ForeScout CounterACT is an automated security control platform that delivers real-time visibility and control of all devices on your network. ForeScout CounterACT automatically measures compliance with your security policies and remediates endpoint security deficiencies.
The Problem
Many organizations spend millions on endpoint security tools – such as antivirus, encryption, data loss prevention (DLP), and so on – only to have end users turn off or disable those tools. Even in well-managed enterprises, host-based security tools typically do not work properly on at least 20% of systems.
Obtaining an accurate picture of what is happening on your network is extraordinarily difficult. Security teams are often unaware that the information provided to them by existing agent-based security systems (Symantec, McAfee, Trend, Sophos, etc.) or patch management systems (BigFix, Lumension, Microsoft, etc.) is incorrect. Despite the availability of sophisticated security tools, Microsoft reported in 2007 that fewer than 50% of their endpoint computers were fully compliant with their security policies.
Another problem is the fact that auditing policy compliance consumes time and resources that can be doing other things. Security teams do the best they can with limited resources, but they need automated tools to audit endpoint compliance, and provide remediation services when required.
The Solution
ForeScout CounterACT solves these problems. ForeScout CounterACT can ensure that every endpoint on your network is compliant with your security policies. For example, CounterACT can ensure that antivirus is up-to-date, the operating system is properly patched, and the computer is free of illegitimate software such as P2P. Because ForeScout CounterACT is agentless, it works with all type of endpoints–managed and unmanaged, known and unknown, physical and virtual. CounterACT can discover weaknesses in your existing agent-based security systems that would otherwise go undetected.
When CounterACT discovers a security problem, it can automatically fix the problem, or it can leverage your existing remediation or helpdesk systems.