Forescout Launches Activescout 3.0 Increasing Security And Performance On High Speed Networks

New Features Increase Ability to Prevent Worm Infection

Bad Homburg, Germany. – July 7th, 2004 – ForeScout Technologies, Inc. announced today the release in Europe of its ActiveScout 3.0 product, a leading solution that protects networks from external attack. The new enhancements give ActiveScout vastly increased performance in the ability to protect enterprises and service providers from malicious attacks before they reach the target network. Despite worm infections and hacker attacks increasing exponentially, ActiveScout 3.0 automatically identifies and eliminates known and unknown threats.

“Our goal remains the same, to stop network attacks by worms and hackers in order to keep businesses running smoothly,” said Kent Elliott, CEO of ForeScout Technologies. “We are proud that our products have kept our customers in full operation during fast moving, self-propagating worm outbreaks and lingering attempts at ongoing infection, while their competitors are often shut down for hours or even days.”

ActiveScout sits outside the perimeter of a network and provides absolute accuracy in preventing both known and unknown threats from even reaching the perimeter. ActiveScout 3.0 provides instantaneous protection against both hacker and worm attack at minimal cost and saves the network from downtime. ForeScout Technologies’ ActiveScout solution delivers an entirely unique approach to preventing network intrusions: it stops attackers based on their “proven intent” to attack. “ActiveScout 3.0 demonstrates the commitment of ForeScout to providing its customers with the most innovative and technically proficient anti-worm solution on the market,” said Rainer M. Richter, ForeScout’s Vice President Europe, Middle East & Africa. “With version 3.0, we have raised the bar on automatic anti-worm technology and dramatically improved the power of our industry-leading effectiveness and accuracy, while giving our customers more control over their worm and hacker protection.”

ActiveScout version 3.0 delivers significant Scout performance improvements as well as new features and feature enhancements, including valuable new source information. These changes enable the Scout to handle more traffic, allow better management of ActiveScout components and make it easier for users to access and analyze attack events.

“While improving anti-worm and anti-hacker defenses is critical, another area of great importance to end-user organizations is creating operational efficiencies for worm and hacker defense,” said Mr. Richter. “These new improved management tools which are essential in lowering the administrative overhead include fast and accurate reporting and troubleshooting and the ability to block at a more granular level. ”

Expanded Defense Against Worm Threats

The following Scout improvements have been implemented:

Support for 1 Gbps Traffic
ActiveScout now supports aggregate traffic of up to 1 Gbps; this ability to handle increased traffic minimizes delay in throughput while maintaining recognition of the Worm threat.

High Activity Mode
The Scout detection mechanism has been improved to efficiently deal with a significant increase in Internet worm threats. This has been done by deploying a method of source prioritizing during times of significant worm outbreaks. ActiveScout 3.0 has a High Activity Mode for periods of significant Worm outbreak to allow it to handle a virtually unlimited number of sources.

Increased Management Capability
Managers using ActiveScout 3.0 will have an enhanced Management GUI for greater efficiency. In addition, new back-up and restore capabilities will help managers save their system settings during the process of power shut downs as ActiveScout 3.0 now has support for soft shutdown of the Scout machine. (ActiveScout now supports the ACPI standard, enabling soft shutdown of the Scout machine using the machine’s power button. A clean shut down of the Scout services and a power off will be performed when ACPI is enabled.)

Other Features

– Disk space management processes have been improved to allow for optimal usage of disk space.
– Improved fingerprinting in FTP, NetBIOS and SNMP – this version presents a more authentic virtual site, based on improved learning techniques at the real site.
– Drivers Updated – The Scout now comes with a more complete and updated set of drivers, enhancing support for newer hardware.
– Internationalization: ActiveScout 3.0 now supports German, Spanish, Italian and Hindu
– The granularity of the new blocking procedures give managers the ability to “Port-Block” per Source, or full “Source Block” giving the ability to isolate a source.
– More details provided on malicious source, including DNS resolution

What Does This Mean for the Enterprise Customer?
With the release of ActiveScout 3.0, ForeScout is addressing very real problems with network integrity. Worms spread automatically and often bypass perimeter protection devices that don’t have visibility to certain traffic. Enterprises need to have mechanisms like ActiveScout in place to immediately identify worm infections and suppress their propagation so networks can stay active. ActiveScout stops known and unknown worms immediately.

What Does This Mean for the Service Provider?
With the release of ActiveScout 3.0, ISPs and service providers will be secure in the knowledge that they can block worms on high-speed networks. ActiveScout’s automated and instantaneous blocking, enabled by its 100% accurate identification, stops intruders before they reach the firewall.

What Does This Mean for The Reseller?
With the release of Active Scout 3.0, Resellers will have the ability to offer secure managed network services to multiple customers on the basis that they can accurately assess the threat of attackers in real-time, allowing blocking to be done automatically.

ForeScout also has added features that give better management control, which is truly flexible – it can be set and left alone or can be dynamically reconfigured to edit several policies and/or legitimate probes together in the Enterprise Manager. To help with resource management a full range of enhanced reporting capabilities identifying attacks as well as giving an historical view are available in version 3.0.

About ForeScout Technologies, Inc.
ForeScout’s enterprise network security solutions focus on providing real-time, automated protection against fast-spreading worms and malicious hacker attacks. ForeScout offers two families of products to ensure network availability and business continuity. WormScout products suppress and contain worms at key points inside the network, while ActiveScout products dynamically block hackers and other threats at the network perimeter. ForeScout headquarters are located in Cupertino, California USA. More information can be found at

Don't miss