ForeScout CounterACT network access control (NAC)

ForeScout Technologies submitted in November, 2011 new SaaS the platform for service of providers. The solutions ForeScout represent the automated platform for information security support of the companies which allows to trace and control all devices connected to corporate network in real time. The new ForeScout CounterACT platform placed in a public or private cloud will allow providers to expand service of opportunity for security of the clients.

Analysts predict that the Managed Security Services (MSS) market will exceed 8 billion dollars by 2015 at the expense of small, medium-sized and large enterprises which try to optimize operational risks, to increase security of the systems and to reduce costs.

The new ForeScout platform gives service to providers following features:

• new services: continuous implementation, simple management, low costs of time and means at higher level of protection of networks of clients;
• flexible mechanism of licensing: a subscription for a month, package discounts, expansion on requirements;
• special marketing materials for promotion and development of service;
• seamless integration: without clients and devices, with full compatibility even with the most complex systems and also lack of need to upgrade networks or security systems of customers;
• readiness "from a box": the platform locates a broad set of the built-in and configured security policies, with opportunities of identification of devices and automatic classification, with the expanded access to network and also with mechanisms of control of compliance of endpoints to standards, warnings of invasions and expanded registration of "guests" in corporate network.

ForeScout joined RSA Certified Partner Program

ForeScout CounterACT underwent in the summer of 2012 certification on the RSA Certified Partner Program program that testifies to full compatibility of the platform with RSA enVision. The ForeScout Technologies company, the famous innovator in the field of access control and the system provider of security for the state enterprises and Fortune companies 1000, announced that its flagman solution ForeScout CounterACT underwent certification on the affiliate program of RSA Certified Partner Program that will allow to integrate seamlessly solutions of ForeScout with the platform of monitoring and management of events of security of RSA enVision. Sharing of these solutions will improve awareness of the companies on events in corporate network, will simplify control of compliance of endpoints to industry standards of security, will simplify collecting of event logs and management of threats.

The hardware-software RSA enVision platform is designed to provide security management, information and events in scales of all enterprise in general. Automating collecting, the analysis and audit of event logs, the notification about incidents and preparation of reports, RSA envision simplifies observance of industry regulatory requirements, increases security and reduces risks and also optimizes IT infrastructure and reduces the cost of its service.

The new generation of NAC of the solutions ForeScout CounterACT integrates functions of identification and security of devices and networks, providing "visibility" and control in real time at the level with the leading industry IT GRC solutions in the field of integrity of a system, protection of wireless networks, confidentiality of corporate data, access control in network, collecting of event logs, etc. Integration with RSA enVision will allow security experts to analyze events of magazines of CounterACT within a centralized system, including attempts of unauthorized connection to network, violations of security requirements on endpoints, abuses of mobile devices and measures for warning and mitigation of threats. ForeScout CounterACT allows to control everything that is connected to corporate network, including personal and corporate mobile devices. Using the multiple-factor system of digital fingerprints, CounterACT does not demand installation of the client for tracking of the installed applications opened ports and network activity of endpoints.

ForeScout CounterACT 7

ForeScout Technologies company announced in the fall of 2012 release of CounterACT 7 uniting technologies "without client" NAC with wireless opportunities 802.1X. It will allow clients to strengthen control over corporate resources and to provide implementation of the principles of BYOD, i.e. to permit employees to use personal devices in corporate network. With new CounterACT the commercial and state enterprises can guarantee permanent observance of requirements of industry standards in the field of protection of network and security of endpoints, having saved at the same time the scheme of internal processes and procedures and also an operation mode, usual for users.

"Implementation of the principles of BYOD very difficult task. The vast majority of the devices connected to corporate network remain uncontrollable, – Phil Hochmouth, the head of security IDC Research comments. – Solutions for access control in network have a number of functions which will be useful in this case. In particular – visibility of network, control of connections of devices and users, policy and standards of security of endpoints".

