How Forcepoint Tackles The Critical IT Security Controls — Network Consulting Services, Inc. - NCSi

News & Tech Alerts

The latest news and information from NCSI

Forcepoint-Tackles-CIS-Security-ControlsIn our continuing series on the 20 CIS Critical Security Controls, we turn to the tools that mitigate the daily attacks threatening your networks and data.


Be sure to download a copy of our NCSi Security Controls plan. You’ll find each of the 20 Security Controls, their definition, and our vendor partners we leverage to implement each control, ultimately reducing your risk of cyber attack by up to 94%.


Forcepoint Security
One of our strategic partners is Forcepoint, powered by Raytheon. Forcepoint’s suite of security solutions directly addresses nine of the 20 CIS Security Controls.


Center for Internet Security (CIS) Critical Security Controls V6.1
#6 — Maintenance, Monitoring, and Analysis of Audit Logs
#7 — Email and Web Browser Protections
#8 — Malware Defenses
#9 — Limitation and Control of Network Ports, Protocols, and Services
#11 — Secure Configurations for Firewalls, Routers, and Switches
#12 — Boundary Defense
#13 — Data Protection
#17 — Security Skills Assessment and Appropriate Training to Fill Gaps
#19 — Incident Response and Management


Forcepoint’s products are divided into four categories:

  • Network Security
  • Cloud Security
  • Cross Domain Security
  • Data and Insider Threat Security


[NOTE: In the text that follows, the numbers in parentheses () refer to the CIS Controls listed above.]

Network Security
Forcepoint NGFW — Next Generation Fire Wall — supports (8), (9), and (11) directly and others indirectly. The firewall is built to deliver high performance across physical, virtual, and cloud appliances, is massively scalable, highly available, and centrally manageable. Most importantly, Organizations that switched to Forcepoint reported 69% fewer breaches, and 89% fewer cyber attacks. [3]


Cloud Security
Forcepoint Email Security Cloud (7), (8), (13) eliminates spam and phishing. This solution stops ransomware in its tracks. Web Security Cloud controls advanced web vectors (7), (8), (9), (13) regardless of employees browsing behavior. The Cloud Access Security Broker — CASB — enables visibility and control over cloud applications (9), (19) whether authorized or not.


Cross Domain Security
Trusted Thin Client Access (12), High-Speed Guard (13), Trusted Gateway System (9), (11), (12), (13) all ensure high-speed data transfer through secure gateways. Trusted Mail System (7), (8), Trusted Print Delivery (9), (11), and WebShield (7), (8), (9), (11), allow secure traffic through less sensitive networks. SlimShield (17) protects training and testing environments with bi-directional fixed-format data filters and data disguise.


Data and Insider Threat Security
Forcepoint DLP protects intellectual property across endpoints, networks, and cloud services (9), (11), (13).  Forcepoint Insider Threat identifies internal threats to data, intellectual property, and critical systems through analytics, behavior profiling, and user action context (6), (13), (19).


Proven Experience in Securing Networks
Forcepoint has been in the network security business for over 30 years. We partner only with best-in-class industry leaders like Forcepoint to bring your cyber attack risk posture to as close to zero as possible.


NCSi Engineering Expertise
It’s not enough to simply buy expensive state-of-the-art tools, install them on your network and start clicking buttons. It requires experienced, highly skilled engineers to make the entire security toolbox work together seamlessly and efficiently.


And our engineers’ toolbox is impressive. We’ve focused on Forcepoint’s offerings today. In future articles, we will look at the CIS Control solutions from these vendor partners:


Get Help From NCSi
NCSi believes that reducing your cyber attack risk by up to 94% is an important business goal. The attacks are becoming greater day by day. Artificial intelligence is no longer limited to the lab. Zero-day exploits are becoming more common. It requires the efforts of a superstar team of engineers to keep up with the business of keeping your data and your networks safe from exploits and corruption.

We welcome your comments, questions, and suggestions. Contact us today