Paul Cochran - Account Manager. Chris Czerwinski System Engineer

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Paul Cochran - Account Manager. Chris Czerwinski System Engineer"

Transcription

1 Paul Cochran - Account Manager Chris Czerwinski System Engineer

2 Next-Generation NAC Fast and easy deployment No infrastructure changes or network upgrades No need for endpoint agents 802.1X is optional Integrated appliance (physical or virtual) Shift away from restrictive allow-or-deny policies Flexible controls, based on user and device context Streamline and automate existing IT processes Guest registration MDM enrollment BYOD onboarding Asset management Integrate with other IT systems Break down information silos Reduce window of vulnerability by automating controls & actions

3 Continuous Endpoint Compliance #1 Strong Foundation Market Leadership Enterprise Deployments In business 13 years Campbell, CA headquarters 200+ global channel partners Independent Endpoint Compliance and NAC Market Leader Focus: Pervasive Network Security 1,500+ customers worldwide Financial services, government, healthcare, manufacturing, retail, education From 500 to >1M endpoints

4 Continuous Endpoint Compliance 1 Visibility Capabilities 2 Compliance Assessment 3 Remediation ) 4 Interoperability 5 Easy Deployment

5 ForeScout CounterACT 1 Endpoint Discovery and inspection - who, what, where, health Visibility Compliance Managed, unmanaged, corporate, BYOD, rogue 2 Compliance Assessment Out-of-the-box templates for security best practices Flexible and extensible, assess audit compliance 3 Remediation OS, applications, configuration, processes etc. Improve ROI of existing security agents 4 Interoperability Works with your existing IT infrastructure ControlFabric open integration architecture 5 Easy Deployment Fast implementation, agent-less, all-in-one appliance Multi-vendor, designed for endpoint diversity

6 1. Visibility Who are you? Who owns your device? What type of device? Where/how are you connecting? What is the device hygiene? Employee Partner Contractor Guest Corporate BYOD Rogue Windows, Mac ios, Android VM Non-user devices Switch Controller VPN Port, SSID IP, MAC VLAN Configuration Software Services Patches Security Agents

7 Information Sharing and Automation

8 4. Interoperability Switches & Routers Endpoint & APT Protection Endpoints Firewall & VPN IT Network Services MDM Wireless Network Devices SIEM/GRC Vulnerability Assessment

9 Use Case #2: Automated Risk ForeScout sends both low-level (who, what, where) and high-level (compliance status) information about endpoints to SIEM Mitigation SIEM correlates ForeScout information with information from other sources and identifies risks posed by infected, malicious or high-risk endpoints SIEM initiates automated risk mitigation using ForeScout ForeScout takes risk mitigation action on endpoint Remediate Quarantine Initiate Mitigation Real-time Info SIE M Correlate, Identify Risks

10 The ControlFabric DATA CONSUMERS Interface CounterACT DATA PROVIDERS ControlFabric Interface Web API SQL LDAP Syslog Console Policy Engine Reporting Dashboard Network Devices Endpoints

11 Use Case #4: Threat Management Is it authorized? Is it breached? Is it attacking? Investigate Remediate Quarantine

12 Detects and Inspects AD / LDAP / RADIUS / DHCP CORE LAYER SWITCH Devices VPN CONCENTRATOR FIREWALL INTERNET WHO? USER NAME TITLE GROUPS DISTRIBUTION LAYER SWITCH WHAT? OS BROWSER AGENT PORTS PROTOCOLS CORPORATE LAN GUEST LAN VPN CLIENTS INTERNAL EXTERNAL APPS SERVICES PROCESSES POSTUR VERSIONS E? REGISTRY PATCHES ENCRYPTION ANTIVIRUS MAC ADDRESS IP ADDRESS SWITCH IP WHERE? CONTROLLER IP PORT / SSID / VLAN

13 Detects and Inspects Multiple methods Devices Poll switches, APs and controllers for list of devices that are connected Receive SNMP trap from switches Monitor 802.1X requests to the built-in or external RADIUS server Monitor DHCP requests to detect when a new host requests an IP address Optionally monitor a network SPAN port to see network traffic such as HTTP traffic and banners Run NMAP scan Use administrative privileges to run a scan on the endpoint Use optional SecureConnector agent EXTERNAL RADIUS SERVER SECURE CONNECTOR AD SERVER DHCP REQUESTS SNMP TRAPS.

