ForeScout Solutions - Globalpress Connection Inc.
Download
Report
Transcript ForeScout Solutions - Globalpress Connection Inc.
Enterprise Grade NAC
Customer Driven – Global Deployment Proven
Ray Wizbowski
VP Marketing
[email protected]
Network Access Control
Access Issues CIOs Worry About*
Who is connecting to my
network and are they
compliant with my security
policies?
Is there a self propagating
threat on any device
connecting to my network?
Am I leveraging access
control to gain more
automation of IT
processes?
*Research by
Enterprise Demand Research: Network Access Control, June 2006
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
Network Access Control
Market Overview
Market
Awareness
Product
Challenges
Wait for Cisco
or Microsoft?
Created Market
Demand
Products Have
Faced Delays
Demonstrated
Product is
Immature
Requires Major
Infrastructure
Investment
Focused
Development
CounterACT ™
Completely
Clientless
Integrated IPS
No Integrated IPS
Agent Based
OS Limitations
Not Inline
Works with
Existing
Infrastructure
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
CounterACT Delivers
Network Access. Controlled.
Universal
Discovery
End Point
X-Ray
Tailored
Enforcement
Non
Disruptive
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
Universal Discovery
Enforce Policy on ALL Devices
All Devices Detected Upon Network Connection
• Completely Clientless
No Software/Code Required on Endpoints
• Delivers Automatic Handling of ALL Devices
Universal
Discovery
• Guests, Contractors, Printers, VoIP Devices, etc
Enables Global Scalability
• Integrates with Existing Directory Structures
CounterACT Works with Existing Domain
• Treats Domain or Non-Domain Users Differently in
Accordance with Defined Policies
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
End Point X-Ray
Blocks Network Disrupting Code
Instantly Detects/Blocks Self Propagating Threats
• If Device is Company Managed CounterACT Can…
Utilize ForeScout Fast Pass™
• No Quarantine by Default Requirement
• Allows Device Immediate Connection while…
End Point
X-Ray
Deep Interrogation of Device is Completed
• Ensure Policy Compliance of Connected Device
• Custom Fit Enforcement Options Bring Users Into
Compliance without Affecting Productivity
End User Experience is Not Effected
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
Tailored Enforcement
Custom Fit To Your Business Needs
Full Spectrum of Policy Enforcement Options
• Appropriate Response to Each Policy Violation
• Disruption Directly Related to Degree of Violation
Customized Policy Enforcement with CounterACT
• Business Dictates Level of Enforcement
Tailored
Enforcement
• Custom Enforcement for User Type
Not Binary
• Provides Multiple Limited Disruption Enforcement
Options
• End User Can Remain Productive While Minor Policy
Violations are Addressed
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
Non Disruptive
Deploy NAC without Disruption
Non-Disruptive Deployment
• Not-Inline Deployment
• Typically Spanned From Distribution Layer Switch
Non-Disruptive Management
Non
Disruptive
• NAC System Does Not Require Continual Monitoring
• Simple Format for Updating/Changing Policies
Non-Disruptive Access
• Fast Pass™ Enables Instant Access to Network
Resources, without Compromising Security
• Allows Contractors/Guests Access According to Policy
Without Physical Adjustment to Network
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
CounterACT 6.0
Enterprise Grade NAC Features
NEW
Features
Remote Application Termination
High Availability
Product Line Expansion
SMS Integration
MAC OS Interrogation
IMPROVED
Features
Advance Policy Creation
Rapid Deployment Model
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
Application Termination
Customer Need
Greater control over high risk applications
CounterACT Provides
Ability to determine what applications are
running
Remote termination of application
Ability to notify the user using their browser
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
High Availability
Customer Need
Automatic failover if the primary appliance
fails
CounterACT Provides
Active-Passive Configuration – if primary fails
HA device automatically assumes role as
primary
Virtual – the cluster has just one IP address
Transparent and Seamless
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
CounterACT Expansion
Meeting Global Enterprise Needs
Customer Need
Network access control solutions for remote
office and headquarters
CounterACT Product Family
CTR – Managing up to 50 devices
List price $4,995
CT100 – Managing up to 250 devices
List price begins at $13,995
CT1000 – Managing up to 1000 devices
List price begins at $28,995
CT2000 – Managing up to 2500 devices
List price begins at $48,995
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
Advanced Policy Creation
Customer Need
Simplified policy engine
CounterACT Provides
Multi-trigger policy creation - admission,
scheduled, and on-demand
Granular policy creation using conditional
logic
Enforcement is custom fit for each policy
violation in the policy string
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
Rapid Deployment Model
Customer Need
Ability to deploy multiple CounterACT
appliances without having to configure each
appliance
CounterACT Provides
From Enterprise Manager, push tuning
configuration settings to new appliances
Eliminates network specific tuning of the new
appliance
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
Additional 6.0 Functionality
MAC OS Device Interrogation
SMS Integration
• MSFT System Management Server
New Reporting Engine
• Compliance
trend reporting
Additional Supported Switches
• In addition to Cisco, Juniper, Foundry and
Extreme, CounterACT will also support
Nortel and HP ProCurve
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
Summary
Developing/Deploying NAC for Two Years
• In Production Networks for Over a Year
Customers Have Pushed Development
• Real customers working with deployed technology
CounterACT NAC Solution is
Enterprise Grade
• Customer Driven, Global Deployment Proven
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
Thank You
ForeScout Technologies
10001 N. De Anza Blvd., Suite 220
Cupertino, CA 95014
(408) 213-3191
© 2006 ForeScout Technologies SMQ306
Company Overview
Founded April 2000
Raised $35 Million in Venture Funding
• Amadeus Capital, Accel Partners, Pitango Ventures, Meritech
Capital Partners, and Itouchu
Headquartered in Cupertino, CA
Global Sales & Marketing Organization
• Working through channels with direct touch in 2006
• Growth will be facilitated through expanding channels in 2007
Over 350 Customers
Focused Channel Program
• Have recruited top security integrators in US and Europe
• Fishnet Security, Vigilar, Integralis, Axial, etc.
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.
ForeScout’s Product Families
CounterACT
•
Clientless Network Access Control
– Universal Discovery
– End Point X-Ray
– Tailored Enforcement
– Non Disruptive
Internal Security
ActiveScout
•
Signatureless Intrusion Prevention
– Zero-Day Threat Mitigation
– No Updates
– Minimal Maintenance
Perimeter Defense
Network Access. Controlled.™
© 2000 - 2006 ForeScout Technologies, Inc.