GBAF Logo
Diagram illustrating ForeScout and McAfee integration for dynamic endpoint protection - Global Banking & Finance Review
This image depicts the integration of ForeScout CounterACT with McAfee solutions, showcasing dynamic endpoint protection. It highlights the collaboration aimed at improving network security and compliance in enterprise environments.
Top Stories

FORESCOUT PARTNERS WITH MCAFEE TO DELIVER DYNAMIC ENDPOINT PROTECTION

Published by Gbaf News

Posted on November 3, 2014

4 min read

· Last updated: February 11, 2019

Add as preferred source on Google
fintech Digital banking cybersecurity fintech

ForeScout and McAfee Announce Strategic Partnership

ForeScout Technologies has announced a new partnership with McAfee, part of Intel Security, to provide a new and enhanced interoperability between ForeScout CounterACT™ and McAfee solutions. The integrations combine the abilities of ForeScout products, McAfee products and the McAfee Data Exchange Layer (DXL) to enable customers to protect infrastructure while supporting initiatives such as bring your own device (BYOD). ForeScout CounterACT will leverage the McAfee Threat Intelligence Exchange (TIE) to make enforcement and remediation decisions based on relevant security information shared between endpoints, gateways and other security products. This rapid information dissemination is part of a more proactive, integrated approach to fortifying a security posture.

McAfee MVM integration graphic“Given the dynamic nature of next-generation threats, organisations can no longer rely on isolated security solutions,” said Christopher Kissel, industry analyst, Network Security, at Frost & Sullivan. “To ensure the most comprehensive levels of protection, an integrated approach that speeds response is necessary to address advanced threats and close potential endpoint compliance gaps.”

Overview of ForeScout CounterACT Capabilities

ForeScout’s pervasive network security platform, CounterACT, enables IT organisations to efficiently address network visibility, access control, endpoint compliance and threat management challenges in today’s increasingly complex enterprise networks. McAfee TIE solutions combining ForeScout CounterACT and other McAfee products were showcased at the recent McAfee FOCUS 14 event in Las Vegas including:

  • McAfee Threat Intelligence Exchange (TIE) and Data Exchange Layer (DXL) Interoperability – ForeScout demonstrated CounterACT interoperability with McAfee TIE by leveraging McAfee DXL and how CounterACT can onboard a BYOD laptop and verify the hashes of running processes against the McAfee TIE’s file reputation repository. CounterACT can then apply appropriate access policy and remediation actions based on whether or not any malicious files are detected. This interoperability showcases how organisations can extend their security controls to BYOD laptops that may not be running McAfee endpoint protection agents.
  • McAfee ePolicy Orchestrator (ePO) Software Integration – Updated to support McAfee ePO 5.1.1, CounterACT integrates bi-directionally, consuming information about endpoint properties and notifying McAfee ePO of changes. Both systems can then take action. For example, CounterACT detects devices as they connect to the network, validates that the device and user are authorised, and then assesses the device security posture, including whether or not the McAfee ePO host agent is installed, running and up-to-date. When non-compliance is identified, CounterACT can inform McAfee ePO to take action, or CounterACT can attempt to remediate the violation directly. In addition, ForeScout showcased how CounterACT can take quarantine actions based on malware or other violations detected by McAfee ePO software, including new malware detections identified using McAfee TIE.
  • McAfee Vulnerability Manager (MVM) integration – The new integration between ForeScout and MVM harnesses CounterACT’s real-time network visibility and automated controls for more comprehensive, efficient and timely vulnerability assessment and risk mitigation. CounterACT informs McAfee MVM as soon as a device connects to the network, thereby enabling real-time vulnerability scanning of endpoints, including transient devices that may be missed by periodic polling. CounterACT then leverages the real-time MVM scan information for policy-based access control and remediation, such as quarantining or remediating vulnerable systems. This integration supports MVM version 7.5 and above.

MVM“We are pleased to be partnering with ForeScout to help enable adaptive endpoint protection,” said Ed Barry, vice president of Global Technology Alliances at McAfee, part of Intel Security. “The real-time capabilities that CounterACT brings to McAfee ePO software, MVM and TIE by leveraging both the ControlFabric™ architecture and McAfee DXL gives joint customers the ability to monitor their corporate and BYOD endpoints in real time for indicators of compromise (IOCs) and non-compliance, ultimately providing them with actionable intelligence to help increase overall security posture.”

Addressing Advanced Threats and Zero-Days

“The growing breadth and sheer velocity of malware, advanced persistent threats (APTs) and zero-day exploits necessitates a more forward-looking approach to threat management,” said Wallace Sann, federal CTO at ForeScout. “By combining the functionality of CounterACT with McAfee solutions, mutual customers can detect, contain and remediate potential exposures more efficiently and effectively.”

