29 Oct 2014

ForeScout Partners with McAfee to Deliver Dynamic Endpoint Protection

Customize font size:

CAMPBELL, Calif., October 29, 2014 — ForeScout Technologies, Inc., the leading provider of pervasive network security solutions for Global 2000 enterprises and government organizations, announced it has partnered with McAfee, part of Intel Security, to provide a new and enhanced interoperability between ForeScout CounterACT™ and McAfee solutions. This will be demonstrated in booth 206 at McAfee FOCUS 14, taking place October 27-29 in Las Vegas. The integrations will showcase the combined abilities of ForeScout products, McAfee products and the McAfee Data Exchange Layer (DXL) to enable customers to protect infrastructure while supporting initiatives such as bring your own device (BYOD). ForeScout CounterACT will leverage the McAfee Threat Intelligence Exchange (TIE) to make enforcement and remediation decisions based on relevant security information shared between endpoints, gateways and other security products. This rapid information dissemination is part of a more proactive, integrated approach to fortifying a security posture.

“Given the dynamic nature of next-generation threats, organizations can no longer rely on isolated security solutions,” said Christopher Kissel, industry analyst, Network Security, at Frost & Sullivan. “To ensure the most comprehensive levels of protection, an integrated approach that speeds response is necessary to address advanced threats and close potential endpoint compliance gaps.”

ForeScout’s pervasive network security platform, CounterACT, enables IT organizations to efficiently address network visibility, access control, endpoint compliance and threat management challenges in today’s increasingly complex enterprise networks. McAfee TIE solutions combining ForeScout CounterACT and other McAfee products to be showcased at FOCUS 14 include:

  • McAfee Threat Intelligence Exchange (TIE) and Data Exchange Layer (DXL) Interoperability – ForeScout will demonstrate CounterACT interoperability with McAfee TIE by leveraging McAfee DXL and how CounterACT can onboard a BYOD laptop and verify the hashes of running processes against the McAfee TIE’s file reputation repository. CounterACT can then apply appropriate access policy and remediation actions based on whether or not any malicious files are detected. This interoperability showcases how organizations can extend their security controls to BYOD laptops that may not be running McAfee endpoint protection agents.
  • McAfee ePolicy Orchestrator (ePO) Software Integration – Updated to support McAfee ePO 5.1.1, CounterACT integrates bi-directionally, consuming information about endpoint properties and notifying McAfee ePO of changes. Both systems can then take action. For example, CounterACT detects devices as they connect to the network, validates that the device and user are authorized, and then assesses the device security posture, including whether or not the McAfee ePO host agent is installed, running and up-to-date. When non-compliance is identified, CounterACT can inform McAfee ePO to take action, or CounterACT can attempt to remediate the violation directly. In addition, ForeScout will showcase how CounterACT can take quarantine actions based on malware or other violations detected by McAfee ePO software, including new malware detections identified using McAfee TIE.
  • McAfee Vulnerability Manager (MVM) integration – The new integration between ForeScout and MVM harnesses CounterACT’s real-time network visibility and automated controls for more comprehensive, efficient and timely vulnerability assessment and risk mitigation. CounterACT informs McAfee MVM as soon as a device connects to the network, thereby enabling real-time vulnerability scanning of endpoints, including transient devices that may be missed by periodic polling. CounterACT then leverages the real-time MVM scan information for policy-based access control and remediation, such as quarantining or remediating vulnerable systems. This integration supports MVM version 7.5 and above.

“We are pleased to be partnering with ForeScout to help enable adaptive endpoint protection,” said Ed Barry, vice president of Global Technology Alliances at McAfee, part of Intel Security. “The real-time capabilities that CounterACT brings to McAfee ePO software, MVM and TIE by leveraging both the ControlFabric™ architecture and McAfee DXL gives joint customers the ability to monitor their corporate and BYOD endpoints in real time for indicators of compromise (IOCs) and non-compliance, ultimately providing them with actionable intelligence to help increase overall security posture.”

“The growing breadth and sheer velocity of malware, advanced persistent threats (APTs) and zero-day exploits necessitates a more forward-looking approach to threat management,” said Wallace Sann, federal CTO at ForeScout. “By combining the functionality of CounterACT with McAfee solutions, mutual customers can detect, contain and remediate potential exposures more efficiently and effectively.”

Beyond exhibiting at McAfee FOCUS 14, ForeScout invites attendees to participate in its breakout session, entitled “Endpoint Visibility, Control and Automation,” led by Sann. The session will be held on Wednesday, October 29 at 2:30 p.m. in room Bellini 2001-2002.

 Interoperability for McAfee ePO versions 4.6 and 5.1 or higher is available to customers who are licensed and have maintenance for the ForeScout ePO Integration Module. Interoperability with MVM is available to those customers who have licensed the ForeScout Vulnerability Assessment Integration Module.  McAfee TIE and DXL interoperability is planned for commercial availability in 2015.

Visit booth 206 at McAfee FOCUS14 for demonstrations of these integrations.

Relevant Links

ForeScout CounterACT
ForeScout ControlFabric
ForeScout Blog
ForeScout Facebook
ForeScout Twitter

Tweet This: 

Tweet This: @ForeScout and @McAfee collaborate on dynamic endpoint protection to be demonstrated @FOCUSConference:http://ow.ly/DqvNV