06:32 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly

ForeScout Teams With HP ArcSight To Deliver Real-Time Visibility And Remediation

Teaming connects ForeScout NAC platform to HP ArcSight ESM product

Cupertino, Calif. — September 12, 2011 — ForeScout Technologies, Inc., a leading provider of automated security control solutions for Fortune 1000 enterprises and government organizations, today announced an integration with HP ArcSight that delivers real-time visibility and remediation. This connects the ForeScout NAC platform to the HP ArcSight ESM product to help IT organizations increase operational efficiency, react faster to security incidents and improve overall security posture. (Video: Introducing ForeScout NAC and ArcSight ESM Integration)

From a single HP ArcSight ESM console, customers can now dynamically gain rich endpoint configuration, access, identity and security information, as well as readily enforce security policies and mitigate threats enterprise-wide by leveraging ForeScout CounterACT. This will empower enterprises to further automate risk management, compliance and remediation processes.

Additionally, HP ArcSight has named ForeScout a Gold Partner as a part of the ArcSight Technology Alliance Program, which is made up of prominent technology companies allied to provide solutions and services in support of the HP ArcSight Enterprise Threat and Risk Management platform.

As an exhibiting partner at the HP Protect 2011 conference, being held in Washington D.C. from September 11-14, ForeScout will be demonstrating the functionality and advantages that the integrated products offer. In addition, a breakout session entitled “Automated GRC Policy to Proactively Counter Cyberthreats” will provide attendees with a customer use case presentation highlighting a deployment of ForeScout CounterACT and HP ArcSight ESM.

ForeScout and ArcSight cooperated to connect their products using the HP ArcSight CEF (Common Event Format) Connector, Model Import Connector and Rules-based Response. At the heart of the collaboration is seamless technology integration, which offers many benefits to customers:

Single administrative console: Gain full visibility into all aspects of IT infrastructure and security risk – users, networks, endpoints and applications – from within the HP ArcSight ESM console Network access control: Enable guest networking, mobile security and endpoint compliance Real-time endpoint security intelligence: Obtain dynamic configuration, identity and security posture details of all devices and respective users connecting to and on the network Automatic remediation and mitigation: Allow immediate correlation of network activity to detect incidents and take immediate action such as blocking or limiting device access to network resources, enabling endpoint remediation without IT intervention, and issuing trouble tickets with details as to the violation, location and user Mobile security: Manage network access with regards to employee- or customer-owned smartphones, tablets and other mobile devices

ForeScout CounterACT delivers real-time endpoint security posture information (approximately 33 data fields) to the HP ArcSight platform that enables customers to gain 360 degree visibility into security and compliance of endpoints in their IT-infrastructures. Examples of the kind of data that is passed include:

Antivirus posture (Is the agent working? Up to date?) Patch management (Is the agent installed and working?) Vulnerability (Is the operating system at the right patch level?) Applications (Is an unauthorized application running?) Physical information (Type of device, machine name, MAC address) Network information (IP address), user information (User name) Desktop firewall status Location of the machine (Building, floor, location, switch port)

“Our relationship with HP ArcSight provides products that take full advantage of the power and flexibility that both the ArcSight SIEM and CounterACT platforms offer,” said Sam Davis, vice president of Business Development for ForeScout. “As a result, customers can realize more extensive operational awareness and security control.”

“The work we have done with ForeScout allows HP ArcSight customers to leverage the capabilities of the ForeScout solutions, including real-time host asset intelligence and remediation,” said Dan Barahona, vice president of Business Development, HP ArcSight. “This enables organizations to identify and respond quickly to security and compliance issues.”

About ForeScout Technologies, Inc. ForeScout enables its customers to unleash the full power of their network through enterprise-class security and control. ForeScout’s automated solutions for network access control, mobile security, threat prevention and endpoint compliance empower organizations to gain access agility while preempting risks and eliminating remediation costs. Because ForeScout security solutions are easy to deploy, unobtrusive, intelligent and scalable, they have been chosen by more than 1,000 of the world’s most secure enterprises and military installations for global deployments spanning 37 countries. Headquartered in Cupertino, California, ForeScout delivers its solutions through its network of authorized partners worldwide. Learn more at www.forescout.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.