Availability and Compatibility Details

Interoperability for McAfee ePO versions 4.6 and 5.1 or higher is available to customers who are licensed and have maintenance for the ForeScout ePO Integration Module. Interoperability with MVM is available to those customers who have licensed the ForeScout Vulnerability Assessment Integration Module. McAfee TIE and DXL interoperability is planned for commercial availability in 2015.

Key Takeaways

  • ForeScout CounterACT integrates bi-directionally with McAfee solutions via DXL and TIE for real‑time endpoint threat enforcement.
  • Integration supports BYOD, enabling visibility and remediation of unmanaged Windows devices using process‑hash threat scoring.
  • Supports McAfee ePolicy Orchestrator and Vulnerability Manager for posture assessment, policy enforcement, and vulnerability remediation.
  • Enables faster, proactive response by automating quarantine or remediation actions based on integrated threat intelligence.

References

Frequently Asked Questions

What does the ForeScout‑McAfee integration achieve?
It enables real‑time, bidirectional sharing between ForeScout CounterACT and McAfee security tools via DXL/TIE for proactive endpoint threat detection and remediation.
Which McAfee products integrate with ForeScout CounterACT?
Integrations include McAfee Threat Intelligence Exchange (TIE) via DXL, ePolicy Orchestrator (ePO) for posture and compliance, and Vulnerability Manager (MVM) for real‑time scanning and remediation.
How does the integration affect BYOD devices?
CounterACT scans BYOD Windows devices, checks process hashes against TIE’s threat database, and applies access policies or quarantine actions if threats are detected.

Tags

Related Articles

Image for Why Curiosity Is the Hidden Engine Behind Every Big Idea

Why Curiosity Is the Hidden Engine Behind Every Big Idea

Image for The Silent Shift Reshaping Global Finance

The Silent Shift Reshaping Global Finance

Image for The Invisible Forces Rewiring Global Finance—And Why the Shift Is Already Underway

The Invisible Forces Rewiring Global Finance—And Why the Shift Is Already Underway

Image for The Global Finance Reset No One Is Talking About—But Everyone Is Feeling

The Global Finance Reset No One Is Talking About—But Everyone Is Feeling

Image for The Financial Trend Hiding in Plain Sight—Why Everything Feels the Same, But Isn’t

The Financial Trend Hiding in Plain Sight—Why Everything Feels the Same, But Isn’t

Image for The Financial System’s New Rhythm—Why Change Is Happening Without Disruption

The Financial System’s New Rhythm—Why Change Is Happening Without Disruption

More from Top Stories

Explore more articles in the Top Stories category

Image for The Subtle Forces Reshaping Global Finance—And Why They Matter Now
The Subtle Forces Reshaping Global Finance—And Why They Matter Now
Image for The Quiet Realignment of Global Finance—Why the System Is Changing Without a Shock
The Quiet Realignment of Global Finance—Why the System Is Changing Without a Shock
Image for The Global Financial Shift That Feels Small—But Is Changing Everything
The Global Financial Shift That Feels Small—But Is Changing Everything
Image for The Financial System’s Invisible Pivot—Why the Biggest Changes Don’t Make Headlines
The Financial System’s Invisible Pivot—Why the Biggest Changes Don’t Make Headlines
Image for Why Global Supply Chains Are Becoming Smarter, Faster, and More Resilient
Why Global Supply Chains Are Becoming Smarter, Faster, and More Resilient
Image for Why Workforce Agility Is Becoming Critical in the Future of Work
Why Workforce Agility Is Becoming Critical in the Future of Work
Image for Why Global Trade Is Entering a New Era of Resilience and Reinvention
Why Global Trade Is Entering a New Era of Resilience and Reinvention
Image for Why Cybersecurity Is Becoming a Core Business Priority in the Digital Economy
Why Cybersecurity Is Becoming a Core Business Priority in the Digital Economy
Image for Why Data-Driven Decision-Making Is Becoming the Backbone of Modern Business Strategy
Why Data-Driven Decision-Making Is Becoming the Backbone of Modern Business Strategy
Image for How Real-Time Data Is Redefining Decision-Making in the Digital Economy
How Real-Time Data Is Redefining Decision-Making in the Digital Economy
Image for Why Cash Flow Visibility Is Becoming the Most Critical Metric for Business Survival
Why Cash Flow Visibility Is Becoming the Most Critical Metric for Business Survival
Image for How Digital Payments Are Redefining the Speed and Scale of Global Commerce
How Digital Payments Are Redefining the Speed and Scale of Global Commerce
View All Top Stories Posts