ForeScout Technologies, Inc. has announced the integration of ForeScout CounterACT™ security platform with McAfee Threat Intelligence Exchange (TIE) via the McAfee Data Exchange Layer (DXL). With this integration, ForeScout is building on over five years of integration with McAfee ePolicy Orchestrator and other Intel Security technologies and solutions. The result of this integration helps Intel Security customers extend their investment in real-time endpoint intelligence and threat data to protect their networks from unmanaged and BYOD devices.
ForeScout CounterACT is one of the first third-party solutions to integrate with McAfee TIE over the McAfee Data Exchange Layer open platform, delivering core benefits that include:
- Bi-directional information sharing: The combined solution solves the problem of detecting, assessing and remediating unmanaged Windows devices on corporate networks. The integrated offering enables bi-directional information sharing among existing McAfee security and management systems, helping automate security processes and minimise fragmented security operations.
- BYOD visibility: ForeScout CounterACT provides real-time visibility into the customer network, detecting devices the moment they try to connect to the network. If the device is a BYOD Windows device, ForeScout scans the system to identify all running processes to maximise network visibility and security.
- Real-time threat ranking: CounterACT requests the threat ranking of all devices’ running processes. Information is shared with ForeScout CounterACT via the McAfee Data Exchange Layer (DXL), prompting the McAfee Threat Intelligence Exchange (TIE) to respond back with a threat score for each process.
- Malicious process mitigation: Based on the threat score, CounterACT allows devices to access networks as appropriate. Based on the network security policies, it can quarantine or limit network access of devices that contain malicious processes. In addition, CounterACT can terminate those processes to mitigate risk and remediate the endpoint if needed.
- The proliferation of BYOD policies has enabled greater productivity: With this proliferation, IoT and BYOD devices circumvent security controls, serving as network-attached launching points for malware. Unfortunately, traditional endpoint security products can’t detect whether BYOD computers are infected because the traditional systems rely on agents that are not deployed on BYOD computers. To solve this issue, ForeScout and Intel Security have joined forces to share threat intelligence to control BYOD endpoints without a McAfee client.
Rob Greer, senior vice president, ForeScout Technologies, Inc., said: “One of the core challenges facing the industry today is that for the most part, security companies simply aren’t sharing information with one another. This hobbled approach results in data siloes and allows threats to spread like wildfire.”
D.J. Long, sr. director and head of security innovation alliance, Intel Security said:
“ForeScout CounterACT, through its integration into McAfee Threat Intelligence Exchange via the McAfee Data Exchange Layer, applies threat intelligence to unmanaged BYOD devices from contractors, employees, network guests, and others. Customers can integrate multiple security components resulting in real-time information sharing between all their solutions.”
ForeScout will be demonstrating its joint solution with Intel Security DXL/TIE, and other Security Innovation Alliance partners, at FOCUS15 on 26-28 October in Las Vegas.