Posted by & filed under Security.

Today’s Brite Insight is brought to you by one of Brite’s certified ForeScout Engineers, Matt Ostrowski.  Matt specializes in unique ForeScout deployments and enjoys finding new ways to utilize the technology. 

 

When people are first exposed to ForeScout, it is typically as a Network Access Control (NAC) solution. What is NAC? NAC is really just the tip of the iceberg where ForeScout’s CounterACT is concerned. Because of these preconceived notions, CounterACT is often an underutilized software.

ForeScout from an Engineer’s Eyes

As a certified ForeScout engineer, one of the biggest mistakes I see customers making is confining ConterACT to the Security and/or Networking teams. CounterACT is an incredibly versatile product that provides value to many different areas of an organization. With numerous control and remediation options (like the ability to run scripts, check for and stop running services/process, installed applications, etc.), CounterACTs uses become near limitless.

An Advanced Use Case

I have had the opportunity to deploy CounterACT to solve some unique use cases in my numerous installs. In one particular deployment we were able to use CounterACT to replace a device inventory solution. We wrote a policy to parse through the registry of detected endpoints, which are agentless detected, and modify the list to just company assets. Then, we tied those devices to their serial number and connected it to the company’s active directory.

Complimenting ForeScout’s NAC Capabilities

By utilizing the well known device detection capabilities of CounterAct and integrating it to the AD group, ForeScout and Brite were able to provide a better solution then the software previously purchased for this function. CounterACT checks for minimum software versions on a system and automatically places the devices on a quarantined network or pushes a remediation (depending on customized settings put in place) which is an added bonus to what is typically an asset management software.

Want to Know More?

Don’t let the NAC categorization of ForeScout’s CounterACT disqualify them from being an incredibly versatile tool. Interested in learning more of what CounterAct can do? View ForeScout’s white paper – Automating System-Wide Security Response Through Orchestration.

Prefer to have a Brite representative work through how ForeScout can benefit your unique environment? Fill out the form below and we will be in touch shortly!

 

Leave a Reply

Your email address will not be published. Required fields are marked *