“Although many SIEM deployments have been funded to address regulatory compliance reporting requirements, the rise in successful targeted attacks has caused a growing number of organizations to use SIEM for threat management to improve security monitoring and early breach detection,” according to a recent Gartner report. “There is a danger of SIEM products (which are already complex) becoming too complex as vendors extend capabilities. Vendors that are able to provide deployment simplicity as they add function will be the most successful in the market.” 1
The RSA enVision platform is engineered to provide a centralized log-management service that helps enable organizations to simplify their compliance programs and optimize their security-incident management. The RSA enVision solution is designed to facilitate the automated collection, analysis, alerting, auditing, reporting, and secure storage of all logs.
Forescout CounterACT next-generation NAC converges identity, device and network security to deliver real-time visibility and automated controls that map to the leading IT-GRC frameworks concerning system integrity, wireless protection, privacy, network access and segregation, logging and other specifications. The interoperability with the RSA enVision solution now enables security professionals to capture, retain and analyze events generated from Forescout CounterACT, including: network access violations, endpoint compliance problems and mobile security issues, as well as threat mitigation actions. This level of network access control (NAC) and log integration enables security professionals to pre-empt threats which advancing incident response, breach forensics and compliance tasks.
Forescout CounterACT lets you see and control everything connected to your network no matter the user or device, including corporate provisioned and personal mobile devices. The platform employs multi-factor system fingerprinting technology, such as software installation, running services and processes, open ports, and network activity, and does not require an agent on the endpoint. This automated method of endpoint visibility, classification, policy assessment and remediation offers the means for IT operations to dynamically find and fix endpoint security logging issues with little or no intervention. Organizations can further reduce log management administration effort by employing CounterACT to:
- Check for the presence and activity of a logging application or service on an endpoint
- Install, reactivate, enforce or change a logging application or service on an endpoint based on pre-defined configuration policies
“Forescout and RSA’s interoperability allows customers to fully realize CounterACT’s dynamic security capabilities with the assurance that audit logs are retained, efficiently analyzed and integrated into an organization’s GRC fabric,” said Sam Davis, vice president of business development at Forescout.
“This interoperability between the RSA enVision solution and the Forescout CounterACT solution is designed to help customers better effectuate identity, access and endpoint compliance controls for all users and devices, including managed and personal mobile devices, accessing network resources and sensitive data.” said David Low, director, strategic technology alliances at RSA.
About Forescout Technologies, Inc.
Forescout enables organizations to accelerate productivity and connectivity by allowing users to access corporate network resources where, how and when needed without compromising security. Forescout’s automated solutions for network access control, mobile security, endpoint compliance and threat prevention empower IT agility while preempting risks and eliminating remediation costs. Because the Forescout CounterACT platform is easy to deploy, unobtrusive, intelligent and scalable, it has been chosen by more than 1,300 of the world’s most secure enterprises and military installations for global deployments spanning 37 countries. Headquartered in Cupertino, California, Forescout delivers its solutions through its network of authorized partners worldwide. Learn more at www.forescout.com.
(1) Gartner, Inc., “Magic Quadrant for Security Information and Event Management,” May 12, 2012, by Mark Nicolett and Kelly M. Kavanagh.
About the Magic Quadrant
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Forescout, Forescout logo, CounterACT and ActiveResponse are trademarks of Forescout
Technologies, Inc. RSA, EMC and enVision are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other names mentioned are trademarks of their respective owners.