ForeScout's Tiered BYOD Security Solution - Part 2
In my previous blog post, I discussed how ForeScout CounterACT provides a good foundation for BYOD. It is economical, easy to deploy, and allows you to enforce a wide variety of sophisticated network access policies.
If you need stronger mobile security, then we offer ForeScout CounterACT with our optional ForeScout Mobile Security Module. With this you get enhanced device security for Android and iOS devices. ForeScout Mobile Security Module gives you deep inspection of Android and iOS devices, so you can determine the security posture. Is a password configured? Is the device jailbroken? Is encyption turned on? This lets you enforce more sophisticated network access control policies than you can with just CounterACT by itself. For example, you might want to specifically block jailbroken iOS devices from your network.
In addition, ForeScout Mobile Security Module lets you manage the configuration of Apple iOS devices. We leverage Apple’s built-in MDM API to control almost every aspect of the phone, using Apple’s policy framework which is built into the iOS 4 operating system. This does not require the installation of any type of agent on the Apple device. All the visibility and control is provided natively from within the iOS operating system, using ForeScout CounterACT with ForeScout Mobile Security Module. You can directly set the password policy, remotely wipe the data, and many other functions.
In this solution tier, the impact on users remains very light, and the price is slightly higher than the first tier.
In my next blog post, I'll describe how ForeScout Mobile Integration Module allows you to integrate ForeScout CounterACT with 3rd party MDM systems.