IronPort Reputation Filters

Emerging technologies

Gold Award:



In the film Marathon Man, Laurence Olivier repeatedly asks Dustin Hoffman, "Is it safe?" to proceed with his plans. Corporations ask the same question every time a user--especially a mobile user--logs in to the corporate network.

In the often confusing and still immature network access control market, ForeScout Technologies' CounterACT hits the sweet spot, providing flexible, policy-based security with minimal impact on infrastructure and users.

This is no mean feat, as corporations try to make sense of competing solutions--Cisco's NAC, Microsoft's NAP, Trusted Computing Group's standards-based Trusted Network Connect and a fistful of third-party products.

CounterACT is innovative technology that solves an important problem, from a company that earned credibility with its flagship product, ActiveScout, which brought a fresh and effective approach to network intrusion prevention.

That pedigree shows through in CounterACT, which provides a measure of intrusion prevention to its network access protection, using signature-less interrogation to detect and isolate self-propagating malware and worms, preventing mobile and remote devices and unmanaged computers from infecting the corporate network.

Managing the unmanaged is a key CounterACT advantage. Its agentless technology scans any device for appropriate access policy compliance, with responses from keeping the device off the network to limited access and/or remediation. CounterACT boasts fine-grained inspection, matching agent-based technology--desktop firewall, antivirus definitions, patch levels and specific files and registry entries.

CounterACT is a nondisruptive technology. It works out-of-band, typically spanning off a distribution-layer switch or VPN concentrator, requiring no network infrastructure changes. Its FastPass feature allows users with uninfected devices to continue to log in and go to work even as scanning for policy compliance continues. Its Virtual Firewall can block a specific port or service and block user access to unauthorized or threatened resources, depending on scan results.

It performs vulnerability assessments on all connected network devices (and works with third-party VA scanners), building a complete network inventory and generating event reports. It's highly scalable, with one central manager controlling up to XXX CounterACT devices. Information Security's product review from August 2006 says, "CounterACT provides a lot of bang for the buck. It's flexible and easy to use, providing intrusion detection/prevention and network access controls."

ForeScout's roadmap is focused on user- as well as device-based control. In addition to its tight integration with Active Directory, it announced integration with Sun Microsystems' identity management solutions at the recent RSA Conference and plans additional announcements with leading IDM vendors.

View all Emerging technologies