Forescout Technologies Inc Solutions for the Public Sector
Forescout eyeSight provides unparalleled visibility into your entire Enterprise of Things (EoT) – without disrupting critical business processes. It discovers every IP-connected device, auto-classifies it, puts it in context and assesses its policy compliance and security posture the instant a device connects to the network.
Agentless Visibility
Gain unparalleled visibility into all IP-connected devices across your extended enterprise the instant they connect to the network – no agents required
Continuous Monitoring
Gain complete situational awareness of all devices in your Enterprise of Things and their risk profiles as eyeSight continuously monitors the network to discover and auto-classify devices and assess their security posture.
Passive Profiling
Take advantage of eyeSight’s passive-only profiling techniques to gain device visibility into sensitive IoT, IoMT, OT and critical infrastructure systems without impacting system uptime, introducing operational risk or disrupting critical business processes.
Complete Asset Inventory
Get a real-time asset inventory of all physical and virtual devices – IoT, IoMT, OT, mobile devices and network infrastructure – across your campus, data center, cloud and OT networks.
-
How it Works
eyeSight provides device visibility across your Enterprise of Things in three comprehensive steps:
- Discover
- eyeSight uses over 20 passive and active monitoring techniques to discover managed and unmanaged devices connecting to your heterogeneous network infrastructure.
- Classify
- eyeSight auto-classifies traditional, IoT, medical, OT and IT devices using a multi-dimensional classification technology to identify device function, type, operating system (including version), vendor and model.
- Assess
- eyeSight continuously monitors the network and assesses the configuration, state and security of connected devices to determine their compliance posture and risk profile.
- Discover
Forescout’s eyeSegment module enables segmentation across your entire enterprise to address your multi-domain, multi-use cases to help you meet compliance, regulatory or internal needs. Eliminate enforcement silos and disparate policy enforcement by visualizing real-time traffic, unifying policies and orchestrating remediation.
Continuous Monitoring
Possess a complete understanding of the current state and hygiene of segmented environments with a unified policy layer for segmentation across disparate policy enforcement points and network domains.
Accelerate Zero Trust Initiatives
Quickly and efficiently create new zones and groups, isolate or block insecure and unwanted network traffic and orchestrate controls across policy enforcement points and network domains to implement Zero Trust with full confidence.
Minimize Business Disruption
Simulate updated or proposed policies using live traffic to identify real-world impacts to production environments prior to activation.
Improve Operational Efficiency
Reduce operational complexities and costs with simplified policy development, validation and anomaly remediation.
-
How it Works
The Forescout platform gives you the means to ensure segmentation hygiene, build unified policies, reduce operational complexity and automate enforcement. This simplifies your journey by providing a logical path to successfully implement a segmentation strategy.
- Know and Visualize
- Map traffic flows to the logical taxonomy of devices, users, applications and services.
- Design and Simulate
- Build, refine and simulate logical segmentation policies to preview impact before enforcement.
- Monitor and Respond
- Monitor segmentation hygiene in real time and respond to policy violations across the extended enterprise.
- Know and Visualize
In-depth, Agentless Device Visibility & Classification
Continuously discover (passively and/or actively), classify and monitor OT network devices for a complete OT asset inventory of connected IP and serial devices.
ICS/OT Threat Detection and Baselining
Establish baseline of admissible network behavior using thousands of ICS/OT-specific indicators & queries.
Optimized Risk Analysis
Aggregate thousands of alerts and millions of logs according to their risk level and cause.
Automate Threat Detection, Containment and Remediation
Automate threat detection, containment and remediation with alert investigation and response tools. Dashboards and widgets enhance user collaboration, and rich alert details expedite efficient incident response.
Real-Time Compliance And Anomalous Behavior Analysis
Continuous and automated data gathering, including detailed reports on network traffic anomalies, for real-time policy compliance and anomalous behavior analysis.
3rd Party Integrations
Rich integrations with ServiceNow and interfaces natively with SIEM solutions, firewalls, IT asset management, sandboxes and authentication servers.
