一个基于DPI技术实现了内网资产识别的应用

https://www.forescout.com/products/counteract/see/visibility-capabilities/

Home ≫ Products ≫ ForeScout CounterACT® ≫ SEE ≫ See Capabilities*

See Capabilities*

 

Device Information

 

• Device type (printer, wireless network device, laptop, etc.)
• Device authentication/NETBIOS/domain membership
• System information (manufacturer, model name, number of processors)
• Storage information (drive type, volume name, size and name)
• Motherboard (manufacturer, model, serial number, removable)
• RAM (memory type, capacity, manufacturer, serial number and speed)
• Network adapter (DeviceID, name, adapter type and speed)
• Processors (number of cores, description, family and manufacturer)
• MAC/IP address
• NIC vendor
• Hostname

 

Security Status

 

• Anti-malware agents status (installed/running) and database versions
• Patch management agent status (installed/running)
• Firewall status (installed/running)
• Audit trail of changes to OS/configuration/application
• X.509 certificates

 

User Information

 

• Username
• Full name
• Authentication status
• Workgroup
• Email address
• Phone number
• Guest/authentication status

 

Device Information

 

• Device type (printer, wireless network device, laptop and more)
• Device authentication/NETBIOS/domain membership
• MAC/IP address
• NIC vendor

 

Operating System Status

 

• Type
• Version number
• Patch level
• Processes and services installed or running
• Registry and configuration
• File name/size/date/version
• Shared directories security status
• Anti-malware agents status (installed/running) and database versions
• Patch management agent status (installed/running)
• Firewall status (installed/running)
• Audit trail of changes to OS/configuration/application

Application Information

 

• Authorized applications installed/running
• Rogue applications installed/running
• P2P/IM clients installed/running
• Application name and version number
• Registry values
• File sizes
• Modification date and patch level

 

Peripheral Information

 

• Device class (disk, printer, DVD/CD, modem, NIC, memory, phone and more)
• Connection type (USB, Bluetooth, infrared, wireless)
• Device information (make, model, device ID, serial number)

 

Network Traffic Information

 

• Malicious traffic (worm propagation, device spoofing, intrusion, spam and more)
• Traffic source/destination
• Rogue NAT/DHCP behavior
• IPv6 tunnels through IPv4

 

Physical Layer Information

 

• Switch IP, description, location
• Switch port
• VLAN
• Number of devices on any port
• 802.1X authentication status

 

Virtual Servers/Desktops

 

• Server name
• Server build
• Server instance
• Server license product name
• Server license product version
• Server locale build
• Server locale version
• Server OS type
• Server product ID
• Server product name
• Server vendor
• Server version
• Server IP
• Guest OS information

 

 

Industry Solutions

GOVERNMENT

 

Security, privacy and compliance begin at the endpoint

Local, state and federal government agencies are prime targets for hackers, whether politically motivated, seeking information they can sell, or simply engaged in mischief. By providing secure network access for a wide range of devices and user populations, ForeScout CounterACT® can help government agencies protect their confidential data and support their compliance efforts with mandated policies and regulations such as FISMA, NERC, ISO/IEC 27001 and the GDPR. ForeScout can:

• Identify managed and unmanaged devices and control the spread of malware across the network
• Guard against targeted threats that can result in stolen data and network downtime
• Address endpoint compliance issues related to Security Content Automation Protocol (SCAP)

 

Learn more about what CounterACT can do for you.

Visit our Government Solutions Page

Case Study

Solution Brief

 

 

 

When it’s late at night, or when my staff is sleeping, CounterACT is working with our other security solutions to take immediate action on threats. You can’t put a price tag on that type of automation.

Michael Roling, Chief Information Security Officer, State of Missouri

 

 

FINANCIAL

 

Case Study

Solution Brief

PCI Solution Brief

Protect information assets and fortify security, privacy and compliance

Although financial institutions face threats from a multitude of sources, today’s primary risks are internal. Employees and contractors misuse and abuse corporate data resources—intentionally or otherwise—and their personally owned devices can wreak havoc on network security and stability. CounterACT delivers real-time visibility and automates control of devices the instant they connect to your network to:

• Improve security posture without impeding customer service
• Reduce risks of data breaches, ransomware and malware attacks
• Support your compliance efforts with regard to FINRA, GLBA, PCI DSS, SOXand other regulatory mandates

Learn more about what CounterACT can do for you.

Visit our Financial Solutions Page

 

 

Ease of implementation and support for hybrid environments made
ForeScout the logical choice. Its Value and ROI were clearly superior.

Dominic Hart, Manager Information Security Architecture, IT&S Security, RWJBarnabas Health

 

 

HEALTHCARE

 

Boost security, privacy and compliance in clinical settings

Healthcare organizations are facing constant threats as new types of devices add vulnerabilities to medical networks. CounterACT sees devices including medical, personally owned and IoT devices, the instant they connect. Its policy engine identifies thousands of medical devices from leading manufacturers to help you:

• Improve security posture without impeding medical care
• Expand network access to doctors and other clinicians, caregivers, research organizations and contractors
• Support compliance efforts with regard to mandates from HIPAA, HITRUST, HITECH, OSHA and other regulatory bodies

 

Learn more about what CounterACT can do for you.

Visit our Healthcare Solutions Page

Case Study

Healthcare Solution Brief

PCI Solution Brief

HIPAA Solution Brief

 

EDUCATION

 

Case Study

Maintain security and privacy while facilitating learning

Security teams at educational institutions face a unique challenge: dealing with a constantly changing array of unmanaged devices connecting to the network even as they must try their best to maintain the free flow of information. But with CounterACT, you can:

• Control access to networks by students, teachers, administration and guests
• Automatically enforce limits based on identities
• Continuously monitor the behavior of devices on the network and automatically execute a range of responses

Learn more about what CounterACT can do for you.

Visit our Education Solutions Page

 

 

RETAIL

 

Reduce risks of data breaches and malware attacks

Cybercriminals constantly look for—and find—opportunities in the retail environment. As breach disclosures continue unabated, retailers need better ways to secure POS systems, ATMs, kiosks and other endpoints while keeping pace with regulations. CounterACT helps retailers address PCI DSS 3.0 compliance and reassure customers and shareholders. This powerful appliance can:

• Continuously monitor POS machines and other devices
• Automatically detect and remediate retail endpoints
• Identify and control devices that are attempting to access the network

Learn more about what CounterACT can do for you.

Case Study

PCI Solution Brief

 

MANUFACTURING

 

Case Study

Protect intellectual property, business operations and your company’s brand

Cybersecurity in manufacturing is extremely complex because there’s so much at stake—everything from factory floor operations to reputations, not to mention productivity and profitability. Fortunately, CounterACT lets you:

• Gain real-time visibility and endpoint compliance by continuously monitoring the vast array of small-footprint, IP-connected devices
• Automate remediation of vulnerabilities on managed and unmanaged endpoints
• Rapidly respond to incidents without human intervention

Learn more about what CounterACT can do for you.