ForeScout Technologies ForeScout CounterACT v7.0
October 01, 2012
$15,695 for the virtual appliance, plus active care (does not include hardware).
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy-to-follow dashboard and policy options.
- Weaknesses: Installation requires strong networking skills.
- Verdict: Very good value.
ForeScout CounterACT offers an enterprise-class NAC, assuring network access based on real-time endpoint classification configuration assessment, user and endpoint compliance policy and automated response. The system provides a multifactored approach to identify and classifies all devices, systems, applications and users, assesses adherence to configuration and security policy, and determines if access to network resources should be allowed, denied or limited. The integrated 802.1x and agentless approach delivers complete access and guest management, mobile security and endpoint compliance and remediation capabilities in a centrally managed, highly scalable, high-performance physical or virtual appliance architecture. Like a number of products, Counter ACT detects and responds to many zero-day attacks, as well as suppression of worms propagating across the network. Where ForeScout excels is its approach to slow asymmetric threat identification and response. CounterACT's ability to track and respond to slow attacks, such as an attempt to find a single sensitive data item, is impressive. This feature makes CounterACT a strong addition to a layered approach so as to deal with advanced persistent threats.
Evaluation of the product was performed using the ForeScout virtual appliance hosted on VMware. The front-end application was hosted on a Microsoft 2008 R2 application server. Once the system was configured, we opened the application and began assessing the options. As each page was selected it became clear that use of the product centered around the excellent set of policies. The pre-defined policies and options made the task of getting data flowing in the system very easy. Regarding performance, the system took everything we could throw at it and the system took it all on. The various pages and reports were easy to follow.
From beginning to end the installation and configuration took a little over four hours to get up and running. First steps were to use the USB devices supplied by ForeScout to create the virtual CounterACT appliance within VMware. The network infrastructure had to be modified to allow the necessary VLAN tagging across multiple network segments. CounterACT was installed with span ports to a core switch having domain access to endpoints via directory services.
Installation documentation was very good and made the setup a snap. ForeScout provided a number of documents to help operate and maintain the system. However, the system was so simple to manage that the on-screen instructions made it easy to get the product running.
ForeScout offers two levels of support: basic and ActiveCare. Basic is a no-cost offering with eight-hours-a-day/five-days-a-week telephone assistance with response within three hours. ActiveCare also includes five-day replacement for hardware, 24/7/365 phone support and hardware replacement within two days. Both levels offer web/email and access to an online portal. As well, the company offers access to a knowledge base and FAQ. Advanced support cost is $3,218.
Pricing starts at $15,695 per virtual appliance, providing a great value for an excellent product.