ForeScout bolsters NAC appliance

CounterAct security device gets directory, identity support

Network access control (NAC) vendor ForeScout has added Oracle to the list of directory and access management software that integrates with its network appliance.

The company said Monday that its CounterAct appliance, which sits on the network and ensures compliance with security policies, will now incorporate user and policy information from Oracle's Identity Management software lineup.

The move comes a month after ForeScout announced a similar integration with the Sun Java Access Manager and Identity Manager family of products.

"We looked at where we could take network access control to the next step," says Ayelet Steinitz, vice president of business development and partnerships for ForeScout. "Our appliance had no visibility into role-based information and we quickly realized that it makes sense from a technology perspective to see how we can collaborate with the information identity systems can provide."

She said that CounterAct becomes the policy enforcement point for all the user-based roles and policies stored in the directory and in other identity management software such as access management and provisioning.

In addition, ForeScout can provide device information such as the media access control and IP address to identity management systems.

ForeScout's integration with Oracle is supported via a plug-in for CounterAct that uses the Lightweight Directory Access Protocol to extract information from identity systems and apply those policies down to the network device level. The distinguishing characteristic of ForeScout's product is that it is an agentless system which does not require modification to the directory or network architecture when deploying the appliance.

The plug-in integrates with Oracle's Access Manager, Identity Manager, Identity Federation, Virtual Directory, Directory Services, Enterprise Single Sign-On Suite and Web Services Manager.

ForeScout's greatest challenge is likely to come from the partnership forged by Microsoft and Cisco to integrate their NAC wares - Cisco's Network Admission Control and Microsoft's Network Access Protection (NAP). Juniper and the Trusted Network Connect group, which is working on a set of open NAC specifications within the Trusted Computing Group (TCG) industry association, are also working on NAC wares. In addition, the IETF is working on a number of NAC standards, and a list of open source vendors are putting together NAC technology, including a pair of Harvard University IT staffers who recently released a free virtual appliance that supports their open source NAC platform.

ForeScout's Oracle plug-in is available now for free, but in the future, the company says, it may become a fee-based offering.

Join the newsletter!

Or
Error: Please check your email address.

More about CiscoHarvard UniversityIETFJuniper NetworksMicrosoftNetAppOracleVIA

Show Comments