Q&A with Gord Boyce ForeScout Technologies
VSM: Who is ForeScout and what products does your company offer?
GB: ForeScout helps customers advance network connectivity and user productivity initiatives without compromising security. In particular, we provide an automated control platform for network access, mobile security, endpoint compliance and threat management. We have been in business for ten years and have about 1000 commercial, government and military installations worldwide.
VSM: The industry has invested heavily in security, yet incidents still persist – what are some of the more recent threats that keep IT up at night?
GB: You are certainly are seeing more security issues and attacks in the news – from WikiLeaks, espionage and hacktivists to data breaches due to lost notebooks and smartphones. From our vantage point, our customers are looking for greater visibility and control. The first problem is the massive number of corporate and personal mobile devices now entering a corporate network and how to manage those mobile security risks. The second issue is with regards to endpoint compliance – essentially making sure that PCs connected to the network are up-to-date and running appropriate software and that they are not infected or doing malicious activity. Lastly, everyone is leveraging virtualization and there is concern for how virtual machines are accounted for as they are brought up or move and how to tie in the physical and virtual infrastructure defenses.
VSM: You just released your virtual appliance – what flexibility does that provide your customers?
GB: Yes we did. Our product line, CounterACT, is now offered as a virtual appliance running on VMware. The product works identically to our current appliance but offers customers more flexibility in term of provisioning and scaling. Rather than waiting for the physical appliance to ship and spending time racking, users can simply download the software and install on a VM. Our CounterACT Enterprise Manager can also be implemented as a VM and can uniformly manage multiple physical and virtual appliances – so literally an IT manager can gain visibility and control for over 250,000 devices all from one console. Beyond the deployment benefits, not being confined to a physical appliance also allows our customers to upgrade capacity when they need to. We also put together an investment protection program that makes it convenient for customers to upgrade to a “larger” model when they need do.
VSM: What does ForeScout offer for securing the virtual environment?
GB: CounterACT lets you see all devices connecting to the network, both physical and virtual, in real-time. Security and network operations can understand who, what and when systems are connecting. The OS, applications, and all the processes and more are captured and presented in real-time without requiring agents. We also assess the security profile of every system such as if the anti-virus is up-to-date, firewall is active or patch is current. All the devices are organized for easy viewing and reporting including all physical systems and VMware, Microsoft Hyper-V and Citrix XenServer guest hosts. And we offer the means to take actions based on any user, device, configuration or condition such as to disable a blacklisted application, like peer-2-peer.
