Colleges and universities must serve the needs of highly mobile, ultra-connected students who use multiple devices each day. In addition, they must provide faculty and staff with secure, 24×7 network access while accommodating growing numbers of IoT devices.
ForeScout addresses these challenges while helping to maintain regulatory compliance and defending against increasing numbers of cyberthreats.
With ForeScout, our need to reimage infected computers dropped from 20 or 25 each month to just 1.5. When you consider staff resources and user downtime, that’s a 240- to 300-hour productivity gain each month.
Ken Compress, Senior Network Security and Integration Engineer/CSO, Hillsborough Community College
HOW FORESCOUT HELPS
Maintain security, privacy and regulatory compliance while facilitating learning
Security teams at educational institutions must defend against a constantly changing array of unmanaged devices connecting to the network while trying to maintain the free flow of information. They must also support business operations and regulatory compliance mandates. The ForeScout platform supports diverse educational needs by allowing you to:
- See, profile and monitor systems, including guests’ devices, rogue devices and IoT devices such as smart monitors and security cameras. See how.
- Control access to networks by students, teachers, administration and guests by enforcing network segmentation based on identities and device hygiene. Gain control.
- Orchestrate and automate network security among third-party security tools. Extend our capabilities to your tools.
K-12 CYBERSECURITY AND TITLE I COMPLIANCE
Keeping networked devices and data secure and accounted for
ForeScout helps school districts comply with Title I inventory requirements. Our solution provides comprehensive visibility into the devices on their networks, improve their security posture and achieve impressive ROI by:
- Identifying computers, unmanaged personal devices, IoT devices and rogue endpoints in real time.
- Placing device data in a contextual database, providing an easy way to track information about digital assets and how they are used.
- Discovering and Tracking software to help ensure that school districts only pay for software they actually use.
- Validating that antivirus and other host-based security applications are installed, running and updated.
What’s on Campus Networks?
BYOD The ForeScout platform can assess device hygiene, limit access and enforce institutional policies on student-owned laptops, smartphones and tablets.
Kiosks Campus-information, event-ticketing and library self-help systems save time and money. ForeScout helps ensure device hygiene and network segmentation.
Business Systems Universities must protect employee records, credit card numbers and other personal information. ForeScout restricts access to authorized personnel.
Guest Access Campus visitors require Internet access. ForeScout automates secure onboarding and segmentation to protect institutional systems and resources.
Gaming Systems ForeScout can move game consoles to secure VLANs upon connection, and move the port to primary dorm VLANs when PCs or other devices plug in.
Retail Systems Bookstores, cafes and event venues must offer secure wired and wireless network access that’s PCI-DSS compliant. ForeScout provides this.
IoT Systems ForeScout discovers, classifies and segments lab equipment, HVAC systems, smart lighting, building/video security and other IoT devices.
With FireEye and ForeScout, we know the details, security posture and activity of all devices on our network, and we can automatically isolate violations, malware and affected systems before anything gets out of hand.
Morris Altman, Director of Network Services and Internet Security, Queens College
Boost Compliance with Visibility & Control
Meeting compliance needs of universities—from PCI-DSS to HIPAA.
Universities have the access, privacy and regulatory requirements of small cities. They support residents, visitors, business operations, retail outlets—and some have the added responsibilities of protecting the intellectual property of research facilities and patient information at school-owned medical centers. Learn how ForeScout helps:
- Universities securely embrace digital transformation, IoT, building automation and more. Read our Smart Cities Solution Brief.
- Campus bookstores, restaurants, cashiers and self-service ticketing kiosks comply with PCI-DSS. Read our PCI Compliance Brief.
- Medical Centers gain oversight and control over medical devices and personally owned systems. Read our University of Rochester Medical Center Case Study.
Hillsborough Community College Case Study
Queens College Case Study
BYOD Solution Brief
Guest Access Solution Brief
Network Segmentation Solution Brief
IoT Security Solution Brief
Addressing PCI DSS 3.2 Solution Brief
Mergers and Acquisitions Solution Brief
K12 Cybersecurity and Title I Compliance Solution Brief
This alliance combines the dynamic endpoint visibility, profiling, access control and remediation capabilities of ForeScout CounterACT® with several FireEye® products to provide security against zero-day threats and produce indicators of compromise (IOCs) to help ensure that threats are remediated before the endpoint is allowed on the network. Joint capabilities are made possible through the following Extended Modules that enable threat intelligence sharing:
ForeScout Extended Module for FireEye HX: FireEye HX detects malicious endpoints with advanced threats and IOCs. ForeScout CounterACT isolates the malicious endpoints to stop lateral propagation of threats. CounterACT also stores and leverages IOC information from FireEye to scan endpoints that are attempting to connect or are already connected to the network for the presence of infections.
ForeScout Extended Module for FireEye EX: FireEye EX scans for phishing emails as well as malicious software attachments. If a threat is detected, FireEye EX prevents it from entering the network. After analysis, FireEye produces IOCs and shares the threat intelligence with CounterACT and the FireEye Threat Prevention Platform. Shared threat intelligence allows FireEye EX to scan for known vulnerabilities within arriving email. It also allows CounterACT to identify existing threats on endpoints as they connect to the network and take the appropriate actions based on corporate policies.
ForeScout Extended Module for FireEye NX: FireEye NX uses sandboxing techniques to identify zero-day threats and informs CounterACT® about infected devices and IOC threat severity. CounterACT uses this information to enforce policy-based actions, including isolating devices, initiating remediation actions and scanning other devices to minimize threat propagation. CounterACT stores the latest IOC information in its database, scans devices attempting to connect to the network and performs remediation actions before the endpoint attempts an outbound call.