ForeScout Developing Mobile Security Connectors for its NAC

ForeScout Technologies, a security products company, will shortly release a set of plug-ins that help security administrators manage Android and Apple mobile devices and coordinate with mobile device management systems through its network access control (NAC) appliance. ForeScout Mobile modules work with ForeScout CounterACT, the company's NAC, to identify mobile devices; force users to register; and automatically allow, deny, or restrict access to network resources and wireless access points based on pre-configured policies out of the box or set by the security administrator. The individual mobile devices don't require the installation of agents to function with the NAC.

The announcement comes as organizations are putting increased attention on the management of mobile devices, including mobile security. According to a recent survey done by Boston Research Group of 365 North American IT security professionals in companies with 1000 employees or more, two out of three respondents are concerned about mobile security risks associated with mobile devices gaining access to network resources. The top concerns are data loss (26 percent), malware (23 percent), unauthorized users and devices (14 percent), and intrusions (13 percent). The study was sponsored by ForeScout.

Seventy eight percent of respondents said that they consider network access control an essential feature for mobile security, as a means to enforce security policies based on identity, device, configuration, security posture, and network activity. And almost all want unified security policy management for both mobile devices and PCs.

"IT professionals see many of the same security risks in mobile devices such as smartphones that have long been a concern for laptops and notebook computers," said Paul McClanahan, research analyst at Boston Research. "Device mobility, wireless access, personal applications, and the high risk of lost or stolen handhelds create a need for added defenses against data loss, unauthorized access, and malware."

Those are the concerns addressed by the new modules the company will be releasing. The modules for Android and iOS are being beta tested and are expected to be available in April.

The iOS module, besides blocking or limiting network access, includes additional capabilities to:

  • Remotely wipe and lock;
  • Enforce password policy;
  • Require apps such as anti-virus or virtualization;
  • Remove or disable native apps such as the camera; and
  • Enforce specific Wi-Fi access

The Android module works with Android 2.1 or greater.

The ForeScout Mobile Device Management Module brings together NAC and mobile device management functions to enable the administrator to handle both PC and mobile device security work from one console. That includes monitoring and reporting on policy adherence, enforcing employee and guest compliance, and remediating devices across the major mobile platforms, including iOS, Blackberry, Android, and Windows. The MDM Module will be available in June as an add-on module for CounterACT. The licensing structure is based on the number of mobile devices being managed. Pricing starts at $2,800 for 100 devices.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured