Security Testing and Evaluation Labs
Security Evaluation Laboratory (SEL)
ForeScout Technologies: Forescount ActiveScout Version 3.0.5/CounterACT Version 4.1.0
| Sponsor: | ForeScout Technologies, Inc. |
| Assurance Level: | EAL2 |
| Status: | Evaluated |
ActiveScout is an IPS (Intrusion Detection and Prevention System) product that protects organizational networks from network borne threats. The product identifies impending attacks against the protected network by identifying the pre-attack activities that precede them. It then neutralizes the attacks in real-time by blocking them before they penentrate and potentially compromise the protected network.
ActiveScout is comprised of two components:
Scout
The Scout is positioned outside the firewall and in front of the router, and actively monitors internet traffic for signs of information gathering activity. The Scout is responsible for accurately identifying attackers, 'marking' them as potential threats, and automatically blocking any attempt they make to infiltrate the network.
Manager
The Manager is a Java-based application that etrovides comprehensive management of the Scout. Residing on any point of the secured network, the Site Manager presents a visual overview of the Scout's threat prevention activity — including a geographical representation of potential attackers and the preventive steps that were taken against them.
Operational activities performed by the Site manager are Policy definition / update and user definition / management. Also, data and audit / log presentation.