The ForeScout solution provides the unique ability to see devices, including non-traditional devices, the instant they connect to the network and enforce policy-based control of these devices. Once you can see and control, our solution can orchestrate information sharing and automate workflows among disparate security and IT management tools. Here’s how:
CounterACT® discovers and classifies devices without requiring agents. Based on its classification, CounterACT then assesses the device’s security posture and applies policies that enforce the specific behavior the device is allowed to have while connected to a network. See more. Control more.
More Devices Discovered*
Reduction in Network-related Breaches*
Reduction in Device-related Breaches*
- Greater visibility into devices connected to the network. Because our solution discovers the increasing proportion of devices that do not or can’t have agents, our customers have reported seeing up to 70% more devices on their networks than previously known. We provide increased visibility into devices regardless of their physical locations—on premise, in the public cloud and in corporate data centers or branch offices.
- Continuous visibility. Our solution sees devices when they connect to the network and continuously monitors them while connected. We have the ability to detect a change in device posture, such as outdated or broken agents, as well as determine when a device is not acting the way we believe it should based on our extensive repository of behaviors developed over the past 15 years.
- Automated control based on policy. Once our solution discovers and classifies devices, it provides a choice of what to do with these devices based on granular compliance and security policies. Organizations can set their own specific security policies that are enforced upon connection. We provide many options in addition to allowing or denying network access, including segmenting to a more secure VLAN, alerting IT teams or third-party systems of potential threats, and quarantining devices from the network. Our solution enforces these policies automatically, without the need for human involvement.
- Orchestration of actions between systems. Our solution enables third-party systems to share data to gain better context of device posture and orchestrate an automated response. We have built integrations with leading security providers to extend the value of existing security investments by interconnecting fragmented security tools.
- Integrated across a heterogeneous environment. Our solution integrates with a diverse group of switches, routers and servers, and is not constrained by a single vendor dependency. Our ability to integrate with all major network infrastructures is particularly important as workloads move to the cloud and organizations utilize heterogeneous environments serviced by many vendors. This provides our customers with ease of implementation, freedom from vendor lock-in and resilience to upgrade and refresh cycles.
- Scalable and resilient to cover the growing number of network devices. As of December 31, 2016, ForeScout has sold more than 30 million endpoint licenses. We support organizations of all sizes and scale, with our largest customers using the ForeScout CounterACT® platform to manage over one million devices on the network. Failover cluster capability provides service continuity without manual intervention in both single-site and multisite environments for non-802.1X and 802.1X deployments.
- Infrastructure-wide security that spans your campus, data center and cloud environments. Address the explosive growth of IoT devices, virtual infrastructure and cloud computing by gaining a consistent view and applying consistent security policies across devices and virtual instances—regardless of location.
- Rapid time to value. Organizations often begin realizing the benefit of our solution almost immediately after implementation as they see substantially more devices on their network than previously known. We have customers that have deployed our solution across hundreds of thousands of devices in less than 90 days.
With ForeScout, we did not have to take a piecemeal deployment because it was not inline, had agentless options and worked with our wired and wireless implementation.
Chief Information Security Officer
ForeScout CounterACT’s agentless approach was key, as was its ability to give us full visibility into all devices, including medical devices connected to or attempting to connect to our network.
Chief Information Security Officer
University of Rochester Medical Center