Forescout Technologies Inc Solutions for the Public Sector

  • eyeSight

    Forescout eyeSight provides unparalleled visibility into your entire Enterprise of Things (EoT) – without disrupting critical business processes. It discovers every IP-connected device, auto-classifies it, puts it in context and assesses its policy compliance and security posture the instant a device connects to the network.

    Agentless Visibility
    Gain unparalleled visibility into all IP-connected devices across your extended enterprise the instant they connect to the network – no agents required

    Continuous Monitoring
    Gain complete situational awareness of all devices in your Enterprise of Things and their risk profiles as eyeSight continuously monitors the network to discover and auto-classify devices and assess their security posture.

    Passive Profiling
    Take advantage of eyeSight’s passive-only profiling techniques to gain device visibility into sensitive IoT, IoMT, OT and critical infrastructure systems without impacting system uptime, introducing operational risk or disrupting critical business processes.

    Complete Asset Inventory
    Get a real-time asset inventory of all physical and virtual devices – IoT, IoMT, OT, mobile devices and network infrastructure – across your campus, data center, cloud and OT networks.

    How it Works
    eyeSight provides device visibility across your Enterprise of Things in three comprehensive steps:

    • Discover
      • eyeSight uses over 20 passive and active monitoring techniques to discover managed and unmanaged devices connecting to your heterogeneous network infrastructure.
    • Classify
      • eyeSight auto-classifies traditional, IoT, medical, OT and IT devices using a multi-dimensional classification technology to identify device function, type, operating system (including version), vendor and model.
    • Assess
      • eyeSight continuously monitors the network and assesses the configuration, state and security of connected devices to determine their compliance posture and risk profile.

    Read Datasheet.

  • eyeSegment

    Forescout’s eyeSegment module enables segmentation across your entire enterprise to address your multi-domain, multi-use cases to help you meet compliance, regulatory or internal needs. Eliminate enforcement silos and disparate policy enforcement by visualizing real-time traffic, unifying policies and orchestrating remediation.

    Continuous Monitoring
    Possess a complete understanding of the current state and hygiene of segmented environments with a unified policy layer for segmentation across disparate policy enforcement points and network domains.

    Accelerate Zero Trust Initiatives
    Quickly and efficiently create new zones and groups, isolate or block insecure and unwanted network traffic and orchestrate controls across policy enforcement points and network domains to implement Zero Trust with full confidence.

    Minimize Business Disruption
    Simulate updated or proposed policies using live traffic to identify real-world impacts to production environments prior to activation.

    Improve Operational Efficiency
    Reduce operational complexities and costs with simplified policy development, validation and anomaly remediation.

    How it Works
    The Forescout platform gives you the means to ensure segmentation hygiene, build unified policies, reduce operational complexity and automate enforcement. This simplifies your journey by providing a logical path to successfully implement a segmentation strategy.

    • Know and Visualize
      • Map traffic flows to the logical taxonomy of devices, users, applications and services.
    • Design and Simulate
      • Build, refine and simulate logical segmentation policies to preview impact before enforcement.
    • Monitor and Respond
      • Monitor segmentation hygiene in real time and respond to policy violations across the extended enterprise.

    Download Datasheet.

  • eyeInspect

    Gain complete device visibility through deep packet inspection of all industrial network protocols and baseline assets. Defend your network with thousands of OT-specific threat indicators and powerful anomaly detection. Achieve a full understanding of the cyber resiliency of your OT network with an Asset Risk Framework.

    Download Datasheet.

    In-depth, Agentless Device Visibility & Classification
    Continuously discover (passively and/or actively), classify and monitor OT network devices for a complete OT asset inventory of connected IP and serial devices.

    ICS/OT Threat Detection and Baselining
    Establish baseline of admissible network behavior using thousands of ICS/OT-specific indicators & queries.

    Optimized Risk Analysis
    Aggregate thousands of alerts and millions of logs according to their risk level and cause.

    Automate Threat Detection, Containment and Remediation
    Automate threat detection, containment and remediation with alert investigation and response tools. Dashboards and widgets enhance user collaboration, and rich alert details expedite efficient incident response.

    Real-Time Compliance And Anomalous Behavior Analysis
    Continuous and automated data gathering, including detailed reports on network traffic anomalies, for real-time policy compliance and anomalous behavior analysis.

    3rd Party Integrations
    Rich integrations with ServiceNow and interfaces natively with SIEM solutions, firewalls, IT asset management, sandboxes and authentication servers.

    How it Works

    • eyeInspect gives you visibility into all devices on your OT network– no more blind spots from newly connected and rogue devices. You get a detailed, accurate, real-time asset inventory of all IP-enabled and serial devices, including HMIs, SCADA, PLCs, controllers, sensors, meters and I/O.
    • eyeInspect detects and prioritizes known and unknown cyberthreats using ICS/OT-specific threat checks and indicators, as well as spotting any changes to the network.
    • Knowing what you have and what it’s doing, you can quickly prioritize response to cyber and operational threats for faster and more effective mitigation workflows.
    • eyeInspect gets the right data to the right people – from OT engineers to IT/SOC analysts – using SIEM solutions or common ticketing systems like ServiceNow.

    Download Datasheet.

  • eyeControl

    Forescout eyeControl provides flexible and frictionless network access control for heterogeneous enterprise networks. It enforces and automates Zero Trust policies for least-privilege access for all managed and unmanaged devices across your Enterprise of Things. You can apply policy-based controls to enforce device compliance, proactively reduce your attack surface and rapidly respond to incidents.

    Enforce Secure Network Access
    Enforce network access based on user (employee, guest, contractor), device classification and security posture – in any heterogeneous network with or without 802.1X.

    Improve Device Compliance
    Automate compliance assessment and initiate remediation workflows for enforcing compliance with internal security policies, external standards and industry regulations.

    Accelerate Incident Response
    Quickly and effectively contain threats by automating response to security incidents, thereby minimizing disruption to operations and damage to the business.

    How it Works

    • Dynamic grouping and scoping of devices by business logic and device context, allowing targeted control actions.
    • Compound conditions and actions using Boolean logic and waterfall policies to implement sophisticated control workflows.
    • Knowing what you have and what it’s doing, you can quickly prioritize response to cyber and operational threats for faster and more effective mitigation workflows.
    • The ability to start with manually initiated control actions and slowly dial up automation to increase security operations efficiency.

    Download Datasheet.

  • eyeExtend

    Share device context between the Forescout platform and other IT and security products, automate policy enforcement across disparate tools and accelerate system-wide response to mitigate risks.

    Download Datasheet.

    Share Contextual Insights
    Share in-depth device, user and network context for all EoT assets – managed and unmanaged.

    Automate Workflows
    Automate cross-product processes and bridge gaps between tools with pre-built integrations and crowdsourced apps.

    Accelerate Response
    Automate policy enforcement and system-wide response actions to contain threats and mitigate risks.

    How it Works

    • Forescout-built and supported eyeExtend modules covering advanced use cases updated and refined on a regular basis.
    • Community-built and shared eyeExtend Connect apps that are fully customizable and portable across environments.
    • Standards-based open APIs to enable customers, system integrators and technology vendors to easily integrate with custom applications and tools.
    • Partner-built and supported integrations cover additional use cases that leverage Forescout’s enterprise-wide device intelligence and control

    Download Datasheet.

  • eyeManage

    From eyeManage, customers can control devices, share risk and compliance insights with cross-functional stakeholders, and manage both policy creation and enforcement. Deployed as a physical or virtual appliance (on premises or in the AWS or Azure cloud), eyeManage installs out of band, avoiding latency or issues related to network disruption. Failover and recovery options through Forescout eyeRecover ensure availability of this business-critical application.

    Download Datasheet.
  • eyeRecover

    As with any critical service, you need to consider deployment architectures that are resilient to system failures, site-wide disruptions and natural or human-induced disasters. Planning and implementing a recovery strategy reduces downtime and enables continuity of vital business and security systems. Forescout eyeRecover provides automated failover, resiliency and service continuity for Forescout deployments with a choice of active/standby high-availability pairing or failover clustering capabilities.

    Download Datasheet.
  • Forescout Extended Modules

    Forescout Extended Modules extend the capabilities of CounterACT to a vast range of system infrastructure and third-party security management tools. Orchestrate more.

Risk and Exposure Management (REM)

The current use cases and benefits of Forescout Risk and Exposure Management are:  

  • Cybersecurity Asset Management

    Discover and classify every device across any environment (90 days retention) to help IT security teams leverage asset context and status trends to streamline their operations.

  • Persistent Asset Risk Intelligence

    Gain situational awareness of cybersecurity risk posture based on exposure from vulnerabilities and misconfiguration with a unique multifactor risk score.

  • Accelerated Incident Response

    Leverage historical asset context to aid analysts’ proactive investigation of risks and reactive response to incidents and events to help minimize the blast radius and reduce mean-time-to-resolution (MTTR).

  • Enhanced IoT Security

    Leverage high-fidelity IoT classification through non-disruptive, passive discovery techniques for deployment flexibility, with real-time identification of xIoT vulnerabilities to help security teams understand the attack surface and prioritize response actions.

  • Enhanced Medical Device Security

    Clear and concise risk assessment of each connected medical device based on known exposures, attack potential and operational criticality, with insights into FDA class and recall status, to help ensure security without impacting patient care