ForeScout CounterACT 7 sets new, higher level for solutions of the class NAC in terms of simplicity of implementation, an ability to manage, control and strict authentication. It contains more than four tens new improved features, including the hybrid mode for NAC combined with 802.1X and methods of strict authentication for simplicity of deployment and the maximum convenience of users.

• Combines 802.1X with other authentication mechanisms of ForeScout. Allows to simplify connection of corporate and personal mobile devices to corporate network, having minimized difficulties at connection and necessary efforts from a support service.
• Thanks to the built-in services of wireless access, RADIUS of a proxy and services "without client" authentications of CounterACT are provided by the most rapid implementation of NAC in environments where authentication of devices on 802.1X is impossible or requires considerable additional resources.
• Management of the users who were not authenticated is provided through policy on the basis of these accounts and a guest access.

Mechanisms of permanent monitoring and recovery expand possibilities of CounterACT as the automated platform of security management for bigger efficiency, control over IT resources and observance of requirements of standards.

• The analysis of the standard potential difficulties connected with 802.1X before implementation and their solution using the automated CounterACT 7.0 tools.
• The comprehensive monitoring of security of endpoints guaranteeing security of corporate network at the attached devices BYOD.
• The new tactical map giving an opportunity from "one look" to estimate observance of standards and existence of incidents, along with a possibility of detailing, investigation and elimination of problems. One mouse click the administrator can obtain important data on thousands of devices taking into account adverbial modifiers of time, locations, type of the device, feature of violation, etc.
• New enhanced capabilities of search give to IT managers the chance to create selections of operational data for information search on types of devices, operating systems, applications, violations, the cracked smartphones/tablets or not authorized wireless access points.

Connection of Plug-n-play guarantees stable work of CounterACT with the available network and allows administrators to increase and apply gradually politicians of access control to devices and users fully to use safety features, identifications and network managements and mobile devices.

• The improved integration of WiFi with VLAN a quarantine for devices Cisco, Aruba and other suppliers who support MAB and RADIUS for guest networks.
• The built-in templates for mobile devices and double-sided MDM (mobile device management) which provide deployment the politician of control, audit and access control in network and also broad tool kit for control of corporate and personal mobile devices.

Other innovations of CounterACT 7:

• Scalability up to 10 thousand devices on each CounterACT and to two hundred physical or virtual CounterACT in the CounterACT Enterprise Manager console.
• Visibility and control in real time CounterACT.

ForeScout Counteractimobileiron Integration

Integration of the products ForeScout for network access control of CounterACT with the MobileIron system allows to provide unobstructed sight and control of all mobile devices, users, applications, data and network attributes.

Analysts of Gartner in the annual report of MagicQuadrantforNetworkAccessControl (NAC) 20121ozhidayut, the chtorynok of solutions on access control in network in 2013 will grow by 63%, and the amount which the enterprises will spend for NAC and Mdmsistemy will exceed 390 million dollars.

Advantages of integration of ForeScout Counteractimobileiron:

• Automatic, dynamic detection of the uncontrollable iPad, iPhone and Androidustroystv trying to be connected to corporate network in real time.
• Consolidation within a single system of all control facilities of network and regulators of access of devices, such as "permit", "block", "send to a quarantine", "limit", "register as the guest", "isolate" or "begin check on compliance to corporate politicians".
• Seamless initiation of the MDM agent of MobileIron on uncontrollable devices via the simple mechanism of deployment.
• Automatic detection of the cracked devices (jail-broken and root).
• Check of compliance of devices to requirements the politician in real time every time at connection attempt to corporate WiFi of network.
• Forced password protection and enciphering for security of the important corporate data which are stored on mobile devices.
• Maintaining black list of mobile applications and minimum requirements to OS and functions of devices.
• Possibility of remote determination of location, blocking, partial or complete removal of data from the lost or stolen device.
• Single system of control, monitoring and check of compliance to standards for all smartphones, stationary PCs, tablets and notebooks using the ForeScoutCounterACT platform.