ForeScout updates NAC box

Forescout has updated the software in its CounterACT NAC appliances, adding features such as a “dissolving client,” and the ability for administrators to write scripts that automate the process of remediation, bringing a PC into line with security policies.

The company also said it is adding an appliance that’s almost twice as powerful as its current top-end system. The CT-4000 will support up to 4000 concurrent connections, compared with 2500 connections for the CT-2000.

CounterACT’s dissolving client works by initiating an outbound SSL connection from the PC back to the NAC appliance, and was developed to cope with personal firewalls on visiting PCs, such as contractors’ laptops, said Ray Wizbowski, ForeScout’s marketing VP.

“We don’t want to put an agent on those PCs because it introduces a point of vulnerability,” he added.

He said that ForeScout has also improved its policy creation process, which he claimed makes it more flexible and intuitive, and has extended its device support. In particular, it can now detect and control a VoIP device connected to a PC and sharing its IP address.

“We can separate a phone from a PC by its MAC address and put it in a VoIP VLAN,” Wizbowski claimed.

CounterACT combines several features relevant to NAC, allowing a single appliance to replace up to four systems from the likes of Cisco, he said.

As well as inspecting PCs and other network devices for security threats, it applies security policies and monitors the network for non