Forescout and Palo Alto Networks Joint Solution

Why Solution Integration?

Forescout and Palo Alto Networks provide an integrated solution that dynamically segments, identifies and responds to threats across device types and network tiers — without need for prior device knowledge or to rebuild networks.

The integration of Forescout and Palo Alto Networks helps you:

    • Dynamically segment devices upon connection based on detailed profiles
    • Automatically detect and respond to threats across managed and unmanaged devices
    • Close security gaps through automatic information sharing and workflows between Forescout and Palo Alto Networks®

Dynamically Reduce Attack Surfaces

The Forescout Extended Module for Palo Alto Networks® NGFW allows Forescout to exchange real-time device and user information with Palo Alto Networks NGFW. This allows you to automatically segment and enforce security policies based on rich device context, regardless of device type and network location. This integration equips you to:

  • Dynamically apply device tags and, based on device and user profiles, assign to NGFW defined groups
  • Create granular security policies based on comprehensive user, device and security posture information
  • Continually enforce segmentation and other policies for managed, unmanaged, known and unknown or new devices as they connect


Automatically Prevent Spread of Threats

The Forescout Extended Module for Palo Alto Networks® WildFire™ joins the power of Palo Alto Networks WildFire’s advanced threat intelligence and detection with Forescout’s network-wide visibility and control to rapidly identify, contain and resolve threats:

  • Enhance WildFire threat intelligence with greater device context from Forescout
  • Prevent zero-day threats by continuously scanning devices across network tiers to detect WildFire identified malware and Indicators of Compromise (IOCs)
  • Automate policy-driven responses against IOCs/threats discovered, such as isolate or remediate compromised devices


Maximize Endpoint Protection

Forescout integrates with Palo Alto Networks® Traps™ to increase endpoint and network protection. The integration combines the Forescout platform’s vast visibility and control capabilities across heterogeneous network tiers and device types with Palo Alto Networks Traps’ Advanced Endpoint Protection for Microsoft Windows®, Apple MacOS® and Linux systems. The integrated Forescout and Palo Alto Networks Traps solution helps customers:

  • Maximize corporate endpoint compliance with Traps protection by continuously discovering any rogue and new endpoints that need the Traps agent
  • Optimize endpoint security hygiene by continuously verifying Traps agent heartbeat and other required endpoint security profile properties
  • Extend threat/incident response actions to include automated Forescout network and system policy-driven controls to immediately contain threats and initiate remediation


Together, Forescout and Palo Alto Networks offer exceptional endpoint and overall network protection across today’s ever-evolving threat landscape.

Download these Joint Solution Briefs for a more detailed explanation of the joint solution and its benefits :

Please contact your local Exclusive Networks Account Manager for more information on the Forescout or the Palo Alto Networks product offering.