14 Type of Information CounterACT can Device Type of device Manufacturer Location Connection type Hardware info Authentication MAC and IP address Certificates User Name Authentication Status Workgroup and phone number Operating Learn System OS Type Version number Patch level Services and processes installed or running Registry File names, dates, sizes Applications Installed Running Version number Registry settings File sizes Security Agents Anti-malware/DLP agents Patch management agents Encryption agents Firewall status Configuration Network Malicious traffic Rogue devices Peripherals Type of device Manufacturer Connection type

15 Real-time Network Complete Situational Awareness Asset Intelligence

16 Real-time Network Complete Situational Awareness Asset Intelligence See All Devices: Managed, Unmanaged, Wired, Wireless, PC, Mobile Compliance Problems: Agents, Apps, Vulnerabilities, Configurations

17 Real-time Network Complete Situational Awareness Asset Intelligence Filter Information By: Business Unit, Location, Device Type

18 Real-time Network Complete Situational Awareness Asset Intelligence See Device Details: What, Where, Who, Security Posture

19 Real-time Network Complete Situational Awareness Asset Intelligence Site Summary: Devices, Policy Violations

20 2. Compliance Assessment Who are you? Who owns your device? What type of device? Where/how are you connecting? What is the device hygiene? Employee Partner Contractor Guest Corporate BYOD Rogue Windows, Mac ios, Android VM Non-user devices Switch Controller VPN Port, SSID IP, MAC VLAN Configuration Software Services Patches Security Agents ForeScout Advanced Policy Engine Out-of-the-box templates Flexible and extensible Device and user specific policies

21 CounterACT Compliance Assessment Device Properties Operating System Applications Security Agents Peripherals Manufacturer, model Hardware properties User, ownership Configuration Password policy Jailbroken or rooted OS type Version number Patch level Services, processes installed or running Registry settings Installed or running Required apps Blacklisted apps Version numbers Legacy applications File dates and sizes Anti-malware status Anti-virus up-to-date DLP status Firewall status Patch management Encryption status Peripheral type M anufacturer Configuration Port Connection type

22 CounterACT Compliance Assessment Properties

23 CounterACT Dashboard A Birds-Eye Compliance View

24 Sample Policy for Continuous Compliance

25 3. Remediation Who are you? Who owns your device? What type of device? Where/how are you connecting? What is the device hygiene? Employee Partner Contractor Guest Corporate BYOD Rogue Windows, Mac ios, Android VM Non-user devices Switch Controller VPN Port, SSID IP, MAC VLAN Configuration Software Services Patches Security Agents ForeScout Advanced Policy Engine Out-of-the-box templates Flexible and extensible Device and user specific policies Alert Report Remediate Disable, Block

26 CounterACT Remediation Actions User Communication Operating System Applications Security Agents Peripherals Send Send to web page Open help desk ticket Communicate policies Self-remediation Install patch Configure registry Start, stop, disable process or service Trigger external remediation system Update application Set configuration Start required application Stop blacklisted or legacy application Install agent Start agent Update agent Update configuration Trigger external remediation service Alert administrator Alert user about non-compliance Disable peripheral Disable USB ports

27 Modest Granular Access Control Policies Strong Alert & Allow Limit Access Move & Disable Open trouble ticket Send notification SNMP Traps Start application Run script Auditable end-user acknowledgement HTTP browser hijack Deploy a virtual firewall around the device Reassign the device to a VLAN with restricted access Update access lists (ACLs) on switches, firewalls and routers to restrict access DNS hijack (captive portal) Automatically move device to a pre- configured guest network Move device to quarantine VLAN Block access with 802.1X Alter login credentials to block access, VPN block Block access with device authentication Turn off switch port (802.1X, SNMP) Wi-Fi port block

28 Information Sharing and Automation

29 Visibility of all devices, unmanaged & rogue Use Case #1: Asset Intelligence and Does not require agents Automate agent installation, activation, update Endpoint Compliance Real-time compliance info Bi-directional integration Endpoint protection Vulnerability Assessment Advanced Threat ForeScout

30 Use Case #3 (FireEye + CounterACT Detail) 1. Infected system connects to network, tries to call home 2. FireEye identifies and blocks callback 3. FireEye alerts CounterACT of the infected system 4. CounterACT isolates the infected system to prevent further reconnaissance or infection propagation Internet Firewall Switch Infected system

31 Continuous Monitoring and Mitigation Continuous Visibility Endpoint Mitigation Endpoint Authentication & Inspection Network Enforcement Information Integration

32 5. Easy Deployment Easy to use No agents needed (dissolvable or persistent agent can be used) Non-intrusive, audit-only mode Fast and easy to deploy All-in-one appliance Out-of-band deployment No infrastructure changes or network upgrades Rapid time to value unprecedented visibility in hours or days Physical or virtual appliances Infrastructure agnostic Multi-vendor, heterogeneous network environments Ideal for growing endpoint diversity

33 CounterACT Centralized Deployment DATACENTER ACTIVE DIRECTORY CORE SWITCHES SCCM ENDPOINT PROTECTION COUNTERACT ENTERPRISE MANAGER SIEM VA MDM ATD REMOTE USERS VPN CONCENTRATOR

34 CounterACT Hybrid Deployment DATACENTER ACTIVE DIRECTORY CORE SWITCHES SCCM ENDPOINT PROTECTION COUNTERACT ENTERPRISE MANAGER SIEM VA MDM ATD REMOTE USERS VPN CONCENTRATOR

