FORESCOUT TO EXTEND ENDPOINT VISIBILITY AND CONTROL BEYOND THE ENTERPRISE NETWORK
Remote users, mobile and transient devices, BYOD and cloud computing are the new normal for today’s “extended enterprise network.” To be competitive, businesses need to provide their users unfettered, any means access to corporate networks and hosted corporate resources without compromising security. In response to these factors, ForeScout Technologies, Inc., a leading provider of pervasive network security solutions for Global 2000 enterprises and government organisations, has revealed plans for CounterACT RemoteControl, which enables IT organisations an easy and effective means to monitor and enforce policy of remote corporate and personally owned devices.
According to an IDC report, the world’s mobile worker population will reach 1.3 billion or 32.7 percent of the total workforce by 2015.1 As such, employees are using their PCs and smart devices to conduct business activities online and off the corporate network. Companies have made considerable investments towards issuing security policies and implementing host-based security controls, such as patch management, anti-malware, firewall, intrusion prevention and encryption. IT organisations predominantly use network access control (NAC) solutions to monitor and enforce endpoint security standards for both company-owned and personal devices that are connected to the network. Unfortunately, endpoint compliance is less assured for remote and transient devices that are online but not connected to the corporate network – making them susceptible to advanced threats, data leakage and other security exposures.
Driven by customer demand, ForeScout will reduce these risks by enabling its award-winning ForeScout CounterACT™ platform to continuously monitor and bolster endpoint security for devices both on and off the network with the introduction of CounterACT RemoteControl. By simply activating this CounterACT capability, IT organisations can:
- Gain visibility into remote corporate-issued and BYOD-enrolled devices
- Use one set of endpoint compliance policies and have them automatically and appropriately applied to devices both on and off the corporate network
- Uniformly monitor endpoint security standards to track adherence, to facilitate mitigation of violations and exposures and to help preempt threats before they reach the corporate network
- Reduce the costs associated with host-based security issues and related remote user help desk calls and problem-resolution tasks
- Preserve user experience by enabling granular, flexible policies that can inform users or attempt to mitigate problems before they connect to the corporate network
“Our customers are initially stunned to learn of the number and types of devices actually on their networks and, more so, the extent of non-compliant devices accessing network resources,” said Gord Boyce, CEO of ForeScout. “By leveraging ForeScout CounterACT, IT can close these blind spots. Customers also have concerns about their visibility and security over remote users and devices. The upcoming CounterACT RemoteControl capability allows us to address these risks and deliver on our promise of pervasive network security.”
ForeScout intends to offer the CounterACT RemoteControl capability as a downloadable software option that will be available to ForeScout customers under active maintenance at no additional charge. The option would transform a new or existing CounterACT into a CounterACT RemoteControl appliance. This RemoteControl appliance is placed outside the corporate network in a corporate DMZ and is administered through the CounterACT Enterprise Manager – dynamically updating remote endpoint security policy and obtaining remote endpoint intelligence. A ForeScout SecureConnector client for PCs is used to monitor and enforce policy and remediate issues on the remote device as well as communicate with the RemoteControl appliance. The planned release opens the door for additional managed security services.
Scott Gordon, ForeScout’s CMO, commented, “When remote employees VPN into the corporate network with their corporate-owned or personal PC, they would hit CounterACT and be assessed against policy before continuing to access network resources. Policy violations can result in a possible warning, just informing IT of an endpoint issue or threat, informing the user to do an update, having CounterACT attempt to remediate a system issue, or at the extreme, limit access to network resources. With CounterACT RemoteControl, our customers gain enhanced visibility and control for their extended network, i.e. those remote systems that are online but off network. This enhanced security control can not only preempt threats from entering the network or from impacting the system, but also preserves user experience.”
1 IDC Worldwide Mobile Worker Population 2011-2015 Forecast, Dec. 2011 (Doc #232073)