maintenance for the Forescout ePO Integration Module. Interoperability with MVM is available to those customers who have licensed the Forescout Vulnerability Assessment Integration Module.  McAfee TIE and DXL interoperability is planned for commercial availability in 2015.

Visit booth 206 at McAfee FOCUS14 for demonstrations of these integrations.

Relevant Links

Forescout CounterACT
Forescout ControlFabric
Forescout Blog
Forescout Facebook
Forescout Twitter

Tweet This: 

Tweet This: @Forescout and @McAfee collaborate on dynamic endpoint protection to be demonstrated @FOCUSConference: http://ow.ly/DqvNV

About Forescout Technologies, Inc.
Forescout delivers pervasive network security by allowing organizations to continuously monitor and mitigate security exposures and cyberattacks. The company’s CounterACT platform dynamically identifies and assesses network users, endpoints and applications to provide visibility, intelligence and policy-based mitigation of security issues. Forescout’s open ControlFabric technology allows a broad range of IT security products and management systems to share information and automate remediation actions. Because Forescout’s solutions are easy to deploy, unobtrusive, flexible and scalable, they have been chosen by more than 1,700 enterprises and government agencies in 54 countries. Headquartered in Campbell, California, Forescout offers its solutions through its network of authorized partners worldwide. Learn more at www.forescout.com.

Forescout Technologies, Inc. is a privately held Delaware corporation. Forescout, the Forescout logo, CounterACT® and ControlFabric are trademarks of Forescout. Other names mentioned may be trademarks of their respective owners.

Demo Request Forescout Platform Top of Page