Network Access Control (NAC)

The Challenge

Have you read stories about network access control (NAC) solutions that have taken months to deploy? Most of the NAC solutions from major vendors are architectural nightmares. They require installation of 802.1x software on every endpoint, changes and/or upgrades to your entire switch infrastructure, and manual workarounds for devices such as printers that could not accommodate 802.1x agents.

Most NAC products from major vendors also suffer from a limited range of actions. They are good at kicking devices off the network, but that is not good for the business, and it is detrimental to the careers of IT managers.

The ForeScout Difference

ForeScout CounterACT is different from most network access control (NAC) solutions because it is easy to deploy and provides rapid results. Here is why :

• One box, one day to install. Everything is contained in a single appliance. Setup is easy with built-in configuration wizards.
• Hybrid 802.1X / Non-802.1x . Since you can choose 802.1X or other authentication technologies such as LDAP, Active Directory, device attributes or more, our hybrid mode lets you use multiple techniques concurrently, which speeds NAC deployment in large, diverse or completx environments.
• ForeScout works with what you have. All your existing switches, routers, firewalls, endpoints, patch management systems, antivirus systems, directories, ticketing systems–ForeScout CounterACT works with them. We require no infrastructure changes or equipment upgrades.
• No software. ForeScout CounterACT agents are optional – you can go 100% agent less which means it works with all types of endpoints: managed and unmanaged, embedded, known and unknown, authorized and rogue.
• Non-disruptive. Unlike first generation NAC products that immediately disrupt users with heavy-handed access controls, ForeScout CounterACT can be deployed in a phased approach which minimizes disruption and accelerates results. In the initial phase, CounterACT gives you visibility to your trouble spots. When you want to move forward with automated control, you can do so gradually, starting with the most problematic locations and choosing an appropriate enforcement action.
• Accelerated results. ForeScout CounterACT provides useful results on Day 1 by giving you visibility to problems on your network. The built-in knowledge base helps you configure security policies quickly and accurately.

Second, unlike the NAC solutions from major vendors that use heavy-handed controls and disrupt users, ForeScout CounterACT provides an extensive range of automated controls which keeps the business running to the maximum extent possible. The list includes: