Ardentec, one of Taiwan’s wafer test service providers, has chosen ForeScout CounterACT to gain endpoint visibility and compliance via agentless monitoring and policy enforcement of nearly 4,000 endpoints used by more than 1,000 employees across its four manufacturing sites.
Ardentec worked with InfoSource, a ForeScout distributor, to help it identify a network access control (NAC) solution that would allow it to fortify network security at all of its branch locations in order to reduce the risk of unauthorised and unsecured devices gaining access to the company network. The firm also needed a solution compatible with a broad array of switches and existing infrastructure components from different manufacturers. Ardentec chose ForeScout because it provided the simplest, most feature-rich and cost-effective solution; it was also the quickest and simplest to deploy and maintain.
“With CounterACT, network control is much easier than we ever imagined,” said Chris Chou, director of management information systems for Ardentec. “We had CounterACT up and running across four sites in less than a month. The depth of visibility into devices connecting to the network is amazing, and its simple integrated approach lets us easily manage the entire network from one dashboard.”
CounterACT’s effectiveness in providing increased operational insight and its low impact to their existing environment helped in Ardentec’s decision. Its agentless approach, allowing for strong policy control, was also a priority. ForeScout distinguished itself further by preventing rogue and unmanaged devices from connecting to the network, especially since Ardentec discovered that its users unplug network cables from the factory machines and plug them, instead, into their own devices.
CounterACT also offers the interoperability needed to query the company’s authorised device database. Leveraging the ForeScout ControlFabric interface, CounterACT checks the IP and MAC addresses of devices attempting to connect to the network to make sure they match. Other factors in the choice of CounterACT included its use for identifying and controlling mobile devices, automating the process for controlling guest access to the network, the range of endpoint compliance capabilities and dashboard, and its query and audit reporting capabilities.
With the introduction of this BYOD security service, Ardentec has seen an increase in the network security compliance rate of ISO 27001 to 80 percent and an overall lowered network asset management risk across the company. Ardentec found additional distinctive uses for CounterACT such as dynamic asset classification, an IP-MAC binding and MAC address validation, used for factory devices and connections as well as wireless and mobile device security.
CounterACT monitors all devices connecting to Ardentec’s network to ensure each endpoint has the correct settings, such as up to date anti-virus and that the operating system patches are current, per the organisation’s standard security policies.
Chou said, “By using CounterACT as extensively as possible, not only did we improve our overall network security and visibility, but also the effectiveness of our endpoint security investments.”