一个基于DPI技术实现了内网资产识别的应用
https://www.forescout.com/products/counteract/see/visibility-capabilities/
See Capabilities*
Device Information
- Device type (printer, wireless network device, laptop, etc.)
- Device authentication/NETBIOS/domain membership
- System information (manufacturer, model name, number of processors)
- Storage information (drive type, volume name, size and name)
- Motherboard (manufacturer, model, serial number, removable)
- RAM (memory type, capacity, manufacturer, serial number and speed)
- Network adapter (DeviceID, name, adapter type and speed)
- Processors (number of cores, description, family and manufacturer)
- MAC/IP address
- NIC vendor
- Hostname
Security Status
- Anti-malware agents status (installed/running) and database versions
- Patch management agent status (installed/running)
- Firewall status (installed/running)
- Audit trail of changes to OS/configuration/application
- X.509 certificates
User Information
- Username
- Full name
- Authentication status
- Workgroup
- Email address
- Phone number
- Guest/authentication status
Device Information
- Device type (printer, wireless network device, laptop and more)
- Device authentication/NETBIOS/domain membership
- MAC/IP address
- NIC vendor
Operating System Status
- Type
- Version number
- Patch level
- Processes and services installed or running
- Registry and configuration
- File name/size/date/version
- Shared directories security status
- Anti-malware agents status (installed/running) and database versions
- Patch management agent status (installed/running)
- Firewall status (installed/running)
- Audit trail of changes to OS/configuration/application
Application Information
- Authorized applications installed/running
- Rogue applications installed/running
- P2P/IM clients installed/running
- Application name and version number
- Registry values
- File sizes
- Modification date and patch level
Peripheral Information
- Device class (disk, printer, DVD/CD, modem, NIC, memory, phone and more)
- Connection type (USB, Bluetooth, infrared, wireless)
- Device information (make, model, device ID, serial number)
Network Traffic Information
- Malicious traffic (worm propagation, device spoofing, intrusion, spam and more)
- Traffic source/destination
- Rogue NAT/DHCP behavior
- IPv6 tunnels through IPv4
Physical Layer Information
- Switch IP, description, location
- Switch port
- VLAN
- Number of devices on any port
- 802.1X authentication status
Virtual Servers/Desktops
- Server name
- Server build
- Server instance
- Server license product name
- Server license product version
- Server locale build
- Server locale version
- Server OS type
- Server product ID
- Server product name
- Server vendor
- Server version
- Server IP
- Guest OS information
Industry Solutions
GOVERNMENT
Security, privacy and compliance begin at the endpoint
Local, state and federal government agencies are prime targets for hackers, whether politically motivated, seeking information they can sell, or simply engaged in mischief. By providing secure network access for a wide range of devices and user populations, ForeScout CounterACT® can help government agencies protect their confidential data and support their compliance efforts with mandated policies and regulations such as FISMA, NERC, ISO/IEC 27001 and the GDPR. ForeScout can:
- Identify managed and unmanaged devices and control the spread of malware across the network
- Guard against targeted threats that can result in stolen data and network downtime
- Address endpoint compliance issues related to Security Content Automation Protocol (SCAP)
Learn more about what CounterACT can do for you.
When it’s late at night, or when my staff is sleeping, CounterACT is working with our other security solutions to take immediate action on threats. You can’t put a price tag on that type of automation.
Michael Roling, Chief Information Security Officer, State of Missouri
FINANCIAL
Protect information assets and fortify security, privacy and compliance
Although financial institutions face threats from a multitude of sources, today’s primary risks are internal. Employees and contractors misuse and abuse corporate data resources—intentionally or otherwise—and their personally owned devices can wreak havoc on network security and stability. CounterACT delivers real-time visibility and automates control of devices the instant they connect to your network to:
- Improve security posture without impeding customer service
- Reduce risks of data breaches, ransomware and malware attacks
- Support your compliance efforts with regard to FINRA, GLBA, PCI DSS, SOXand other regulatory mandates
Learn more about what CounterACT can do for you.
Ease of implementation and support for hybrid environments made
ForeScout the logical choice. Its Value and ROI were clearly superior.Dominic Hart, Manager Information Security Architecture, IT&S Security, RWJBarnabas Health
HEALTHCARE
Boost security, privacy and compliance in clinical settings
Healthcare organizations are facing constant threats as new types of devices add vulnerabilities to medical networks. CounterACT sees devices including medical, personally owned and IoT devices, the instant they connect. Its policy engine identifies thousands of medical devices from leading manufacturers to help you:
Learn more about what CounterACT can do for you.
EDUCATION
Maintain security and privacy while facilitating learning
Security teams at educational institutions face a unique challenge: dealing with a constantly changing array of unmanaged devices connecting to the network even as they must try their best to maintain the free flow of information. But with CounterACT, you can:
- Control access to networks by students, teachers, administration and guests
- Automatically enforce limits based on identities
- Continuously monitor the behavior of devices on the network and automatically execute a range of responses
Learn more about what CounterACT can do for you.
RETAIL
Reduce risks of data breaches and malware attacks
Cybercriminals constantly look for—and find—opportunities in the retail environment. As breach disclosures continue unabated, retailers need better ways to secure POS systems, ATMs, kiosks and other endpoints while keeping pace with regulations. CounterACT helps retailers address PCI DSS 3.0 compliance and reassure customers and shareholders. This powerful appliance can:
- Continuously monitor POS machines and other devices
- Automatically detect and remediate retail endpoints
- Identify and control devices that are attempting to access the network
Learn more about what CounterACT can do for you.
MANUFACTURING
Protect intellectual property, business operations and your company’s brand
Cybersecurity in manufacturing is extremely complex because there’s so much at stake—everything from factory floor operations to reputations, not to mention productivity and profitability. Fortunately, CounterACT lets you:
- Gain real-time visibility and endpoint compliance by continuously monitoring the vast array of small-footprint, IP-connected devices
- Automate remediation of vulnerabilities on managed and unmanaged endpoints
- Rapidly respond to incidents without human intervention
Learn more about what CounterACT can do for you.
