ForeScout Technologies, Inc., a provider of automated security control solutions for Fortune 1000 enterprises and government organizations, has been certified by Q1 Labs, an IBM company and global provider of security intelligence solutions, for its Security Intelligence Partner Program (SIPP).
This partnership will allow joint customers to greatly improve real-time visibility, security intelligence and automated control while delivering real-time monitoring and enterprise risk assessment of non-compliant managed and unmanaged network devices.
Increasingly, security threats are originating from unmanaged devices such as smartphones and tablets, a problem solved by integrating ForeScout CounterACT Network Access Control (NAC) with the IBM QRadar Security Intelligence Platform. The joint solution provides customers with a real-time view of enterprise-wide threats that can originate from non-compliant devices and rapid remediation of them to reduce overall business risk. CounterACT identifies all network devices in real-time, assesses whether or not it is compliant, and if necessary blocks the device or redirects it to a secure guest access network, and attempts to remediate the issue - all from a single management console.
Through this integration, QRadar captures, retains and analyzes events generated from ForeScout CounterACT, including network access incidents and policy violations for endpoints and mobile devices. As a member of Q1 Labs’ Security Intelligence Program, ForeScout leverages Q1 Labs’ open protocols, including LEEF (Log Event Enhanced Format) to enhance correlation of security and application layer event data.
QRadar also can be configured to send action response commands to CounterACT to mitigate QRadar-correlated threats and violations. This level of network access control (NAC), log management and security event management integration enables security professionals to further streamline incident response, forensics and compliance processes.