ForeScout CounterAct v7.0
January 07, 2013
c£9,895 for the virtual appliance, plus active care (does not include hardware)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy-to-follow dashboard and policy options. The documentation is great, and the on-screen instructions alone are enough to get it up and running
- Weaknesses: Installation requires strong networking skills
- Verdict: Very good value
ForeScout CounterAct offers enterprise-class NAC, assuring network access based on real-time endpoint classification configuration assessment, user and endpoint compliance policy and automated response. The system provides a multifactored approach to identify and classifies all devices, systems, applications and users, assesses adherence to configuration and security policy, and determines if access to resources should be allowed, denied or limited.
The integrated 802.1x and agentless approach delivers complete access and guest management, mobile security and endpoint compliance and remediation capabilities in a centrally managed, highly scalable physical or virtual appliance.
Where ForeScout excels is its approach to slow asymmetric threat identification and response. CounterAct's ability to track and respond to slow attacks, such as an attempt to find a single sensitive data item, is impressive. This makes it a strong addition to a layered approach, so as to deal with advanced persistent threats.
Evaluation of the product was performed using the ForeScout virtual appliance hosted on VMware. The front-end application was hosted on a Microsoft 2008 R2 application server. It became clear that use of the product centred on the excellent set of policies. The pre-defined policies and options made the task of getting data flowing in the system very easy. Regarding performance, the system took everything we could throw at it, and the various pages and reports were easy to follow.
From beginning to end, the installation and configuration took a little over four hours. First steps were to use the USB devices supplied by ForeScout to create the virtual CounterAct appliance within VMware. The network infrastructure had to be modified to allow the necessary VLAN tagging across multiple network segments. CounterAct was installed with span ports to a core switch having domain access to endpoints via directory services.
Installation documentation, as well as that to help operate and maintain the system, is very good. And the system was so simple to manage that the on-screen instructions alone made it easy to get the product running.
ForeScout offers two levels of support: basic (free) and ActiveCare (c£2,000).
Pricing starts at c£9,895 per virtual appliance, providing a great value for an excellent product.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Former Expedia IT employee admits to hacking execs from the inside
- Cyber-insurance: What will you be able to claim for and is it worth it?
- Levelling the playing field against targeted attacks
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime
- IoTSF conference: EU should become de facto regulator