ForeScout Technologies' CounterACT Further Simplifies Network Access Control by Detecting and Blocking Rogue Wireless Access Points

CounterACT 5.1 Capitalizes on Existing Wired Network to Defend Against Rogues; Simplifies Policy Management, Lowers TCO

CUPERTINO, Calif., Jan. 30 - ForeScout Technologies, the leading provider of clientless Network Access Control (NAC) solutions, today announced a significant update to its flagship product, CounterACT(TM), with a 5.1 version release. This update significantly enhances CounterACT's ability to detect and disable rogue wireless access points deployed at any location on an enterprise network over the wire, effectively eliminating an increasingly common vulnerability in enterprise networks. CounterACT secures wired and wireless networks transparently by ensuring that unknown devices and endpoints that are non-compliant with the network security policies cannot gain access to critical infrastructure or sensitive information assets. ForeScout's security platform seamlessly integrates into existing network environments without requiring additional equipment, ensuring simple deployment and lowering the total cost of network ownership.

"ForeScout's clientless NAC solutions greatly increase network security while simplifying the deployment and management processes," said T. Kent Elliott, CEO of ForeScout Technologies. "With seamless integration to 95% of the switches in use today, there is no need to 'rip and replace' existing equipment. Adding the ability to detect and shut down rogue wireless access points is yet another example of our commitment to customers to protect against all attack sources."

CounterACT is a network security device that provides clientless network access control NAC and Intelligent Intrusion Prevention(TM) by monitoring traffic entering and exiting the protected network segment. Once a network policy violation, self-propagating malware, or an intelligent hacker has been identified, CounterACT can automatically restrict or deny access to the network, block the threat or suppress propagation. Multiple CounterACTs can be distributed across an enterprise and share malicious code threat alerts and policy violations, creating a uniform layer of security at all protected network segments. Additionally, CounterACT provides an ongoing network vulnerability assessment to identify and mitigate passive threats found throughout the LAN.

New features in CounterACT 5.1 include:
-- Rogue wireless detection over the wireCounter ACT can detect and disable a rogue wireless access point deployed at any location on the network without the need for additional RF equipment. This neutralizes another prevalent attack mechanism and further strengthens the breadth of network security policies that can be created and automatically enforced.
-- Managing the unmanaged
CounterACT 5.1 ensures maximum security and business continuity by enabling an in-depth interrogation of unknown/unmanaged endpoints, prior to connecting to the network, without the need for an intrusive software agent or manual inspection and processing by IT staff. Endpoints found to be non-compliant can be allowed baseline access as defined by policy, necessary to perform job tasks to ensure productivity with minimal disruption.
-- Plug-in and third-party tool management
CounterACT 5.1 streamlines network policy enforcement by providing a centralized management interface to all plug-ins installed on appliances distributed throughout the enterprise, including switch integration (e.g., Cisco), helpdesk (e.g., Remedy), patch management (e.g., PatchLink), firewall (e.g., Checkpoint) and VPN (e.g., Cisco VPN3K). In addition, CounterACT 5.1 features an extended API to allow remote monitoring and management of the appliances by third-party utilities.
-- 802.1x integration
CounterACT 5.1 expands the integration capabilities of ForeScout's security platform by seamlessly integrating into any network environment with full or partial 802.1x deployment. This allows CounterACT to leverage the existing infrastructure to define and enforce policies, authentication, remediation, and VLAN assignment, not requiring the wholesale upgrade of existing network equipment.
-- Self-remediation
Depending on what is discovered during the initial and subsequent endpoint scans, CounterACT 5.1 integrates with the PatchLink remediation system to ensure that users can immediately self-correct issues that may be preventing their access to the network without IT intervention.

"As employees and contractors increasingly access critical information assets via both internal, wireless, and VPN connections, ensuring each device is properly authorized is a nightmare," says Mike Rothman, President and Principal Analyst of Security Incite. "Network Access Control is a promising technology to simplify the enforcement of access and authorization policies, but winning solutions must integrate transparently into the existing infrastructure and not adversely impact the user experience."

Pricing and Availability
CounterACT 5.1 is available immediately and begins at a starting price of $12,995.

About ForeScout
ForeScout's network security platform combines clientless network access control (NAC) and policy enforcement, Intelligent Intrusion Prevention(TM), and vulnerability assessment in an enterprise-class security appliance. ForeScout offers real-time automated protection against self-propagating malware and malicious hacker attacks for a defense- in-depth strategy that ensures network availability and business continuity. ForeScout's customers include a wide range of Fortune 1000 corporations and government agencies. ForeScout's headquarters are located in Cupertino, California. More information can be found at

CONTACT: Gleb Brichko of ForeScout Technologies, +1-408-213-3194, or

More from Machinery & Machining Tools

All Topics