Forescout

ForeScout provides solution for management and controlling network access. In comparison to typical Network Access Control (NAC) technologies, CounterACT is an agentless solution that allows detecting, identifying and controlling all devices connected to IT and OT networks (SCADA/ICS). It works with heterogeneous network infrastructure, thus providing platform flexibility through the use of preferred network products — with or without 802.1x authentication.

Although the ForeScout CounterACT solution is also available in the standard version that includes the agent, the agentless approach proposed also ensures verification of endpoints for Windows, MacOS, and Linux systems as well as IoT devices.

In addition to the basic platform, ForeScout offers modules that enable integration with third-party solutions, including NGFW — CheckPoint, Palo Alto Networks, PAM — CyberArk, SIEM — Juniper (QRadar), VA — Rapid7 and EMM — MobileIron.

ForeScout CounterACT consists of three main features enabling efficient execution of previously described tasks:

 

MORE INFORMATION:

https://www.forescout.com/

Description of technology

Device visibility

Threat detection and response - detects malicious behavior and provides the incident response for compromised unmanaged devices (i.e. integration with firewalls, switches, etc.).

Visibility and asset inventory - passively monitors all devices on the networks and provides the visibility of managed and unmanaged devices, incl. IoT.

NAC

CONTROL - Continuous network scanning and monitoring the activity of all devices ensures automation and exercising control based on rules regarding network access and compliance of terminal equipment with security policy. Automatic repair reduces the risks and increases the level of security of workstations without user's intervention.

ORCHESTRATION - Integration with over 70 providers of network and security solutions. Information exchange, automation of management processes and automatic response to incidents ensure increased level of network security.

VISIBILITY - Aiming to ensure 100% detection of connected devices and their identification. The ForeScout Device Cloud repository is used which is automatically updated in real time thanks to feedback from customers.

SCADA/OT Security

SCADA / OT Security - Detects anomalies in industrial networks based on analysis of behavior and matching patterns of malicious activity. Automatically discovers resources, visualizes communication paths up to the lowest levels of the OT network where technological processes are controlled. Passive monitoring only - it does not influence the OT network, no active scanning is required, there is no need to install software on end devices. Sends security alerts to SOC using SYSLOG.

Helpful files

Authorized trainings

Interested? Check our training offer.

Subscribe
Videoguides

Installation | Configuration | Use

Watch