35 ForeScout CounterACT Product FAMILY OF APPLIANCE MANAGERS FAMILY OF APPLIANCES Family SUITE OF PACKAGED SOFTWARE INTEGRATION MODULES A single appliance to handle up to # of ForeScout appliances Virtual appliances are also available. A single appliance to handle up to # of endpoints Model Endpoints CTR 100 CT CT ,000 CT ,500 CT ,000 CT ,000 Virtual appliances are also available. Vulnerability Assessment Advance Threat Detection SIEM MDM epo Open (Customer Development)

36 How ForeScout is Different Fast and easy to deploy Agentless and non-disruptive Scalable, no re-architecting

37 How ForeScout is Different Fast and easy to deploy Infrastructure Agnostic Agentless and non-disruptive Works with mixed, legacy environment Scalable, no re-architecting Avoid vendor lock-in

38 How ForeScout is Different Fast and easy to deploy Infrastructure Agnostic Flexible and Customizable Agentless and non-disruptive Works with mixed, legacy environment Optimized for diversity and BYOD Scalable, no re-architecting Avoid vendor lock-in Supports open integration standards

39 2014 ForeScout Technologies, Page 39 Questions

40 Pervasive Network Security an IT Game Changer

41 APPENDIX

42 ForeScout CounterACT Market Leadership **NAC Competitive Landscape *Magic Quadrant for Network Access Control, December 2013, Gartner Inc. April 2013, Frost & Sullivan **Frost & Sullivan 2013 report NC91-74, Analysis of the Network Access Control Market: Evolving Business Practices and Technologies Rejuvenate Market Growth Chard base year *This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from ForeScout. Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Garnter, Inc. "Magic Quadrant for Network Access Control," Report G , December 12, 2013, Lawrence Orans.

43 Next-Gen NAC Delivers Continuous Next-Generation Compliance NAC can dynamically identify, inspect and control all network-connecting devices, as well as ensure endpoint compliance and threat mitigation. As a result, these solutions yield better use of security investments and IT resources, as well as enable IT to be more responsive to thwart threats and maintain endpoint compliance. 1 Emerging in 2010, NAC began to occupy a valuable piece of real estate on more extended and open networks. NAC was in the right position to inspect devices, monitor activities, and enforce endpoint compliance policies in a growing number of use cases. 2 1 Frost and Sullivan, Continuous Compliance and Next Generation NAC: A Cornerstone Defense for Dynamic Endpoint intelligence and Risk Mitigation, October 2013, Chris Rogriguez 2 Enterprise Strategy Group, The Endpoint Visibility, Access and Security (EVAS) Market: The Evolution of Network Access Control (NAC), July 2013, Jon Oltsik

44 Strong Third-party Continuous Compliance and Next Generation NAC Endorsements The Endpoint Visibility, Access, Network Access Control: A Strong Resurgence is Underway and Security (EVAS) Market: The Evolution of NAC Next-generation network access control Frost and Sullivan, October 2013 Ogren Group, March 2013 Enterprise Strategy Group, July 2013 Quocirca, August

45 Augment Existing Agentbased Security Systems Corporate Resources Non-corporate Endpoints Network Devices Applications Users Antivirus out of date Unauthorized application Agents not installed or not running CounterACT Compliance Continuous Compliance Compliance Assessment for All Assessment MANAGED PossibleEndpoints NOT Not MANAGED Possible

46 ForeScout CounterACT Product FAMILY OF APPLIANCE MANAGERS FAMILY OF APPLIANCES Family SUITE OF PACKAGED SOFTWARE INTEGRATION MODULES A single appliance to handle up to # of ForeScout appliances Virtual appliances are also available. A single appliance to handle up to # of endpoints Model Endpoints CTR 100 CT CT ,000 CT ,500 CT ,000 CT ,000 Virtual appliances are also available. Vulnerability Assessment Advance Threat Detection SIEM MDM epo Open (Customer Development)

47 CounterACT Product Family CTR CT- 100 CT CT CT CT Devices Bandwidth 100 Mbps 500 Mbps 1 Gbps 2 Gbps 4 Gbps or 10 Gbps 4 Gbpsor 10 Gbps VLAN Support Unlimited Unlimited Unlimited Unlimited Unlimited Unlimited VCTR VCT- 100 VCT VCT VCT VCT Devices CPU RAM/HD Space 1GB / 80GB 1.5GB / 80GB 2GB / 80GB 4GB / 80GB 6GB / 80GB 16GB/80GB

Matthias Meier. VP Engineering, bw digitronik. 2013 ForeScout Technologies, Page 1 2014 ForeScout Technologies, Page 1

Matthias Meier. VP Engineering, bw digitronik. 2013 ForeScout Technologies, Page 1 2014 ForeScout Technologies, Page 1 Matthias Meier VP Engineering, bw digitronik 2013 ForeScout Technologies, Page 1 2014 ForeScout Technologies, Page 1 Inadequate Visibility Inadequate Collaboration Inadequate Automation 2013 ForeScout

More information

ForeScout CounterACT. Continuous Monitoring and Mitigation

ForeScout CounterACT. Continuous Monitoring and Mitigation Brochure ForeScout CounterACT Real-time Visibility Network Access Control Endpoint Compliance Mobile Security Rapid Threat Response Continuous Monitoring and Mitigation Benefits Security Gain real-time

More information

Embracing Complete BYOD Security with MDM and NAC

Embracing Complete BYOD Security with MDM and NAC Embracing Complete BYOD Security with MDM and NAC Clint Adams, CISSP, Director, Mobility Solutions Keith Glynn, CISSP, Sr. Technical Solutions Engineer August 22, 2013 Today s Speakers Clint Adams, CISSP

More information

Securing Healthcare Data on Mobile Devices

Securing Healthcare Data on Mobile Devices Securing Healthcare Data on Mobile Devices Michelle Cook, Healthcare Mobility Specialist Keith Glynn, CISSP, Sr. Technical Solutions Engineer October 31, 2013 Poll Question #1 Has your organization deployed

More information

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief ForeScout CounterACT Device Host and Detection Methods Technology Brief Contents Introduction... 3 The ForeScout Approach... 3 Discovery Methodologies... 4 Passive Monitoring... 4 Passive Authentication...

More information

Embracing BYOD with MDM and NAC. Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout

Embracing BYOD with MDM and NAC. Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout Embracing BYOD with MDM and NAC Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout 1 Today s Agenda The BYOD Landscape Network Access Control (NAC) 101 Embracing BYOD with MDM and NAC Use Cases 2 The BYOD

More information

Mobile device Management mit NAC

Mobile device Management mit NAC Mobile device Management mit NAC fweisel@forescout.com 2012 ForeScout Technologies, Page 1 Die NAC Lösung Although approaches such as server-based computing and virtualization will also be used to deal

More information

Whitepaper. Securing Visitor Access through Network Access Control Technology

Whitepaper. Securing Visitor Access through Network Access Control Technology Securing Visitor Access through Contents Introduction 3 The ForeScout Solution for Securing Visitor Access 4 Implementing Security Policies for Visitor Access 4 Providing Secure Visitor Access How it works.

More information

INSERT COMPANY LOGO HERE

INSERT COMPANY LOGO HERE INSERT COMPANY LOGO HERE 2014 Frost & Sullivan 1 We Accelerate Growth Technology Innovation Leadership Award Network Security Global, 2014 Frost & Sullivan s Global Research Platform Frost & Sullivan is

More information

Technical Note. ForeScout CounterACT: Virtual Firewall

Technical Note. ForeScout CounterACT: Virtual Firewall ForeScout CounterACT: Contents Introduction... 3 What is the vfw?.... 3 Technically, How Does vfw Work?.... 4 How Does vfw Compare to a Real Firewall?.... 4 How Does vfw Compare to other Blocking Methods?...

More information

ForeScout CounterACT Endpoint Compliance

ForeScout CounterACT Endpoint Compliance Highlights Benefits Continuous Monitoring: Identify security posture of devices on your network in real-time. Remediation: Ensure ends are properly configured, security agents are updated and running properly,

More information

ControlFabric Interop Demo Guide

ControlFabric Interop Demo Guide ControlFabric Interop Demo Guide Featuring The ForeScout ControlFabric Interop Demo at It-Sa 2014 showcases integrations with our partners and other leading vendors that can help you achieve continuous

More information

The ForeScout Difference

The ForeScout Difference The ForeScout Difference Mobile Device Management (MDM) can help IT security managers secure mobile and the sensitive corporate data that is frequently stored on such. However, ForeScout delivers a complete

More information

Addressing BYOD Challenges with ForeScout and Motorola Solutions

Addressing BYOD Challenges with ForeScout and Motorola Solutions Solution Brief Addressing BYOD Challenges with ForeScout and Motorola Solutions Highlights Automated onboarding Full automation for discovering, profiling, and onboarding devices onto both wired and wireless

More information

Technical Note. ForeScout CounterACT Endpoint Detection & Inspection Methods

Technical Note. ForeScout CounterACT Endpoint Detection & Inspection Methods ForeScout CounterACT Endpoint Contents Introduction.... 3 Overview of ForeScout CounterACT... 3 Overview of Discovery and Inspection... 4 Host & Network Device Discovery... 4 Endpoint Detection & Inspection

More information

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) CONTENT Introduction 2 Overview of Continuous Diagnostics & Mitigation (CDM) 2 CDM Requirements 2 1. Hardware Asset Management 3 2. Software

More information

ForeScout MDM Enterprise

ForeScout MDM Enterprise Highlights Features Automated real-time detection of mobile Seamless enrollment & installation of MDM agents on unmanaged Policy-based blocking of unauthorized Identify corporate vs. personal Identify

More information

CounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module MaaS360 Version 1.0.1. ForeScout Mobile

CounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module MaaS360 Version 1.0.1. ForeScout Mobile CounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module Version 1.0.1 ForeScout Mobile Table of Contents About the Integration... 3 ForeScout MDM... 3 Additional Documentation...

More information

AirWatch Solution Overview

AirWatch Solution Overview AirWatch Solution Overview Marenza Altieri-Douglas - AirWatch Massimiliano Moschini Brand Specialist Itway 2014 VMware Inc. All rights reserved. Cloud Computing 2 BYOD 3 Device aziendali? 4 From Client/Server

More information

Network Access Control in Virtual Environments. Technical Note

Network Access Control in Virtual Environments. Technical Note Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Beyond the Firewall No. 71 February, 2012 Network Access Control Edition

Beyond the Firewall No. 71 February, 2012 Network Access Control Edition The Business Advantages of NAC-as-a-Service Benefits, Requirements and Considerations for the Customer and MSP Best practices for securing enterprise networks and data have traditionally focused on perimeter

More information

Security Considerations for Enterprise Mobility / BYOD

Security Considerations for Enterprise Mobility / BYOD Security Considerations for Enterprise Mobility / BYOD Scott Gordon (CISSP-ISSMP) Vice President ForeScout Technologies January, 2013 2013 ForeScout Technologies, Page 1 Framing Enterprise Mobility and

More information

Securing BYOD With Network Access Control, a Case Study

Securing BYOD With Network Access Control, a Case Study Securing BYOD With Network Access Control, a Case Study 29 August 2012 ID:G00226207 Analyst(s): Lawrence Orans VIEW SUMMARY This Case Study highlights how an organization utilized NAC and mobile device

More information

ForeScout Technologies Is A Leader Among Network Access Control Vendors

ForeScout Technologies Is A Leader Among Network Access Control Vendors For ForeScout Technologies Is A Leader Among Network Access Control Vendors Excerpted From The Forrester Wave : Network Access Control, Q2 2011 by John Kindervag with Stephanie Balaouras, Robert Whiteley,

More information

Jonas Vercruysse Technical Pre-sales February 2013. Endpoint Management. 2013 IBM Corporation

Jonas Vercruysse Technical Pre-sales February 2013. Endpoint Management. 2013 IBM Corporation Jonas Vercruysse Technical Pre-sales February 2013 Endpoint Management 2013 IBM Corporation Agenda 2 Intro IBM Endpoint Manager overview Key value adds Functionalities Use cases Wrap-up Agenda 3 Intro

More information

BYOD: BRING YOUR OWN DEVICE.

BYOD: BRING YOUR OWN DEVICE. white paper BYOD: BRING YOUR OWN DEVICE. On-boarding and Securing Devices in Your Corporate Network Preparing Your Network to Meet Device Demand The proliferation of smartphones and tablets brings increased

More information

Data Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement

Data Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement Comprehensive Endpoint Enforcement Overview is a complete, end-to-end network access control solution that enables organizations to efficiently and securely control access to corporate networks through

More information

Whitepaper. A Blueprint for Pervasive Network Security. How to accelerate continuous visibility, control intelligence, and policy-based response.

Whitepaper. A Blueprint for Pervasive Network Security. How to accelerate continuous visibility, control intelligence, and policy-based response. A Blueprint for Pervasive Network Security How to accelerate continuous visibility, control intelligence, and policy-based response. Contents Why Conventional IT Security is Failing... 4 1) Identification

More information

Whitepaper. A Blueprint for Continuous Monitoring and Mitigation

Whitepaper. A Blueprint for Continuous Monitoring and Mitigation A Blueprint for Continuous Contents Why Conventional IT Security is Failing... 4 1) Identification of risks is too slow...5 2) Identification of risks is incomplete...5 3) Detection of breaches is too

More information

Models HP IMC Smart Connect Edition Virtual Appliance Software E-LTU

Models HP IMC Smart Connect Edition Virtual Appliance Software E-LTU Models HP IMC Smart Connect Edition Virtual Appliance Software E-LTU JG659AAE Key features Identity-based access, advanced device profiling, and real-time traffic quarantining Converged network support

More information

This chapter covers the following topics: Network admission control overview NAC Framework benefits NAC Framework components Operational overview

This chapter covers the following topics: Network admission control overview NAC Framework benefits NAC Framework components Operational overview This chapter covers the following topics: Network admission control overview NAC Framework benefits NAC Framework components Operational overview Deployment models C H A P T E R 6 Implementing Network

More information

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks Tech Brief Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks Introduction In today s era of increasing mobile computing, one of the greatest challenges

More information

MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series MDM Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Aaron Woland Date: December 2012 Table of Contents Introduction.... 3 What Is the Cisco TrustSec System?...

More information

Sygate Secure Enterprise and Alcatel

Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise eliminates the damage or loss of information, cost of recovery, and regulatory violation due to rogue corporate computers, applications, and

More information

OneFabric Connect. Overview. Extend the OneFabric architecture to 3rd party applications DATA SHEET BENEFITS BUSINESS ALIGNMENT

OneFabric Connect. Overview. Extend the OneFabric architecture to 3rd party applications DATA SHEET BENEFITS BUSINESS ALIGNMENT DATA SHEET OneFabric Connect Extend the OneFabric architecture to 3rd party applications BUSINESS ALIGNMENT Embrace BYOD by mixing and matching managed and unmanaged devices on the same infrastructure

More information

Cisco TrustSec Solution Overview

Cisco TrustSec Solution Overview Solution Overview Cisco TrustSec Solution Overview 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 10 Contents Introduction... 3 Solution Overview...

More information

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved. Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security

More information

Technical Note. CounterACT: 802.1X and Network Access Control

Technical Note. CounterACT: 802.1X and Network Access Control CounterACT: 802.1X and Contents Introduction...3 What is 802.1X?...3 Key Concepts.... 3 Protocol Operation...4 What is NAC?...4 Key Objectives.... 5 NAC Capabilities.... 5 The Role of 802.1X in NAC...6

More information

XenMobile Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

XenMobile Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series XenMobile Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Aaron Woland Date: December 2012 Table of Contents Introduction... 3 What Is the Cisco TrustSec System?...

More information

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment... 2. Adaptive Network Security...

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment... 2. Adaptive Network Security... WHITEPAPER Top 4 Network Security Challenges in Healthcare Addressing Them with Adaptive Network Security Executive Summary... 1 Top 4 Network Security Challenges Addressing Security Challenges with Adaptive

More information

How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO

How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO Data everywhere but protection? Unprotected Data Needing Protection

More information

Kaseya IT Automation Framework

Kaseya IT Automation Framework Kaseya Kaseya IT Automation Framework An Integrated solution designed for reducing complexity while increasing productivity for IT Professionals and Managed Service Providers. The powerful, web-based automation

More information

» WHITE PAPER. 802.1X and NAC: Best Practices for Effective Network Access Control. www.bradfordnetworks.com

» WHITE PAPER. 802.1X and NAC: Best Practices for Effective Network Access Control. www.bradfordnetworks.com » WHITE PAPER 802.1X and NAC: Best Practices for Effective Network Access Control White Paper» 802.1X and NAC: Best Practices for Effective Network Access Control 1 IEEE 802.1X is an IEEE (Institute of

More information

RFI Template for Enterprise MDM Solutions

RFI Template for Enterprise MDM Solutions RFI Template for Enterprise MDM Solutions 2012 Zenprise, Inc. 1 About This RFI Template A secure mobile device management solution is an integral part of any effective enterprise mobility program. Mobile

More information

Secure Networks for Process Control

Secure Networks for Process Control Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than

More information

Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks

Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks Cisco IT Article December 2013 End-to-End Security Policy Control Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks Identity Services Engine is an integral

More information

Technical Note. ForeScout CounterACT Rogue Device Detection

Technical Note. ForeScout CounterACT Rogue Device Detection ForeScout CounterACT Contents Introduction.... 3 The Importance of... 3 Types of Rogue Devices................................................................................................................................3

More information

InfoExpress Cyber Gatekeeper. How to quote? Günter Neuleitner. März 2009

InfoExpress Cyber Gatekeeper. How to quote? Günter Neuleitner. März 2009 InfoExpress Cyber Gatekeeper How to quote? Günter Neuleitner März 2009 Agenda 1. Introduction 2. Components 3. Quoting CyberGatekeeper 4. AGENTLESS AND AGENT-BASED 5. Examples 1 Introduction 3 Presentation

More information

Symantec Mobile Management Suite

Symantec Mobile Management Suite Symantec Mobile Management Suite One Solution For All Enterprise Mobility Needs Data Sheet: Mobile Security and Management Introduction Most enterprises have multiple mobile initiatives spread across the

More information

Full protection for all networks

Full protection for all networks CounterACT 7.0.0 by ForeScout The Test Full protection for all networks Dr. Götz Güttich With CounterACT 7, ForeScout offers a comprehensive security solution that enables companies to monitor and protect

More information

ClearPass: Understanding BYOD and today s evolving network access security requirements

ClearPass: Understanding BYOD and today s evolving network access security requirements ClearPass: Understanding BYOD and today s evolving network access security requirements ClearPass: Understanding BYOD and today s evolving network access security requirements Chapter 1: Introduction............................

More information

Cisco IDENTITY. SERVICES. ENGINE GORAN PETEH ENTERPRISE SYSTEMS ENGINEER

Cisco IDENTITY. SERVICES. ENGINE GORAN PETEH ENTERPRISE SYSTEMS ENGINEER Cisco IDENTITY. SERVICES. ENGINE GORAN PETEH ENTERPRISE SYSTEMS ENGINEER GOPETEH@CISCO.COM the challenge 67,000+ and Counting As of June 1 st 2013, that's how many BYOD devices employees are using @ Cisco

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations

More information

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility

More information

WHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2

WHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2 WHITEPAPER Top 4 Network Security Challenges in Healthcare Addressing Them with Secure Network Access Control Executive Summary... 1 Top 4 Network Security Challenges Addressing Security Challenges with

More information

McAfee Acquires NitroSecurity

McAfee Acquires NitroSecurity McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security

More information

Cisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS)

Cisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS) White Paper Cisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS) By Jon Oltsik, Senior Principal Analyst October 2014 This ESG White

