XChange 2012: ForeScout Adds Mobile Security To Its NAC-as-a-Service Platform

The overall platform is designed to provide increased visibility and automated control over devices being connected to the enterprise. ForeScout Mobile, delivered through the add-ons, will increase the granularity of that information with an eye towards augmenting security assessments and policy enforcement.

The ForeScout Mobile Security Module provides extensive data on the device, its user, its configuration, its apps and its security posture for iOS and Android platform.

[Related: CRN's Exclusive Coverage Of XChange 2012 ]

"Devices can be identified by IP address, by MAC address, through open ports, or even through notification traps on switches," explained Ted Lee, a systems engineer at ForeScout. "This can be used to deliver a variety of access control benefits, especially given the growth of the BYOD phenomenon. Unrecognized devices can be registered onto the system, capturing basically any information the customer wants, and then a certificate is added to the device, at which point it is considered fully managed."

Sponsored post

And, that manageability enables a wide variety of features, including email forwarding control as well as the ability to shut down cameras on smartphones when users enter sensitive areas.

The company promises that the mobile-enabled platform will provide a more agile solution that does not require agents or 802.1x managed endpoints, while at the same time offering full interoperability to minimize the integration efforts. Implementation is aided by a customizable array of device identification and auto-classification capabilities as well as extensible network access, endpoint compliance, guest networking and threat prevention security templates.

"Classification of the device is especially important," said Scott Gordon, ForeScout's vice president of worldwide marketing. "You don't want to mistake a heart monitor for a printer when you're working in a hospital."

The 12-year-old company currently has about 1,300 customers, mostly in the federal, financial, healthcare, manufacturing and energy verticals.

"This removes barriers to entry when we're working with customers who don't necessarily have the budget needed for most NAC solutions," explained Dale Tesch, global director of professional services at Integralis, a Bloomfield, Conn.-based channel partner. "This platform enables us to detect and identify devices on the network. It's a very intelligent database. Then we can add additional value through policy control, as well as control of the devices on the network.

The contract is based on monthly pricing, tiered discounts and on-demand license expansion options.

The offering, which was announced at XChange 2012 in Dallas, Texas, is now available as a subscribed hosted or managed service through authorized MSPs.