The CounterACT Network Access Control (NAC) solution is now available as a virtual appliance. The integrated solution delivers real-time visibility and comprehensive control over who, how, when and what devices, including guest VMs, are connecting to enterprise networks. With ForeScout CounterACT Virtual Appliance, organisations can readily deploy and scale-out CounterACT making use of their VMware investment.
According to Gartner, by 2015, 40 percent of the security controls used within enterprise data centers will be virtualised, and enterprises want visibility across their physical and virtual environments.1 The dynamics of virtual machine (VM) provisioning and movement, combined with wireless and mobile security issues, challenge an IT organisations’ ability to enforce uniform network access and endpoint compliance policies.
“The move to virtualise security controls reduces barriers to adoption. Rather than a sprinkle a few physical appliances here and there based on network topology, we can now place controls when and where they are needed, including physical appliances as appropriate,” said Neil MacDonald, vice president and Gartner fellow. “Leading security vendors will focus on the security services provided and offer multiple implementation alternatives – physical, virtual and cloud-based, as well as hybrid combinations that are controllable by a consistent management framework and policies.”
ForeScout CounterACT provides those capabilities today, offering an automated, extensible and scalable approach to gain visibility and apply security policies across diverse network and security infrastructures – dynamically and without requiring agents. Since the solution identifies all devices accessing the network, it performs pre- and post network admission security posture assessment, endpoint compliance baselining and remediation across physical and virtual environments, including VMware, Microsoft Hyper-V and Citrix XenServer guest VMs.
“Since installation, ForeScout has been doing a fantastic job of automating our guest and pupil network by eliminating endpoint security issues throughout the campus. We have been consolidating our data center and welcomed the opportunity to extend our CounterACT deployment with the virtual appliance,” said Tony Whelton, director of IT services and development at Wellington College. “We simply added computing resources for the virtual appliance and found the installation was very straight forward. It will give us more flexibility to allocate capacity as we need it, plus giving us the protection of running such a system within our protected virtual environment.”
ForeScout CounterACT offers a more cost-effective and integrated solution for network access control (NAC), guest networking, mobile security and endpoint compliance that overcomes the complexity, administrative burden and constraints of complex network infrastructure and endpoint protection approaches.
ForeScout customers install CounterACT Virtual Appliance running as a VMware guest VM. Users can take advantage of easier and more rapid deployment, energy and space savings, and reduced hardware maintenance costs. The virtual appliance performs identically to the physical appliance, and both can operate together, centrally controlled by ForeScout CounterACT Enterprise Manager, supporting more than 200,000 devices managed from a single console.
“With this release, we continue to deliver on our commitment to provide the industry’s easiest, most integrated and most flexible means to automate visibility and security control to enable greater accessibility, productivity and data center optimisation for our clients,” said Gord Boyce, CEO of ForeScout.
ForeScout CounterACT Virtual Appliance, which operates on VMware ESX 3.5 and 4.x, is available now through authorised partners. The automated security control solution meets and exceeds 802.1x standards, operates out-of-band, and does not require agents nor infrastructure upgrades - enabling rapid deployment and day-one results. ForeScout offers a variety of capacity, management, scale and support options to satisfy smaller, mid-tier networks, as well as more expansive deployments within larger, global enterprises.