October 01, 2014
£5,959.10 (software appliance); £8,551.84 (CT100/A hardware appliance).
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Intuitive GUI combined with excellent features.
- Weaknesses: None found.
- Verdict: Rich feature set, easy to set up and use all at an attractive price point make this our Best Buy.
The ForeScout CounterACT is a policy-based network access control product that allows for inventory, classification and regulation of endpoints and network devices. It is available in several different configurations allowing flexibility and scalability. It can be purchased as a hardware or software appliance. It can be deployed in two different modes. In the first, CounterACT is a standalone installation, but in the second Counteract can become the manager for all of the other CounterACT instances across a network. This allows one person to manage policy across an entire organisation from one console. When setting up this kind of deployment, the admin can set the location of each appliance and it then creates a world map. By looking at the map, administrators can quickly check on compliance statistics in a visual and intuitive way.
We were pleasantly surprised at how easy the ForeScout appliance was to set up. We used a physical appliance for our tests, and after we removed it from the box, connected a monitor and keyboard and turned it on. When we started it up, we were presented with a simple command line setup that was well documented in the included quick-start guide. After we configured the management interface, we were able to access the device via a web browser. It is interesting to note that the device is actually configured by client software, but the machine on which one installs it does not necessarily need to be dedicated to ForeScout. After we installed the included software and connected to the appliance, we were greeted with a well-designed management interface.
The ForeScout CounterACT appliance comes with a robust feature set, but it requires some configuration to make use of all of it. For proper monitoring functionality, it must be connected to a core switch with maximum access to the network. It supports 802.11Q trunking for monitoring across multiple VLANs, but it also comes with plenty of network cards for working with several network spans. Once it is set up, it will automatically begin looking for network devices and categorising them based on built-in policies. The user interface makes it very easy to add and edit policies.
The offering came with a documentation packet in the box. Several manuals were included covering topics such as connection, choosing where in the network to deploy the appliance and basic configuration of the management interface. We found that the documentation was well setup and it included many pictures, diagrams and screen shots.
Basic support starts at $2,519 per year for one appliance and includes web and email support, an online portal, all software updates, nine-hours-a-day/five-days-a-week telephone support, and five business-day hardware replacement. Advanced support starts at $3,218 per year and includes everything from basic support, but bumps the telephone support to 24/7/365.
Because of its rich feature set, we find this product to offer great value for its price. Starting at around $14,000, the hardware appliance comes with an excellent user interface and a ton of out-of-the-box functionality. The capability of this device to interface with nearly any network device and endpoint application adds to its value greatly. We select this as our Best Buy.
Prices are US-based, thus indicative only.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry