Forescout A Modern NAC

• Why to use NAC server

• Newer Techniques

• Forescout
Challenges
• Unmannged & outnumbered Devices
• Multivendor networks
• Remote Corporate Users
• Inability to automate security updates.
• Growing number unmanaged Device cause risk.
 The Solution: Forescout Modern NAC
• Non-disruptive
• Easy to Deploy
• Securely authenticate to IoT Devices
• With or without agent
• With or without 802.1x
• Continuous Monitoring
• Capability to identify, classify and assess accurately
Visibility and Control:
Why You Need It
• Zero Trust Network

• Why Visibility and Control are Hard to Obtain

• You cant secure what you cant see
• Agent base systems
• 802.1x base cause blind spot
• Multivendor network
• IoT devices cant authenticate using traditional method
• Mobile, BYOD and guest
Who, What, When and where of your
network
• 500+Operating
• Provide Continuous Monitoring Systems & Versions
• Allow IT organizations to work Efficiently • 5,000+ Device Vendors
& Models
• Automatically discover, classify and applies policy • 3,000+ Models of IIOT
& OT Devices
• Minimiz Security Risk
• Work well with manage and un-manage, known and unknown, mobile
and PC
• eyesight
• Dicover
• Classification
• Assessment
• eyeSegment
• Able to build unified policy
• To know who will be impacted with the policy
• eyeControl
• Device Compliance
• eyeExtend
• Orchestration with Security Product
ForeScout’s visibility platform
• Capability to provide See, Control and Orcestration
See Control Orchestrate
• To know what’s on your network, you
• Automate Policy-based Access Controls • Sharing information with IT/Secrity
must talk to your network. Management to automayte security
• find and fix endpoint security gap
workflow.
• For example, CounterACT can remediate
• Itegrates with infrastructure Tools noncompliant endpoints by initiating • Make existing security tools and analysis
antivirus software updates, triggering richer and more context-aware
• Industrial IoT and critical SCCM for patching endpoints, killing
blacklisted apps, etc. Unlike other • Enabling a constant exchange of device
infrastructure systems create unique solutions that are limited to built-in hygiene, threat, behavior and complianc
visibility challenges. remediation actions, you can run custom data
scripts on devices to let you keep up with
• Automate policy enforcement to acceler
changing needs. In addition, protecting
your enterprise from risky BYOD devices response and substantially improve your
belonging to employees and contractors security posture
becomes easy as you can place them on a
guest network or route them to an
automated onboarding portal for
network access .
Identify: Comply:
Discover, classify and inventory all Assess security posture and
connected devices Compliance

• Choose from 20+ active and passive discovery and profiling • Find and fix managed devices with broken or missing agents
methods from your existing security tools
• 12M+ device fingerprints: • Detect device noncompliance, posture changes,
• give you high-fidelity, three-dimensional device classification vulnerabilities, weak credentials, spoofing attempts and
capabilities to determine device function, OS, vendor and other high-risk indicators—all without agents
model, and more • Assess and continuously monitor unmanaged devices,
• Gain complete coverage across all locations, networks and including those that can’t accept agents, for enforcing
device types—without blind spots—with or without 802.1X security compliance
authentication
Connect:
Enforce access policies across heterogeneous networks

• No requirement of hardware or software upgrades to infrastructure.

• Provision least-privilege access to enterprise resources based on user
• role, device type and security posture
• Prevent unauthorized, rogue and impersonating devices from connecting
• Address internal audits and external regulations with confidence, knowing that the security controls you have in place
enforce compliance while keeping users productive
 Identification of Every Device on Every
Network
passive to the network active on the network active on the end device
and end device infrastructure. • Examples include scanning network segments
for connected devices using Nmap, remotely
• Examples include receiving SNMP traps from • Examples include polling switches, VPN inspecting Windows devices using WMI, or Mac
switches and wireless controllers, concentrators, wireless controllers and private and Linux devices using SSH and endpoint
monitoring a SPAN port and parsing protocol and public cloud controllers for a list of profiling using SNMP queries.
streams in the traffic (Forescout provides connected devices and VMs. For user and
deep packet inspection for more than 150 IT device data, the Forescout platform queries
and OT protocols), collecting and analyzing directory services, web applications or external
flow data, or evaluating DHCP requests and databases.
HTTP user agent traffic. If 802.1X is
implemented, Forescout also monitors
RADIUS requests using a built-in or external
server.
Auto-classify new devices and understand
risks

• IoT devices and OT systems that don’t support software agents

• Explosive growth in new Devices and OS is a challenge for IT personals

• Forescout Device Cloud

• 12M+ enterprise customer device
 How Agentless Visibility Adds Value to The
Business:
• Non-disruptive deployment • Vendor-agnostic
• Accurate visibility and posture • No forced software or hardware
assessment upgrades
• Enhances network security • Flexible deployment
• Real-time device visibility and security • Plug-and-play integrations with leading
automation IT and security products
• Agentless posture and risk assessment • Avoid 802.1X complexity
• Rapid time to value
Benefits
• Choose from 20+ active and passive techniques for the most comprehensive
agentless device
• Accurately auto-classify devices based on device function, operating system and
version, and vendor and model
• Automatically create and maintain a real-time asset inventory of every IP-
connected device on your extended network
• Assess and continuously monitor the security posture of all devices – without
agents
• Confirm to security policies and industry mandates by automating endpoint
remediation
• Enforce flexible network controls based on authentication, user role, device type
and security posture – across any heterogeneous wired, wireless or VPN network
• Enforce least privileged access control for Zero Trust security