ForeScout CounterACT v6.3.3
September 01, 2010
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: A lot of good usability features built into the management console
- Weaknesses: Light on reporting features; can track and control guest access, but it is through VLAN assignment only
- Verdict: A lot of features for the price
ForeScout CounterACT version 6.3.3 is an out-of-band appliance that provides authentication-based protection for endpoint and VPN devices.
The components include the appliance; the enterprise manager, which provides high-availability options for redundancy and automatic recovery; and the console, which is the application for managing information about network endpoints and devices.
The CounterACT device works through the user authentication management to determine network access and, if agent-based, compliance with policy.
Using the inline-like capabilities, it monitors all traffic on the network (ARP requests, RPC, SSH, SNMP, 802.1X and other techniques) and can immediately detect when a device is attempting to connect to the network or to access it remotely. At that point, the tool will automatically apply whatever policies the administrator has created using the CounterACT policy configuration manager, which is built into the product.
A basic policy might be to deny network access to any device or user that is not present in the enterprise directory (e.g. Active Directory).
The appliance can disable the switch port or perform numerous other network-level actions to deny access. Another feature provides a VLAN firewall capability that can assign endpoints to various VLANs based on policy, and provide the firewall capability in an inline-like fashion without truly sitting as a proxy or a pass-through solution.
ForeScout CounterACT has a good dashboard that is highly customisable and there is a pleasing pop-up help feature to assist with configurations. The policy wizard is easy to use and there is built-in customisable alerting and numerous plug-ins to interact with other network devices.
There is no basic support provided. Support options can be bought for 18 or 23 per cent of the purchase price.
For a price just over c£3,070, ForeScout CounterACT is light on reporting but offers a lot of features and is great value for the money.
SC Webcasts UK
Senior Accreditor, Security Risk and Assurance Manager
Disclosure & Barring Service - Liverpool, Merseyside
DV Cleared Systems Architect - 6 Months - London
Computerfutures - London (North), London (Greater)
CISO – Chief Information Security Officer (Up to £100K)
Evolution Recruitment - London (North), London (Greater)
Head of Security Strategy – London
Evolution Recruitment - London (West), London (Greater)
Information Security Manager
Infosec People - Hammersmith, West London
Sign up to our newsletters
SC Magazine UK Articles
- It's a trap! WhatsApp Gold 'premium' version lures users to malware
- SC Awards Europe 2016 winners announcements!
- Microsoft ends common password use and password lockout
- ISIS radicalises 'lone wolves' through strong social media presence
- 1.5 billion Windows computers potentially affected by unpatched 0-day exploit
- OPenSSL patch introduced flaw, critical fix advised
- Video: Surveying the threat landscape at the SC Roundtable
- MoD goes Splunk to advance information as a 'force multiplier'
- Facebook can no longer share data of German users on WhatsApp
- 86% of over-55s worldwide think they're safe from cyber-criminals