More information

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark The self-defending network a resilient network By Steen Pedersen Ementor, Denmark The self-defending network - a resilient network What is required of our internal networks? Available, robust, fast and

More information

Company Facts. 1,800 employees. 150 countries. 12,000 customers and growing. 17 languages. 11 global offices

Company Facts. 1,800 employees. 150 countries. 12,000 customers and growing. 17 languages. 11 global offices Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitment from VMware to deliver these features in any generally

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

Automate PCI Compliance Monitoring, Investigation & Reporting

Automate PCI Compliance Monitoring, Investigation & Reporting Automate PCI Compliance Monitoring, Investigation & Reporting Reducing Business Risk Standards and compliance are all about implementing procedures and technologies that reduce business risk and efficiently

More information

Empowering BYOD and Mobile Security in the Enterprise. Jeff Baum, APAC Managing Director

Empowering BYOD and Mobile Security in the Enterprise. Jeff Baum, APAC Managing Director Empowering BYOD and Mobile Security in the Enterprise Jeff Baum, APAC Managing Director Growth of Mobile Mobile worker population will reach 1.3 Billion in 2015 Source: IDC Worldwide Mobile Worker Population

More information

SapphireIMS 4.0 BSM Feature Specification

SapphireIMS 4.0 BSM Feature Specification SapphireIMS 4.0 BSM Feature Specification v1.4 All rights reserved. COPYRIGHT NOTICE AND DISCLAIMER No parts of this document may be reproduced in any form without the express written permission of Tecknodreams

More information

The Critical Security Controls: What s NAC Got to Do with IT?

The Critical Security Controls: What s NAC Got to Do with IT? The Critical Security Controls: What s NAC Got to Do with IT? A SANS Product Review 2nd Edition, updated January 2015 Sponsored by ForeScout Technologies 2015 SANS Institute Introduction Although attacks

More information

Network Virtualization Network Admission Control Deployment Guide

Network Virtualization Network Admission Control Deployment Guide Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus

More information

Average annual cost of security incidents

Average annual cost of security incidents Breaches reported Annual number of data breaches Average annual cost of security incidents Among companies with revenues over $1 billion Regulatory mandates 900 800 700 600 500 400 300 200 100 0 2011 2012

More information

Netzwerkvirtualisierung? Aber mit Sicherheit!

Netzwerkvirtualisierung? Aber mit Sicherheit! Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction

More information

ARCHITECT S GUIDE: Mobile Security Using TNC Technology

ARCHITECT S GUIDE: Mobile Security Using TNC Technology ARCHITECT S GUIDE: Mobile Security Using TNC Technology December 0 Trusted Computing Group 855 SW 5rd Drive Beaverton, OR 97006 Tel (50) 69-056 Fax (50) 644-6708 admin@trustedcomputinggroup.org www.trustedcomputinggroup.org

More information

Chris Boykin VP of Professional Services

Chris Boykin VP of Professional Services 5/30/12 Chris Boykin VP of Professional Services Future Com! 20 years! Trusted Advisors! Best of brand partners! Brand name customers! 1000 s of solutions delivered!! 1 5/30/12 insight to the future, bringing

More information

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0 ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Introduction to Network Security

More information

Vulnerability Management

Vulnerability Management Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other

More information

IBM Endpoint Manager for Mobile Devices

IBM Endpoint Manager for Mobile Devices IBM Endpoint Manager for Mobile Devices A unified platform for managing mobile devices together with your traditional endpoints Highlights Address business and technology issues of security, complexity

More information

Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds.

Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds. ENTERPRISE MONITORING & LIFECYCLE MANAGEMENT Unify IT Operations Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid

More information

ClearPass Policy Manager

ClearPass Policy Manager Manager The most comprehensive network access policy enforcement platform for BYOD Key features Unsurpassed multivendor wireless and wired interoperability Built-in guest, profiling, network access control

More information

SOSPG2. Implementing Network Access Controls. Nate Isaacson Security Solution Architect Nate.Isaacson@cdw.com

SOSPG2. Implementing Network Access Controls. Nate Isaacson Security Solution Architect Nate.Isaacson@cdw.com SOSPG2 Implementing Network Access Controls Nate Isaacson Security Solution Architect Nate.Isaacson@cdw.com Offer Pa Agenda The BYOD Challenges NAC terms The Big Picture NAC Solutions and Deployment What

More information

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription

More information

Policy Management: The Avenda Approach To An Essential Network Service

Policy Management: The Avenda Approach To An Essential Network Service End-to-End Trust and Identity Platform White Paper Policy Management: The Avenda Approach To An Essential Network Service http://www.avendasys.com email: info@avendasys.com email: sales@avendasys.com Avenda

More information

Clavister InSight TM. Protecting Values

Clavister InSight TM. Protecting Values Clavister InSight TM Clavister SSP Security Services Platform firewall VPN termination intrusion prevention anti-virus anti-spam content filtering traffic shaping authentication Protecting Values & Enterprise-wide

