Endpoint
3/9/2012
02:08 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

ForeScout Mobile Delivers Unified Visibility And Control For Managed And Unmanaged Mobile Devices And PCs

Plug-in modules enable rich Android and iOS security management, mobile device management integration

Cupertino, Calif. — February 21, 2012 — ForeScout Technologies, Inc., a leading provider of automated security control solutions for Fortune 1000 enterprises and government organizations, today introduced ForeScout Mobile, a set of plug-in modules to enable rich Android and iOS security management, as well as a plug-in module for mobile device management (MDM) integration. By combining ForeScout Mobile with ForeScout CounterACT, the company’s award-winning network access control (NAC) platform, security professionals can employ one console to gain unprecedented visibility and uniform control over managed and unmanaged mobile and PC devices.

According to IDC1, 40.7 percent of devices used by information workers to access business applications are ones that they own themselves including home PCs, smartphones and tablets such as Apple’s iPad. Furthermore, organizations underestimate the number of information workers using consumer devices for work by 50 percent. In a recent North American survey conducted by the Boston Research Group2, 78 percent of the IT security professionals surveyed believe that network access control is an essential function to protect enterprises from mobile device risks. Respondents stated that the primary risks they are concerned about are data loss, malware, unauthorized use and unauthorized access. In this same report, the vast majority of IT security managers say that they influence or make MDM purchase decisions.

"Our customers are ramping up their mobile security initiatives ranging from simply wanting to enable access controls for specific users and devices, to supporting BYOD and rolling out MDM solutions. Beyond technology, we strongly consider how security solutions meet our customers’ operational and compliance requirements," said Judith Buckardt, president and CEO of Konsultek. “ForeScout Mobile offers strong implementation flexibility and a policy-based method to secure corporate and personal mobile devices that well complements BYOD and addresses MDM network security gaps. For a security administrator, the ability to apply pre- and post-connection policies to desktops, servers and mobile devices from one integrated system is extremely compelling.”

Security teams want the same endpoint intelligence, security assessment and enforcement options for mobile devices as they have for PCs and they want it all managed from one operating console. ForeScout Mobile meets this need by delivering the industry’s first unified approach for NAC, BYOD and MDM and putting comprehensive mobile security at the operator’s fingertips. With ForeScout Mobile, IT organizations gain needed flexibility to accelerate Bring Your Own Device (BYOD) adoption and can better manage mobile security risks.

ForeScout’s market-leading NAC solution, ForeScout CounterACT, identifies mobile devices, forces unknown users to register, and can automatically allow, deny or restrict access to specified network resources and wireless access points. All of this can be done from a single appliance, without the need for software agents running on the endpoints. From the same console, ForeScout Mobile offers additional functionality by providing mobile device-specific security options and MDM integration.

Ø ForeScout Mobile Security Module provides extensive information about the device, its user, its configuration, its apps and its security posture. This allows CounterACT to enforce more granular network access and endpoint integrity policies for mobile devices. The Security Module for Android uses a mobile app that extends CounterACT’s visibility and control for Android 2.1 or greater. The Security Module for iOS takes advantage of Apple’s native push notification service and MDM capabilities. Beyond blocking or limiting access to network resources, additional iOS remediation options include the ability to: remotely wipe and lock; enforce password policy; require apps such as anti-virus, MDM or virtualization; remove or disable native apps such as the camera; enforce specific Wi-Fi access; and do more without requiring an agent on the Apple iPad or iPhone.

Ø ForeScout Mobile MDM Module allows organizations to leverage their existing MDM solution within the broader context of unified security control that CounterACT provides. With this module, security teams can consolidate information about all endpoints on the network, including mobile devices through their MDM system, into the CounterACT platform. The security staff, from one console, can monitor and report on policy adherence, enforce employee and guest compliance, and remediate devices across major mobile platforms such as iOS, Blackberry, Android and Windows. Operational efficiency is achieved by merging NAC and MDM security functions, enabling uniform access control policies not available in MDM, and negating the need for security managers to request, learn or use an MDM console.

“All this talk about smartphones, tablets and security must consider productivity gains. Like other employees, I readily use my iPad at home, on the road and at work. Security needs to be acceptable, unobtrusive and efficient for both users and IT, while fortifying necessary security mechanisms,” said Gord Boyce, CEO at ForeScout. “The ForeScout Mobile / CounterACT combination offers a smart, flexible and cost-effective means for organizations to implement and extend mobile security across different phases of BYOD adoption and maturity.”

Delivered as a physical or virtual appliance, ForeScout CounterACT lets you see and control everything connected to your network no matter the device or user. ForeScout Mobile, an add-on module for ForeScout CounterACT, is licensed (perpetual) by the number of mobile devices with a price starting at $2,800 for 100 devices. The ForeScout Mobile Security Module for Android and iOS are in beta test and will be available in April. The ForeScout Mobile MDM Module will be available in Q3. See ForeScout Mobile in action at the upcoming RSA 2012 conference, being held in San Francisco on February 27 to March 2 at booth 931.

About ForeScout Technologies, Inc. ForeScout enables its customers to unleash the full power of their network through enterprise-class security and control. ForeScout’s automated solutions for network access control, mobile security, endpoint compliance and threat prevention empower organizations to gain access agility while preempting risks and eliminating remediation costs. Because ForeScout security solutions are easy to deploy, unobtrusive, intelligent and scalable, they have been chosen by more than 1,000 of the world’s most secure enterprises and military installations for global deployments spanning 37 countries. Headquartered in Cupertino, California, ForeScout delivers its solutions through its network of authorized partners worldwide. Learn more by visiting www.forescout.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.