ForeScout and LogLogic Team on Actionable Security Intelligence
Alliance Automates Log Management Activation, Compliance and Incident Response
ForeScout Technologies, Inc., a leading provider of automated security control solutions for Fortune 1000 enterprises and government organizations, and LogLogic, provider of the only scalable log and security intelligence platform (LSIP) for the enterprise and cloud, jointly announced a technology alliance to automate customers' log management, compliance and incident response capabilities. The integration between ForeScout CounterACT and LogLogic Lasso Enterprise, MX and SIEM solutions will reduce deployment complexity and expenditure while delivering greater network access and log management assurance. "SIEM deployments are often funded to address regulatory compliance reporting requirements, but organizations are using this as an opportunity to deploy SIEM technology that will improve threat management and incident response capabilities. … Log management functions have become an expected and standard component of a SIEM technology architecture," according to a recent Gartner report. "Despite the vendor focus on expansion of capability, we continue to heavily weight deployment simplicity. … Vendors that are able to provide deployment simplicity as they add function will ultimately be the most successful in the market."1
ForeScout's automated security platform, ForeScout CounterACT lets you see and control everything connected to your network no matter the device or user. The solution simplifies deployment and on-going use of security information event management (SIEM) systems by facilitating activation and vigilant monitoring of all logging sources, which is a crucial part of any successful SIEM program. ForeScout's real-time endpoint classification, policy assessment and threat remediation capabilities offer the means for organizations to find and fix security issues associated with log management with little to no IT intervention. CounterACT can identify thousands of known and new endpoint devices, such as business critical servers and virtual machines, as they connect to the network, and can dynamically:
- Check for the presence and activity of the LogLogic Lasso Enterprise ™ application or service
- Install or reactivate Enterprise Lasso with settings as per device type, configuration and location
- Enforce or change Enterprise Lasso settings according to pre-defined configuration policies
ForeScout incorporates multi-factor application fingerprinting including software installation, running services and processes, open ports and other criteria. In addition to LogLogic Lasso Enterprise support, ForeScout now offers rich support for the popular SNARE (System iNtrusion Analysis and Reporting Environment) open-source agents for Windows, UNIX, Solaris and other operating systems and applications that are employed by hundreds of thousands of organizations and leading SIEM vendors worldwide.
LogLogic's Log and Security Intelligence platform, comprised of Log Management and SIEM, offers enterprise-class log management infrastructure and analysis that enable customers to instantly collect (leveraging the industry leading Lasso Enterprise and Universal Collector), centralize, contextualize and consume their IT data in an easy-to-use and cost-effective manner. LogLogic now has the ability to capture, retain and analyze events generated from ForeScout CounterACT including real-time network access violations, endpoint compliance problems and mobile security issues, as well as CounterACT's policy-based threat mitigation. This level of network access control (NAC) log integration enables security professionals to further streamline incident response, forensics and compliance processes
The LogicLogic and ForeScout joint solution was announced at the RSA 2012 conference, being held in San Francisco on February 27 to March 2. Conference attendees can see the solution in action at ForeScout booth 931 and LogLogic booth 529 and receive an invitation to network with peers at a co-sponsored cocktail reception to be held on Wednesday, February 29th at the St. Regis Hotel at 9 P.M.
"ForeScout is all about automating security and compliance controls. By integrating with LogLogic, customers can leverage CounterACT's dynamic security capabilities knowing that audit logs are retained and can be quickly analyzed," said Sam Davis, vice president of business development at ForeScout Technologies, Inc. "Our integration with leading SIEM platforms, such as LogLogic Lasso Enterprise, makes it easier and faster for enterprises of all sizes to deploy and maintain log management services with greater assurance."
"With Big Data, security and compliance issues proliferating, LogLogic continues to help companies with the most comprehensive solution for log and security intelligence including SIEM. Integrating with ForeScout allows us to add another important log source that will serve our mutual customers," said Mandeep Khera, CMO at LogLogic, Inc. "ForeScout's support for LogLogic's Lasso Enterprise is another strong testament for what has become the standard for Windows logging with over 250,000 downloads worldwide."
About ForeScout Technologies, Inc.
ForeScout allows organizations to accelerate productivity and connectivity by enabling people to access corporate network resources where, how and when needed without compromising security. ForeScout's automated solutions for network access control, mobile security, endpoint compliance and threat prevention empower IT agility while preempting risks and eliminating remediation costs. Because the ForeScout CounterACT platform is easy to deploy, unobtrusive, intelligent and scalable, it has been chosen by more than 1,300 of the world's most secure enterprises and military installations for global deployments spanning 37 countries. Headquartered in Cupertino, California, ForeScout delivers its solutions through its network of authorized partners worldwide. Learn more at www.forescout.com.
About the Magic Quadrant
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
LogLogic® develops scalable log and security intelligence platforms (LSIPs) for the enterprise and cloud. As the originator of LSIP, LogLogic is the only provider to give enterprises the benefits of both Security Information and Event Management (SIEM) and Log Management in a single, highly scalable architecture. This architecture enables users to collect and analyze terabytes of big data generated by IT assets and gives security, IT operations, and compliance professionals actionable information, whether to identify and remedy security threats, optimize server and website performance, troubleshoot their network and security devices, or remain compliant with regulations. More than 1,300 customers worldwide entrust collectively over 1,000 petabytes of sensitive IT data to LogLogic. For more information, visit LogLogic on the web at http://www.loglogic.com/or on Twitter or Facebook.