Gain complete device visibility through deep packet inspection of all industrial network protocols and baseline assets. Defend your network with thousands of OT-specific threat indicators and powerful anomaly detection. Achieve a full understanding of the cyber resiliency of your OT network with an Asset Risk Framework.
-
How it Works
- eyeInspect gives you visibility into all devices on your OT network– no more blind spots from newly connected and rogue devices. You get a detailed, accurate, real-time asset inventory of all IP-enabled and serial devices, including HMIs, SCADA, PLCs, controllers, sensors, meters and I/O.
- eyeInspect detects and prioritizes known and unknown cyberthreats using ICS/OT-specific threat checks and indicators, as well as spotting any changes to the network.
- Knowing what you have and what it’s doing, you can quickly prioritize response to cyber and operational threats for faster and more effective mitigation workflows.
- eyeInspect gets the right data to the right people – from OT engineers to IT/SOC analysts – using SIEM solutions or common ticketing systems like ServiceNow.
Forescout eyeControl provides flexible and frictionless network access control for heterogeneous enterprise networks. It enforces and automates Zero Trust policies for least-privilege access for all managed and unmanaged devices across your Enterprise of Things. You can apply policy-based controls to enforce device compliance, proactively reduce your attack surface and rapidly respond to incidents.
Enforce Secure Network Access
Enforce network access based on user (employee, guest, contractor), device classification and security posture – in any heterogeneous network with or without 802.1X.
Improve Device Compliance
Automate compliance assessment and initiate remediation workflows for enforcing compliance with internal security policies, external standards and industry regulations.
Accelerate Incident Response
Quickly and effectively contain threats by automating response to security incidents, thereby minimizing disruption to operations and damage to the business.
-
How it Works
- Dynamic grouping and scoping of devices by business logic and device context, allowing targeted control actions.
- Compound conditions and actions using Boolean logic and waterfall policies to implement sophisticated control workflows.
- Knowing what you have and what it’s doing, you can quickly prioritize response to cyber and operational threats for faster and more effective mitigation workflows.
- The ability to start with manually initiated control actions and slowly dial up automation to increase security operations efficiency.
Share Contextual Insights
Share in-depth device, user and network context for all EoT assets – managed and unmanaged.
Automate Workflows
Automate cross-product processes and bridge gaps between tools with pre-built integrations and crowdsourced apps.
Accelerate Response
Automate policy enforcement and system-wide response actions to contain threats and mitigate risks.
Share device context between the Forescout platform and other IT and security products, automate policy enforcement across disparate tools and accelerate system-wide response to mitigate risks.
-
How it Works
- Forescout-built and supported eyeExtend modules covering advanced use cases updated and refined on a regular basis.
- Community-built and shared eyeExtend Connect apps that are fully customizable and portable across environments.
- Standards-based open APIs to enable customers, system integrators and technology vendors to easily integrate with custom applications and tools.
- Partner-built and supported integrations cover additional use cases that leverage Forescout’s enterprise-wide device intelligence and control
Risk and Exposure Management (REM)
The current use cases and benefits of Forescout Risk and Exposure Management are:
Cybersecurity Asset Management
-
Discover and classify every device across any environment (90 days retention) to help IT security teams leverage asset context and status trends to streamline their operations.
Persistent Risk Asset Management
-
Gain situational awareness of cybersecurity risk posture based on exposure from vulnerabilities and misconfiguration with a unique multifactor risk score.
Accelerated Incident Response
-
Leverage historical asset context to aid analysts’ proactive investigation of risks and reactive response to incidents and events to help minimize the blast radius and reduce mean-time-to-resolution (MTTR).
Enhanced IoT Security
-
Leverage high-fidelity IoT classification through non-disruptive, passive discovery techniques for deployment flexibility, with real-time identification of xIoT vulnerabilities to help security teams understand the attack surface and prioritize response actions.
Enhanced Medical Device Security
-
Clear and concise risk assessment of each connected medical device based on known exposures, attack potential and operational criticality, with insights into FDA class and recall status, to help ensure security without impacting patient care