International Rectifier Enforces Access and Endpoint Security Policies with ForeScout
June 2012 by Emmanuelle Lamandé
ForeScout Technologies, Inc., announced that International Rectifier has selected ForeScout CounterACT to enforce access and endpoint security policies. International Rectifier joins the expanding list of customers who have replaced their earlier generation network access control (NAC) solution with ForeScout CounterACT.
Headquartered in El Segundo, California and employing 4,500 people worldwide, International Rectifier is a worldwide leader in advanced power management technology. Like other IT organisations, International Rectifier was concerned about protecting access to resources and sensitive data on their distributed network spanning 35 offices in 20 countries.
After extensively evaluating and benchmarking the leading NAC vendors, International Rectifier selected ForeScout, which was more integrated; easier to use, implement and manage; and did not adversely affect user experience. The company was able to quickly deploy multiple CounterACT appliances and centrally manage all 8,500 devices across multiple office locations from one console and without changing their existing infrastructure. Now, the company seamlessly manages known users and their devices, as well as identifies guests and unauthorised computers and dynamically directs them to a separate, Internet-only VLAN.
“We are very impressed with ForeScout CounterACT’s user interface and ease of implementation,” said James Tu, director of information security for International Rectifier. “We deployed CounterACT in less than three weeks including installation, network integration, training and production startup. The system is so well designed that I was able to configure it myself and write my own rules, for example to check for endpoint compliance with regards to antivirus and OS patching. ForeScout immediately delivered value beyond the guest network access by providing information about the security vulnerabilities of known devices and identifying unknown ones.”
Another important advantage is that CounterACT’s multi-factor visibility into connected devices, flexible policy management and continual endpoint monitoring enabled International Rectifier to employ a post-connect compliance model. For example, when employees or guests connect their personal devices to the network, the devices are automatically identified by CounterACT and isolated onto a guest network. At that point, CounterACT quickly checks compliance and enforces endpoint security policies; however, the user at least has limited network access. This results in a better user experience for both employees and guests, and the rapid and flexible policy assessment puts less strain on the IT department.
“What surprised us the most was the amount of network visibility that ForeScout CounterACT gave us,” said Tu. “From a single location we can see all our network switches and IP ranges globally, and can readily tell which switch and which port connects to a particular host and various configuration details. This is tremendous because it’s visibility that we didn’t have before.”
Other advantages important to International Rectifier include:
Offers faster, easier and more assured deployment; does not require agents nor changes to the existing architecture
Fortifies security by identifying users and devices in real-time and preventing guests, unauthorised users, rogue devices and insecure endpoints from accessing the network
Assures endpoint security compliance across client operating systems, antivirus programs and other host-based security countermeasures with means for self- and automated remediation
Centralises access and endpoint security monitoring and incident response; one console can see and manage up to 400,000 endpoints across distributed sites.