Forescout transforms enterprise-
wide network segmentation with
release of eyeSegment
orescout Technologies, a
leader in device visibility and
control, has announced that it
is transforming enterprise-wide network
segmentation with the launch of a new
cloud-based offering.
F
Forescout eyeSegment will help
organisations accelerate network
segmentation projects, driven by the need
to secure critical applications, mitigate
increased exposure due to IoT devices
and limit the lateral movement and blast
radius of threats across flat networks.
“The demands on today’s security
organisations are greater than ever
before. Attackers are proving again and
again their ability to take advantage of
the dissolving network perimeter and
move unrestricted across company
networks,” said Michael DeCesare, CEO
and President, Forescout Technologies.
“EyeSegment puts the security teams
back in control. Understanding what is
on the network is in our DNA and we are
now using that visibility-first approach
to give our customers the edge against
attackers with true, enterprise-wide
network segmentation.”
Forescout eyeSegment allows
organisations to define and implement
www.intelligentciso.com
|
Issue 20
holistic network segmentation to
secure the increasingly complex and
interconnected enterprise network across
campus, data centre, cloud and OT.
Available now, eyeSegment provides the
following capabilities:
▯ Translate every IP-connected
entity into context and groups:
eyeSegmentbuilds on Forescout
eyeSight’s ability to automatically
translate every IP-connected entity
into a logical taxonomy of users,
devices, applications and services.
Additional context from third-party
systems, such as vulnerability
and compliance information, can
be integrated to this taxonomy
to enable a customer to define
policy in business terms and drive
device segmentation decisions
across the entire enterprise. This
capability closes the gap between
infrastructure controls and business
segmentation policy.
▯ Visualise device communication
and behaviour: eyeSegment then
marries traffic flows to how these
entities are communicating across all
networks from campus, data centre,
cloud and OT in business terms.
59
The demands on
today’s security
organisations are
greater than
ever before.
Michael DeCesare, CEO and President,
Forescout Technologies
Frequent baseline communication
can be used to create a
segmentation policy. This accelerates
segmentation design planning based
on in-depth understanding of traffic
flow baselines and anomalies.
▯ Design and visualise policies and
gauge impact: Customers can
proactively design, fine-tune and
simulate policies before enforcing
segmentation controls. This allows
organisations to determine how
specific policies would impact the
rest of their network from a single
policy layer before implementing
the controls to understand overall
business efficacy.
▯ Monitor and automatically respond
to policy violations: eyeSegment
allows customers to centrally
monitor traffic flows between
segmentation zones, validate Zero
Trust controls and automatically
react to policy violations with
restrictive controls, alerting and/
or logging. This approach allows
customers to implement enterprise-
wide segmentation policies quickly
and only target violations which
eliminates disruption.
▯ Orchestrate heterogenous
enforcement solutions: Combined
with eyeControl and eyeExtend,
eyeSegment can orchestrate
policy-based control actions across
multiple segmentation enforcement
points, such as next-generation
firewalls, wired and wireless network
infrastructure, software defined
networking and cloud infrastructure,
as well as agent-based segmentation
technologies. This allows customers
to choose best of breed options
across their enterprise to carry out
restrictive enforcement u