- What is CounterACT
The CounterACT platform provides
infrastructure and device visibility, policy management, orchestration, and
workflow streamlining to enhance network security. CounterACT provides
enterprises with real-time contextual information about devices and users on
the network. Policies are defined in CounterACT using this contextual information
that helps ensure compliance, remediation, appropriate network access, and
streamlining of service operations. This is delivered by providing:
· 1-Real-Time Network Visibility
· 2- Policy-Initiated or Manual Control
· 3- Comprehensive Third-Party
· 4- On-Demand Asset Intelligence
Real-Time
Network Visibility:
CounterACT
classifies devices into the below category:
· 1- Desktops, laptops, and servers
· 2- Mobile devices such as smartphones and tablets
· 3- Personal vs. corporate devices
· 4- On-premise virtual machines and off-premise cloud
instances
· 5- Switches, WLAN controllers and access points, devices
connecting via VPNs, routers, printers, modems, 6- VoIP phones (including
PoE-connected VoIP, phones, and devices), WLAN access points, and other network
devices
· 7- Peripheral devices such as USB memory sticks, external
disk drives and
· 8- webcams
· 9- IoT devices
· 10 – Rogue device
CounterACT inspection
capabilities resolve an extensive range of information about these devices, for
example:
· 1- Desktop and mobile operating system
information
· 2- User directory information
· 3- Applications installed and running
· 4- Login and authentication information
· 5- Software patch levels
· 7- Endpoint-connected devices, such as USB
drives
· 8- Switch ports to which devices are
connected
· 9 – Windows registry information
Policy-Initiated or Manual
Control :
Networks are constantly
changing in device types connected, software and configurations, compliance
requirements, and the internal and external threat landscape. Controls from
notification, remediation, and restriction are needed based on enterprise policies
enacted by CounterACT to secure the network.
Examples of CounterACT’s
capabilities —
- Network Restrictions
· 1- Port disable (802.1X, SNMP, CLI)
· 2- VLAN control
· 3- VPN disconnects
· 4- ACL block at switches, firewalls, and
routers
· 5- Wireless allow/deny
· 6- Quarantine until the devices are
remediated
· 7- Disable NIC
- Application Control and Remediation
· 1- Start/stop applications
· 2- Start/stop peer-to-peer/IM
· 3- Apply updates and patches
· 4- Help ensure antivirus products are
up-to-date
· 5- Start/stop processes
- User Enforcement and Education
· 1- Open trouble tickets
· 2- Send emails to users or administrators
· 3- Personalize captive portal messages to notify
end users, enforce policy
· 4- confirmation and allow self-remediation
· 5- Force authentication/password change
· 6- Log-off user disable user AD account
Enterprise Manager :
The Enterprise Manager is a dedicated second-tier management and aggregation device that communicates with
multiple CounterACT Appliances distributed across the network. It manages
Appliances and collects information detected by them. This information is available
for display and reporting in the Console.
The following Enterprise Manager
tasks can be performed:
Ø –>> Upgrading the Enterprise Manager Software
Ø –>> Viewing Enterprise Manager System Health Information
–>> Stopping and Starting the Enterprise Manager