ForeScout Technologies CounterACT, Version 6


The CounterACT product from ForeScout is unique in a few ways. First, the product appliance is based on, and the policy is enforced through, a network tap configuration. The product is designed to be reading network traffic from a switch span port. This would allow the device to see all of the data on that network segment. It is easy to see the placement of the CounterACT device near a backbone switch. This would allow an organization with a small number of devices to enforce policy for a large number of endpoints. The CounterACT product does not require a software client to be installed on workstations or other devices. Rather, the CounterACT product works similarly to other 802.1X authentication mechanisms to move clients in violation to reduced access virtual local area network (VLANs). This type of configuration allows for endpoints to be more than workstations, and endpoints can include wireless access points, smart phones and laptops.

The installation of the CounterACT device is performed through a HyperTerminal-like session and a serial cable, or the installation can be done via a keyboard and monitor attached directly to the device. The configuration is not difficult. The management interface holds an IP address while the monitoring interface has no valid address. The management station has an application installed on it, which allows the station to configure, manage and gather reports.

The documentation is available in both printed and electronic format and the documentation is well done. ForeScout provides support through phone and email, but online resources are for registered users only. Premium and additional support is available with an associated annual fee.

The cost of the ForeScout CounterACT product is about average. When considering that the features of the CounterACT product mimic the features of an intrusion prevention system, the cost is very reasonable.

Product title
ForeScout Technologies CounterACT
Product info
Name: CounterACT, Version 6 Description: Price: Starts at $4,995
A well-built application that uses a base of an intrusion prevention system.
The product only sees network traffic on a segment. In some environments, this may necessitate several devices.
A unique approach to policy management. The clientless install is an administration saver, but the product does not protect devices not on the the local network

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.