ForeScout CounterACT v6.3.3
September 01, 2010
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: A lot of good usability features built into the management console
- Weaknesses: Light on reporting features; can track and control guest access, but it is through VLAN assignment only
- Verdict: A lot of features for the price
ForeScout CounterACT version 6.3.3 is an out-of-band appliance that provides authentication-based protection for endpoint and VPN devices.
The components include the appliance; the enterprise manager, which provides high-availability options for redundancy and automatic recovery; and the console, which is the application for managing information about network endpoints and devices.
The CounterACT device works through the user authentication management to determine network access and, if agent-based, compliance with policy.
Using the inline-like capabilities, it monitors all traffic on the network (ARP requests, RPC, SSH, SNMP, 802.1X and other techniques) and can immediately detect when a device is attempting to connect to the network or to access it remotely. At that point, the tool will automatically apply whatever policies the administrator has created using the CounterACT policy configuration manager, which is built into the product.
A basic policy might be to deny network access to any device or user that is not present in the enterprise directory (e.g. Active Directory).
The appliance can disable the switch port or perform numerous other network-level actions to deny access. Another feature provides a VLAN firewall capability that can assign endpoints to various VLANs based on policy, and provide the firewall capability in an inline-like fashion without truly sitting as a proxy or a pass-through solution.
ForeScout CounterACT has a good dashboard that is highly customisable and there is a pleasing pop-up help feature to assist with configurations. The policy wizard is easy to use and there is built-in customisable alerting and numerous plug-ins to interact with other network devices.
There is no basic support provided. Support options can be bought for 18 or 23 per cent of the purchase price.
For a price just over c£3,070, ForeScout CounterACT is light on reporting but offers a lot of features and is great value for the money.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Researchers hack Visa cards in six seconds
- The information security implications of M&A deals
- Cyber-security must reflect risk not just regulation
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?