July 01, 2008
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: A truly massive feature set that goes well beyond just NAC
- Weaknesses: The GUI configuration is non-intuitive and documentation is little help
- Verdict: A big product that functions like a firewall, an IPS and a NAC device all rolled into one
ForeScout's CounterACT took the most time to install and configure. It works much like a network sniffer looking for "malicious sources". These are devices that appear to be sending non-standard network traffic. CounterACT therefore protects a network from zero-day attacks because the filtering is not based on signatures but rather on a deviation from normal network information. The appliance also includes a vulnerability-scanning service that can be used as an automated or manual process launched by the administrator.
The protection offered by the ForeScout device is controlled through a configurable network integrity policy. The policy can automatically find non-compliant devices, such as a workstation that is missing a critical patch. These devices are moved into a quarantine VLAN that restricts access to the organisation's critical resources. CounterACT also provides self-remediation tools. Another component verifies that all mission-critical devices are subject to a hardening process, which is tested by the vulnerability-scanning process.
The product also acts as a wireless enforcement point by detecting rogue access points and functions like an inline firewall. The network firewall protection creates network security zones by allowing an administrator to block network segments in the event of an outbreak, or even deny access to specific devices that have been labelled malicious sources. The firewall feature also blocks unwanted applications, for example unencrypted protocols such as FTP, Telnet or remote procedure call.
The installation was pretty straightforward. The device requires either serial console access or a keyboard and monitor for the initial configuration. The initial setup is menu-driven and only takes a few moments. The second part of the configuration, which is performed through a GUI on the management station, was far more difficult. The initial screens for the GUI made us feel lost and we immediately began looking for the documentation CD. This included several files with such similar names it was almost impossible to find the one we needed. The documentation was also not indexed.
Hardware support for 90 days is included with the purchase. ForeScout offers basic office-hour and extended 24/7 help options.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry