2. ForeScout Overview
ForeScout is a leading provider of automated security
control solutions for Fortune 1000 enterprises and
government organizations.
• Founded in 2000
• HQ Cupertino California, R&D Tel Aviv Israel
• 44% year-over-year growth
– Leading independent vendor of Network Access Control
– #2 market share behind Cisco
• Global deployments
– Multiple vertical industries
– Very large deployments (>200,000 endpoints)
• Global Support – ‗Follow the sun‘
3. Gartner Leader - December 2011
• A consistent record of growing faster than the ―Magic Quadrant for Network Access Control‖,
December 8, 2011; Lawrence Orans and
NAC market, and proven ability to win large deals John Pescatore; Gartner, Inc.
• The highest visibility among pure-play NAC
vendors, particularly in the government and
financial sectors
• Strong marks for scalability, with some of the
largest active deployments of all vendors
• Clientless approach that eases the support for a
wide variety of endpoints, particularly in BYOD
environments
• Users continue to cite ease of deployment and
flexible enforcement methods as a primary
selection criteria
8. Limited Visibility Means Security Gaps
Corporate Resources Non-Corporate
Endpoints
Network Devices
Antivirus out of date
Applications Firewall installed but turned off
Encryption agent not installed
Users
ForeScout Comprehensive Visibility
Protection Possible
Visible No Protection Possible
Not Visible
9. ForeScout Provides Visibility and Control
Network Endpoint
Mobile Access Control Compliance Threat
Control • Register guests • Find and fix Control
• Limit access security gaps
• Detect and report • Block unauthorized • Enforce policies • Block intrusions
on mobile devices users and rogue • Track violations and worms
• Restrict access devices • Detect infected
machines
Agentless Scalable
ForeScout Automated Security
Control Platform
Knowledgebase . Interoperable
10. How It Works
• Out of band Deploy at the Core
ForeScout
• Clientless CounterACT
• One appliance
11. See Grant Fix Protect
ForeScout
• What type of device? CounterACT
• Who owns it?
• Who is logged in?
• What applications?
(((((((
12. See Grant Fix Protect
ForeScout
• Grant access CounterACT
• Register guests
• Block access
• Restrict access
(((((((
13. See Grant Fix Protect
Web Email CRM
Sales
Employee
Guest
14. See Grant Fix Protect
ForeScout
• Remediate OS CounterACT
• Fix security agents
• Fix configuration
• Start/stop applications
• Disable peripheral
17. See Grant Fix Protect
ALERT & REMEDIATE RESTRICT ACCESS MOVE & DISABLE
Open trouble ticket Deploy a Virtual Firewall around an infected Reassign device from production VLAN to
or non-compliant device quarantine VLAN
Send email notification
Block access with 802.1X
SNMP Traps
Reassign the device into a VLAN with Alter login credentials to block access
restricted access
Syslog
Block access with device authentication
HTTP browser hijack
Update access lists (ACLs) on switches, Turn off switch port (802.1X or SNMP)
Auditable end-user acknowledgement firewalls and routers to restrict access
Terminate unauthorized applications
Self-remediation
Automatically move device to a pre-
Integrate with SMS, WSUS, SCCM, configured guest network Disable peripheral device
Lumension, BigFix
20. What does the market want today ?
• Lot‘s of players in MDM market – See Gartner
• Customers want to the cost savings
• Users want the flexibility
• Customers requirements today are predominantly straight
forward :
– Protect the network in an ‗open‘ environment
– Posture checking
– Password requirements
– Malware concerns
– Remote wipe / control
21. Gartner Recommendations
―Enterprises must be prepared to manage and secure a
wide range of devices, some of which they don't own.
Multiplatform MDM tools are one way to achieve this.‖
Gartner, ―Top 10 Mobile Technologies for 2012 and 2013‖, 14
February 2012, Nick Jones
―No matter what [BYOD] strategy is selected, the ability to
detect when unmanaged devices are in use for business
purposes will be required — and that requires NAC.‖
Gartner, ―NAC Strategies for Supporting BYOD Environments‖,
22 December 2011, Lawrence Orans and John Pescatore
22. ForeScout Solution Options
ForeScout ForeScout ForeScout
CounterACT CounterACT CounterACT
+ +
ForeScout Mobile ForeScout Mobile
+
MDM (3rd party) MDM (3rd party)
Operational Management
• Provisioning
• Cost management
• Inventory
Network Security
• Access control
• Block threats
• Stability
Device Security
• Password
• Remote wipe
• Configuration enforcement
• Detect rooted / jailbroken
• Containerization
Unified security management
User impact Transparent Lightweight Varies Varies
Price $ $$ $$$* $$$$
*Assumes that a portion of the mobile devices are enrolled in a 3rd party MDM
system and the rest are managed by ForeScout Mobile Security Module.
23. ForeScout MDM
Agility of the cloud for the pace of change in mobility
• Fast deployment
– Simple provisioning processes
– Intuitive user interface
• Effortless scalability
– Instantly turn up devices, users, apps
– Start small and easily expand up
• Automatic upgrades
– Continuous updates available instantly
– No ongoing maintenance
• Unmatched affordability
– Zero infrastructure needed
– All inclusive subscription price model
28. Why Customers Choose ForeScout
• Easy to deploy
– Clientless
– No infrastructure changes
– Everything in a single appliance
• Rapid time to value
– Complete visibility in hours or days
• 100% coverage (no blind spots)
– Users, devices, systems, VMs, apps
• Extensive range of automated controls
– Transparent, gentle, or aggressive
• Works with every network without costly upgrades
29. Contacts
Primary Contacts
• John Hagerty – EMEA Sales Director
jhagerty@forescout.com +44 7739 732805
• Richard Cassidy – Senior EMEA SE
rcassidy@forescout.com +44 7834 336426
• Nikki Gagie – EMEA Inside Sales and Marketing
ngagie@forescout.com +44 1256 843633