Endpoint
9/12/2011
06:32 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

ForeScout Teams With HP ArcSight To Deliver Real-Time Visibility And Remediation

Teaming connects ForeScout NAC platform to HP ArcSight ESM product

Cupertino, Calif. — September 12, 2011 — ForeScout Technologies, Inc., a leading provider of automated security control solutions for Fortune 1000 enterprises and government organizations, today announced an integration with HP ArcSight that delivers real-time visibility and remediation. This connects the ForeScout NAC platform to the HP ArcSight ESM product to help IT organizations increase operational efficiency, react faster to security incidents and improve overall security posture. (Video: Introducing ForeScout NAC and ArcSight ESM Integration)

From a single HP ArcSight ESM console, customers can now dynamically gain rich endpoint configuration, access, identity and security information, as well as readily enforce security policies and mitigate threats enterprise-wide by leveraging ForeScout CounterACT. This will empower enterprises to further automate risk management, compliance and remediation processes.

Additionally, HP ArcSight has named ForeScout a Gold Partner as a part of the ArcSight Technology Alliance Program, which is made up of prominent technology companies allied to provide solutions and services in support of the HP ArcSight Enterprise Threat and Risk Management platform.

As an exhibiting partner at the HP Protect 2011 conference, being held in Washington D.C. from September 11-14, ForeScout will be demonstrating the functionality and advantages that the integrated products offer. In addition, a breakout session entitled “Automated GRC Policy to Proactively Counter Cyberthreats” will provide attendees with a customer use case presentation highlighting a deployment of ForeScout CounterACT and HP ArcSight ESM.

ForeScout and ArcSight cooperated to connect their products using the HP ArcSight CEF (Common Event Format) Connector, Model Import Connector and Rules-based Response. At the heart of the collaboration is seamless technology integration, which offers many benefits to customers:

Single administrative console: Gain full visibility into all aspects of IT infrastructure and security risk – users, networks, endpoints and applications – from within the HP ArcSight ESM console Network access control: Enable guest networking, mobile security and endpoint compliance Real-time endpoint security intelligence: Obtain dynamic configuration, identity and security posture details of all devices and respective users connecting to and on the network Automatic remediation and mitigation: Allow immediate correlation of network activity to detect incidents and take immediate action such as blocking or limiting device access to network resources, enabling endpoint remediation without IT intervention, and issuing trouble tickets with details as to the violation, location and user Mobile security: Manage network access with regards to employee- or customer-owned smartphones, tablets and other mobile devices

ForeScout CounterACT delivers real-time endpoint security posture information (approximately 33 data fields) to the HP ArcSight platform that enables customers to gain 360 degree visibility into security and compliance of endpoints in their IT-infrastructures. Examples of the kind of data that is passed include:

Antivirus posture (Is the agent working? Up to date?) Patch management (Is the agent installed and working?) Vulnerability (Is the operating system at the right patch level?) Applications (Is an unauthorized application running?) Physical information (Type of device, machine name, MAC address) Network information (IP address), user information (User name) Desktop firewall status Location of the machine (Building, floor, location, switch port)

“Our relationship with HP ArcSight provides products that take full advantage of the power and flexibility that both the ArcSight SIEM and CounterACT platforms offer,” said Sam Davis, vice president of Business Development for ForeScout. “As a result, customers can realize more extensive operational awareness and security control.”

“The work we have done with ForeScout allows HP ArcSight customers to leverage the capabilities of the ForeScout solutions, including real-time host asset intelligence and remediation,” said Dan Barahona, vice president of Business Development, HP ArcSight. “This enables organizations to identify and respond quickly to security and compliance issues.”

About ForeScout Technologies, Inc. ForeScout enables its customers to unleash the full power of their network through enterprise-class security and control. ForeScout’s automated solutions for network access control, mobile security, threat prevention and endpoint compliance empower organizations to gain access agility while preempting risks and eliminating remediation costs. Because ForeScout security solutions are easy to deploy, unobtrusive, intelligent and scalable, they have been chosen by more than 1,000 of the world’s most secure enterprises and military installations for global deployments spanning 37 countries. Headquartered in Cupertino, California, ForeScout delivers its solutions through its network of authorized partners worldwide. Learn more at www.forescout.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-1421
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

CVE-2013-2105
Published: 2014-04-22
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.

CVE-2013-2187
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.

CVE-2013-4116
Published: 2014-04-22
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.

CVE-2013-4472
Published: 2014-04-22
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

Best of the Web