ForeScout software scans network endpoints inside and out

Security: Network Access Control This newsletter is sponsored by Blue Coat Get the latest on Web Acceleration Tools Discover how to significantly improve document delivery times for users that are physically away from your centralized data center. A document that takes 80 minutes to delivery to a user across the globe could be delivered in three minutes with Web acceleration. Learn how your IT organization can benefit from this technology. Listen to this Webcast now. Network World's Security: Network Access Control Newsletter, 10/04/07 ForeScout software scans network endpoints inside and out By Tim Greene ForeScout, which previously scanned network endpoints externally, is introducing client software that checks out machines as they try to join networks. Secure Connector is a dissolvable agent that is downloaded to client machines and runs during a given session then dissolves. The agent can also be permanently installed on the client machines if, for example, they are managed by the customer. Secure Connector interrogates the machines for security posture data that it forwards to the ForeScout CounterACT NAC platform to make a policy decision about whether to admit the machines to the network. The client, which is a .exe file, connects to the CounterACT platform via an SSL connection, making it possible for the agent on remote machines to link in through a corporate firewall. Straight Talk from Security Experts Leading security experts share their advice, secrets and real-world experiences in Network World's latest Executive Guide, "The Security Treadmill." Learn how to get inside users' heads, fight for a bigger security budget and much more. Click here to download this Executive Guide. If the end machines will not accept the agent, CounterACT performs a clientless interrogation that yields less information about the state of the machines. An upgraded software version for CounterACT enables a new option for enforcing policies. Session-specific enforcement can enforce separate policies depending on what time of day a user is accessing the network, or what domain the machine is attached to, for instance. The software can detect ARP spoofing that may indicate a man-in-the-middle attack and block it. The software can also perform open-port hardening that diverts traffic from non-used ports to a quarantined virtual LAN. CounterACT software supports VoIP phones that are connected to PCs on corporate networks. If the PCs are found out of compliance with NAC policy, they can be restricted but the phones are still allowed to work. The new software is available now.   What do you think? Post a comment on this newsletter

MOST-READ REVIEWS FOR THE PAST YEAR: (Registration no longer required!) 1. NAC alternatives hit the mark 2. WAN acceleration offers huge payoff 3. Aruba conquers challenge of Wi-Fi scalability 4. Cisco hits on firewall/VPN, misses on ease of use 5. IP PBXs built on open source show promise 6. Vista security needs admin attention 7. Backup standbys show their strength 8. Is Microsoft OCS your next IP PBX? 9. Open source management tools score big 10. Open source Quagga router acceptable

Contact the author: Tim Greene is a senior editor at Network World, covering network access control, virtual private networking gear, remote access, WAN acceleration and aspects of VoIP technology. You can reach him at tgreene@nww.com. This newsletter is sponsored by Blue Coat Get the latest on Web Acceleration Tools Discover how to significantly improve document delivery times for users that are physically away from your centralized data center. A document that takes 80 minutes to delivery to a user across the globe could be delivered in three minutes with Web acceleration. Learn how your IT organization can benefit from this technology. Listen to this Webcast now. ARCHIVE Archive of the Security: Network Access Control Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007