HOME
 

  

Network Access Control

One box. One day to deploy. Works on your terms. Discover ForeScout CounterACT.

The Challenge

Have you read stories about network access control (NAC) solutions that have taken months to deploy? Most of the NAC solutions from major vendors are architectural nightmares. They require installation of 802.1x software on every endpoint, changes and/or upgrades to your entire switch infrastructure, and manual workarounds for devices such as printers that could not accommodate 802.1x agents.

Most NAC products from major vendors also suffer from a limited range of actions. They are good at kicking devices off the network, but that is not good for the business, and it is detrimental to the careers of IT managers.

The ForeScout Difference

ForeScout CounterACT is different from most network access control (NAC) solutions because it is easy to deploy and provides rapid results. Here is why:

  • One box, one day to install. Everything is contained in a single appliance. Setup is easy with built-in configuration wizards.
  • ForeScout works with what you have. All your existing switches, routers, firewalls, endpoints, patch management systems, antivirus systems, directories, ticketing systems–ForeScout CounterACT works with them. We require no infrastructure changes or equipment upgrades.
  • No software. ForeScout CounterACT is agentless, which means it works with all types of endpoints–managed and unmanaged, known and unknown, authorized and rogue. No client installation is required.
  • Non-disruptive. Unlike first generation NAC products that immediately disrupt users with heavy-handed access controls, ForeScout CounterACT can be deployed in a phased approach which minimizes disruption and accelerates results. In the initial phase, CounterACT gives you visibility to your trouble spots. When you want to move forward with automated control, you can do so gradually, starting with the most problematic locations and choosing an appropriate enforcement action.
  • Accelerated results. ForeScout CounterACT provides useful results on Day 1 by giving you visibility to problems on your network. The built-in knowledge base helps you configure security policies quickly and accurately.

Second, unlike the NAC solutions from major vendors that use heavy-handed controls and disrupt users, ForeScout CounterACT provides an extensive range of automated controls which keeps the business running to the maximum extent possible. The list includes:

User enforcement and education 

 

  • Open trouble ticket
  • Send email to user or administrator
  • Create traps
  • Syslog
  • Personalized web message (network use policy, self remediation, etc.)
  • Auditable end-user acknowledgement
  • Force authentication/password change
  • Log-off user, disable user AD account
 Application control and remediation 

 

  • Application start or stop
  • Peer-to-peer/IM start or stop
  • Apply updates and patches
Network access control 

 

  • Port disable (802.1X, SNMP)
  • VLAN control
  • VPN disconnect
  • ACL block at the switch, firewalls and routers
  • Wireless allow/deny
  • Quarantine until the devices is remediated
 Application control and remediation 

 

  • Application start or stop
  • Peer-to-peer/IM start or stop
  • Apply updates and patches
Traffic control 

 

  • Virtual firewall
  • Update network ACL (switch, router, firewall)
 Operating system control and remediation 

 

  • Patch/hotfix update
  • Registry configuration
  • Process start/stop
  Device control 

 

  • Disable NIC
  • Shutdown PC
  • Disable use of peripheral device

 

 
 
Company | Career | News & events | Contact Us
@ - 2011 - All Rights Reserved. All the information subjected to change does not constitute a contract or part of a contract.
This website can be viewed best in IE 7.0 or upgraded versions.