Freely subscribe to our NEWSLETTER

Before implementing ForeScout CounterACT, compliance reporting had been more difficult for the City of Guelph. In order to meet PCI-DSS compliance, they needed to run internal assessments costing them both time and money. ForeScout simplified this process by using one interface that delivers the status and security posture of every device on the network in real-time.

"In the past we had to run internal assessments to create reports required for PCI-DSS compliance. With ForeScout, one interface will deliver us the status of all Windows updates/patches and our antivirus, which saves us a significant amount of time doing audit and compliance reporting," said Network Security Specialist Shibu Pillai.

ForeScout CounterACT also helped to enforce security policy with regards to guest networking and enabling the use of personal mobile devices. Prior to ForeScout, guests and contractors had to go through a manual process to access the network that did not always assure the device was safe. ForeScout CounterACT made it so that all mobile and personal devices are automatically assessed and moved to a guest network accessing only appropriate resources without requiring IT intervention.

"Our Human Resources department is also pleased with what we’ve done for our employees with regards to guest networking. They are now encouraging staff to bring in their personal devices,” added Pillai.

Conexsys Delivers the Goods with CounterACT

Conexsys, a ForeScout Gold Certified Partner, expedited assessment and implementation of the CounterACT solution. A cross-organisational team with both IT and business unit members extensively evaluated and benchmarked the top NAC candidates in detail. CounterACT was chosen due to its ease of use and deployment, integrated functionality and built-in templates.

“One thing that stood out is that ForeScout blended easily with our infrastructure, which is mainly Microsoft, Cisco and HP. Other NAC vendors required changes such as new switches, in-line devices and agents on desktops. We were able to implement the ForeScout NAC without making changes to our infrastructure,” commented Pillai.

Here are some of the ways CounterACT was implemented to address the City of Guelph’s requirements:

Deployed NAC (network access control) solution in a way that leveraged the existing network and security infrastructure and did not require agents
Partitioned the IT infrastructure into different administrative units and established policies to assign devices appropriately based on their profile to improve security
Enabled real-time visibility and the means to drill down to a specific endpoint to obtain the configuration and security posture of an endpoint device
Delivers the status of all Windows updates/patches and their antivirus, saving the
City time while doing auditing and compliance reporting Established a guest access program that monitors all users and devices connecting to the network, including employees’ and contractors’ mobile and personal devices
Activated policies to authenticate users and check devices against security configuration standards, as well as to eliminate peer-to-peer networking and isolate malicious hosts

“With limited resources we wanted to ensure a timely implementation of our network security solution. Conexsys proved to be a competent IT solution provider that really enabled us to progress rapidly against our agenda with assured results,” said Pillai. “They delivered on their commitments and helped us move the ball on our network security initiatives.”