ForeScout Technologies ForeScout CounterACT v7.0
October 01, 2012
$15,695 for the virtual appliance, plus active care (does not include hardware).
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy-to-follow dashboard and policy options.
- Weaknesses: Installation requires strong networking skills.
- Verdict: Very good value.
ForeScout CounterACT offers an enterprise-class NAC, assuring network access based on real-time endpoint classification configuration assessment, user and endpoint compliance policy and automated response. The system provides a multifactored approach to identify and classifies all devices, systems, applications and users, assesses adherence to configuration and security policy, and determines if access to network resources should be allowed, denied or limited. The integrated 802.1x and agentless approach delivers complete access and guest management, mobile security and endpoint compliance and remediation capabilities in a centrally managed, highly scalable, high-performance physical or virtual appliance architecture. Like a number of products, Counter ACT detects and responds to many zero-day attacks, as well as suppression of worms propagating across the network. Where ForeScout excels is its approach to slow asymmetric threat identification and response. CounterACT's ability to track and respond to slow attacks, such as an attempt to find a single sensitive data item, is impressive. This feature makes CounterACT a strong addition to a layered approach so as to deal with advanced persistent threats.
Evaluation of the product was performed using the ForeScout virtual appliance hosted on VMware. The front-end application was hosted on a Microsoft 2008 R2 application server. Once the system was configured, we opened the application and began assessing the options. As each page was selected it became clear that use of the product centered around the excellent set of policies. The pre-defined policies and options made the task of getting data flowing in the system very easy. Regarding performance, the system took everything we could throw at it and the system took it all on. The various pages and reports were easy to follow.
From beginning to end the installation and configuration took a little over four hours to get up and running. First steps were to use the USB devices supplied by ForeScout to create the virtual CounterACT appliance within VMware. The network infrastructure had to be modified to allow the necessary VLAN tagging across multiple network segments. CounterACT was installed with span ports to a core switch having domain access to endpoints via directory services.
Installation documentation was very good and made the setup a snap. ForeScout provided a number of documents to help operate and maintain the system. However, the system was so simple to manage that the on-screen instructions made it easy to get the product running.
ForeScout offers two levels of support: basic and ActiveCare. Basic is a no-cost offering with eight-hours-a-day/five-days-a-week telephone assistance with response within three hours. ActiveCare also includes five-day replacement for hardware, 24/7/365 phone support and hardware replacement within two days. Both levels offer web/email and access to an online portal. As well, the company offers access to a knowledge base and FAQ. Advanced support cost is $3,218.
Pricing starts at $15,695 per virtual appliance, providing a great value for an excellent product.
SC Magazine Articles
- Blasphemy! Godless malware preys on nearly 90 percent of Android devices
- 'Password attacks' continue; Citrix becomes latest victim
- Guccifer 2.0 out - Cozy Bear, Fancy Bear hacked DNC, Fidelis analysis shows
- Acer breach caused by improperly stored data
- Check Point tracks two waves of Cerber ransomware hitting U.S., UK
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- MIRCOP ransomware blames victim for attack, demands $28K ransom
- CYBERCOM 'reluctant' to cut off Islamic State internet
- Chinese tech professional caught selling secrets
- How 154M U.S. voter records will affect Americans' security - industry reacts