More information

Devising a Server Protection Strategy with Trend Micro

Devising a Server Protection Strategy with Trend Micro Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper Trend Micro, Incorporated» A detailed account of why Gartner recognizes Trend Micro as a leader in Virtualization and Cloud

More information

Technical Note. CounterACT: Powerful, Automated Network Protection Inside and Out

Technical Note. CounterACT: Powerful, Automated Network Protection Inside and Out CounterACT: Powerful, Contents Introduction...3 Automated Threat Protection against Conficker... 3 How the Conficker Worm Works.... 3 How to Use CounterACT to Protect vs. the Conficker Worm...4 1. Use

More information

Devising a Server Protection Strategy with Trend Micro

Devising a Server Protection Strategy with Trend Micro Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper» Trend Micro s portfolio of solutions meets and exceeds Gartner s recommendations on how to devise a server protection strategy.

More information

Meraki: Introduction to Cloud Networking

Meraki: Introduction to Cloud Networking Meraki: Introduction to Cloud Networking April 30, 2014 Sharif Kotb Meraki Business Manager KSA, UAE, Turkey, & Qatar Agenda About Cisco s Cloud Managed Networking Cloud Architecture Solution Overview

More information

SolarWinds Network Performance Monitor

SolarWinds Network Performance Monitor SolarWinds Network Performance Monitor powerful network fault & availabilty management Fully Functional for 30 Days SolarWinds Network Performance Monitor (NPM) makes it easy to quickly detect, diagnose,

More information

FISMA / NIST 800-53 REVISION 3 COMPLIANCE

FISMA / NIST 800-53 REVISION 3 COMPLIANCE Mandated by the Federal Information Security Management Act (FISMA) of 2002, the National Institute of Standards and Technology (NIST) created special publication 800-53 to provide guidelines on security

More information

SolarWinds Security Information Management in the Payment Card Industry: Using SolarWinds Log & Event Manager (LEM) to Meet PCI Requirements

SolarWinds Security Information Management in the Payment Card Industry: Using SolarWinds Log & Event Manager (LEM) to Meet PCI Requirements SolarWinds Security Information Management in the Payment Card Industry: Using SolarWinds Log & Event Manager (LEM) to Meet PCI Requirements SolarWinds Security Information Management in the Payment Card

More information

SolarWinds Network Performance Monitor powerful network fault & availabilty management

SolarWinds Network Performance Monitor powerful network fault & availabilty management SolarWinds Network Performance Monitor powerful network fault & availabilty management Fully Functional for 30 Days SolarWinds Network Performance Monitor (NPM) is powerful and affordable network monitoring

More information

D-View 7 Network Management System

D-View 7 Network Management System Product Highlights Comprehensive Management Manage your network effectively with useful tools and features such as Batch Configuration, SNMP, and Flexible command Line Dispatch Hassle-Free Network Management

More information

2014 Cisco and/or its affiliates. All rights reserved.

2014 Cisco and/or its affiliates. All rights reserved. 2014 Cisco and/or its affiliates. All rights reserved. Cisco Meraki: a complete cloud-managed networking solution - Wireless, switching, security, and MDM, centrally managed over the web - Built from the

More information

Orchestrated Security Network. Automated, Event Driven Network Security. Ralph Wanders Consulting Systems Engineer

Orchestrated Security Network. Automated, Event Driven Network Security. Ralph Wanders Consulting Systems Engineer Orchestrated Security Network Automated, Event Driven Network Security Ralph Wanders Consulting Systems Engineer Orchestrated Security Network! " TCG/ TNC Architecture! " IF-MAP! " Use cases of IF-MAP!

More information

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013

More information

Critical Security Controls

Critical Security Controls Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security

More information

Business white paper. Missioncritical. defense. Creating a coordinated response to application security attacks

Business white paper. Missioncritical. defense. Creating a coordinated response to application security attacks Business white paper Missioncritical defense Creating a coordinated response to application security attacks Table of contents 3 Your business is under persistent attack 4 Respond to those attacks seamlessly

More information

COORDINATED THREAT CONTROL

COORDINATED THREAT CONTROL APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,

More information

Information Technology Solutions

Information Technology Solutions Managed Services Information Technology Solutions A TBG Security Professional Services Offering LET TBG MANAGE YOUR INFRASTRUCTURE WITH CONFIDENCE: TBG S INTEGRATED IT AUTOMATION FRAMEWORK PROVIDES: Computer

More information

DeltaV Cyber Security Solutions

DeltaV Cyber Security Solutions TM DeltaV Cyber Security Solutions A Guide to Securing Your Process A long history of cyber security In pioneering the use of commercial off-the-shelf technology in process control, the DeltaV digital

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

Reducing the cost and complexity of endpoint management

Reducing the cost and complexity of endpoint management IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,

More information

Sourcefire Defense Center TM

Sourcefire Defense Center TM Sourcefire TM Sourcefire Capabilities Store up to 100,000,000 security & host events, including packet data Centralized policy & sensor management Centralized audit logging of configuration & security

More information