Castleforce IT Security Team

ForeScout Network Access Control and Intrusion Prevention

CounterACT

ForeScout's flagship product, CounterACT, combines Network Access Control (NAC) and signatureless Intrusion Prevention (IPS) in a single network appliance that interrogates and controls access of every device and seamlessly integrates with any existing IT infrastructure. ForeScout's NAC is completely transparent and enables enterprises to tailor enforcement to match the level of policy violations, eliminating disruptions during device interrogation.

ForeScout's customers consistently report that its out-of-band, appliance-based solution is easy to deploy and manage.

ForeScout choosing NAC system Datasheet

Industry analysts have called CounterACT one of the most advanced network sensors in the industry. It reveals who and what is connected to your network with pinpoint accuracy, and continuously monitors for changes

Enquire about this product

5 Virus 5 Spyware X Spam 5 Web/IM 5 IPS/Patch Mgmt 5 Data/System Mgmt

ForeScout's CounterACT NAC product is an out-of-band NAC appliance that primarily takes an agentless approach to baselining endpoints (via credential access). ForeScout can also baseline endpoints with persistent or dissolvable agents. CounterACT includes the ability to detect malicious traffic (this capability is included within the product — it does not require integration with a separate IPS appliance). Malicious traffic can be contained using several methods, including VLAN steering, ACLs and TCP resets.

ForeScout NAC Datasheet

The following two images show how ForeScout CounterACT NAC processes Managed Corporate Users and Guests to your Network. 

ForeScout CounterACT How it works for Managed Corporate User

 

ForeScout CounterACT How it works for Network Guest

ForeScout NAC visitor access Datasheet

Feature and Benefits

  • Out-of-Band. Deploys outside of the switch and monitors network traffic as a mirror to the switch port.
  • Built-In Threat Prevention. Patented threat prevention engine protects the network against zero-day self-propagating threats and helps to ensure that every device that attempts to attach to the network is free of viruses and malware.

ForeScout CounterACT vs Conficker Datasheet

  • IT Infrastructure Integration. Leverages and supports all existing IT infrastructure investments. Integrates with all major enterprise switches, both 802.1x and non-802.1x. Provides complete User-to-IP-to-Switch-to-Switch-Port mapping. Pinpoints location (IP->switch->location), user identity (LDAP->authentication) and endpoint system status (patch updates->AV, etc.). Leverages the switch's built-in security mechanism including VLAN assignment and switch post-blocking.

ForeScout NAC deployment Datasheet

  • Clientless Operation. Detects and protects any device with an IP address without the need for a client residing on each endpoint. This includes the detection of devices like VoIP phones, printers, healthcare equipment, manufacturing machinery, etc.
  • Secure Connector Dissolvable Client. Persistent, multi-platform client delivers added peripheral protection for guest/contractor laptops and can be used to detect and disable portable data storage devices such as USB memory sticks on a per-policy basis.

ForeScout USB Protection Datasheet

  • Policy Creation Engine. Offers flexibility to create the right network policies for each individual enterprise. For corporate policies, CounterACT offers out-of-the-box templates and a simple, easy-to-use wizard-based process that guides the IT staff through every step of policy creation. For regulatory standards-based audits (PCI DSS, SOX, ISO27001, GCSx CoCo etc.), CounterACT offers kits that help streamline the compliance audit and reporting process.
  • Policy Compliance Engine. Leverages IT infrastructural and CounterACT's built-in enforcement mechanisms to automate user and device compliance checks and to speed remediation or containment of out-of-compliant devices.
  • Integration. CounterACT integrates with numerous third-party solutions, installs in a few hours and begins delivering real value within a day.
  • Non-Disruptive Roll Outs. CounterACT initial rollouts follow the same well-articulated, non-disruptive management process used to establish network access control and monitor/maintain compliance.
  • Customer Driven, Global Deployment Proven. ForeScout continues to respond to customer requirements, meeting the availability, scalability, and access control demands of the worlds largest organizations in the financial, educational, federal, military, health and manufacturing sectors. CounterACT protects over 500 of the worlds largest and most secure enterprises and military installations with global deployments spanning 37 countries.

Click Here for more details on ForeScout

ForeScout CounterACT Datasheet

Compliance Standards

Castleforce can help you reach GCSx CoCo

GCSX No 9 Intrusion Detection

GCSX No 14 Patch Management

GCSX No 19 Content Analysis

Castleforce can help you reach PCI DSS

Requirement 5: Use and regularly update anti-virus software

Requirement 6: Develop and maintain secure systems and applications

Requirement 7: Restrict access to cardholder data by business need to know

ForeScout PCI Compliance Datasheet

Castleforce can help you reach ISO27001 

A.10.4 Protection against malicious and mobile code 

A.11.4 Network access control  

ForeScout SC Magazine Five Stars

SC MAGAZINE REVIEW 01/10/2009

Lots of features make this solution one to look at closely as you select a NAC solution.

The four most common uses for NAC

  • Guest network services. Isolating guests and visitors from the corporate network, and providing them with limited connectivity — typically, Internet access only. Guest networking was the primary driver in approximately 80% of NAC deployments. Most organizations are starting with wireless guest access and are planning to extend guest networking capabilities to the wired network.
  • Endpoint baselining. Determining if endpoints on the corporate network are compliant with device configuration policies, and providing support for remediation efforts. Endpoint baselining was the primary driver in approximately 15% of NAC deployments.
  • Identity-aware networking. Providing greater visibility and control over user behavior on the network. Organizations add identity awareness to the network to monitor user traffic and enforce access to critical resources. Identity-aware networking was the primary driver in approximately 5% of NAC deployments.
  • Monitoring/containment. Monitoring endpoints or network traffic to detect and quickly contain endpoints that begin to exhibit dangerous behavior. Monitoring/containment is a secondary driver for one of the other three usage cases.

ForeScout Webinars & Demos

Contact Castleforce in order to Register for the following ForeScout Pre-Recorded Webinars & Demonstrations;

"Visibility and Control of Today's Networks"

"Gaining Visibility and Control of the Dynamic Network with NAC"

"NAC Deployment Planning Guide"

"NAC Rescue Stories"

"What's New, What's Next in NAC"

"Real-World IT Cost Savings with NAC"

"24/7/365 Protection with CounterACT"

"CounterACT: USB Detection and Control"

Trend Micro Check Point firewalls and Pointsec Encryption software The Mycroft Gateway solution provides DSAS accredited hosting environments for UK Restricted data Stonesoft produce high availability multi link ISP firewalls to help reduce single point of failure AwareGO IT Security Awareness Training WatchGuard gives you powerful firewall and VPN appliances for small and medium-size enterprises Assuria Compliance and Vulnerability assessment, change detection, file integrity monitoring, Server Hardening and Log Management Lumension Security Extreme Network Switching Reseller Partner Boldonjames secure messaging and document solutions

© Copyright Castleforce 2007-2010. Web design by Theme Group