Security teams face a growing challenge with unknown and unmanaged devices, legacy systems, and specialized IoT and OT assets. Unknown and unmanaged devices often lack inventory records or proper authentication, making them difficult to monitor and secure. Legacy systems run outdated software and lack security controls due to obsolete protocols and weak encryption. And IoT and OT devices weren’t normally built with security in mind. Many OT environments are air-gapped or isolated, so temperature, vibration, and flow sensors may not be inventoried by current systems. Some newer IoT and OT sensors even connect to the cloud, creating new outbound pathways that bypass perimeter controls.
Unseen, Unmanaged, and Unprotected: The Ever-Expanding Attack Surface
All of this makes IoT/OT devices difficult to detect, as many broadcast minimal traffic. As a result, understanding what regular traffic should look like on a corporate network can be challenging. And that makes assessing cyber risk and exposure that much harder. For example, a CISO we work with expected to see around 200 devices on his executive floor network segment. Forescout discovery methods provided visibility for 847 devices and their network traffic. The culprits? IP phones, badge readers, security cameras, smart thermostats, and our favorite, a Bluetooth-enabled fish tank monitor in the CEO’s office.
Devices with IoT-like behavior will continue to slip past the security perimeter, even those that are fortified with basic software monitoring tools. These categories of devices usually operate without agents, outside CMDB inventories, and beneath the radar of even the most seasoned security professionals. The result is a patchwork of visibility that expands the attack surface by allowing devices to bypass policy boundaries and create serious weaknesses for static segmentation strategies. Specifically, static segmentation fails against IoT and OT devices that move across logical and physical network segments. Bad actors can exploit these devices as stepping stones between segmentation zones. This type of exploitation undermines the primary purpose of segmentation, which is to mitigate risk by limiting lateral movement.
Network Security Engineers, Visibility Analysts, and Device Security Specialists operate on the front lines of this problem. They are tasked with gaining complete visibility of what is connected to the network, threat detection, policy enforcement, and managing diverse environments that span IT, OT, IoT, and even medical systems. And yet, they have limited tools and fragmented data that create blind spots, making it difficult to secure the network proactively.
Forescout + Keysight: Visibility Without Compromise
That’s where the Forescout and Keysight joint solution comes in with an essential tool for the cybersecurity toolkit. By integrating Forescout sensors with Keysight Vision network packet brokers through the Keysight Application Fusion Program (Fusion Program), the combined solution provides passive, agentless visibility directly from network traffic – even high-throughput traffic from high-density environments, like hospitals, factories, and airports. Now, Forescout sensors are deployed natively on the Keysight platform, eliminating the need for standalone servers and minimizing architectural complexity. All traffic can be inspected passively and at scale, including non-IP protocols, encrypted or encapsulated traffic, and asset behavior across VLANs and zones.
Keysight NPBs support inline bypass and traffic steering, enabling Forescout to continuously monitor traffic and dynamically trigger access or segmentation control and orchestration through integrations with firewalls, switches, SOAM, and SIEM tools. Enriched metadata from Keysight helps Forescout improve device fingerprinting, and feed more accurate data into CMDBs, SOARs, and SIEMs, to support faster threat correlation and incident response. Real-time traffic mirroring enables Forescout to perform deep packet inspection, identifying, classifying, and monitoring every IoT/OT device without disrupting the environment.
Close Gaps in IoT and OT with Forescout Sensors and Keysight Vision Network Packet Brokers
The new solution delivers many benefits. Security teams gain 100% device visibility and behavioral insights without deploying agents. It accelerates threat detection and reduces dwell time by ingesting full-fidelity traffic while enabling segmentation and enforcement based on actual device behavior. By combining sensor and packet broker functions into a single platform, organizations can reduce capital expenditure, as well as rack space and power consumption. The deployment is streamlined and the solution supports Zero Trust initiatives and compliance frameworks.
From Blind Spots to Boardroom Justification: The Forescout-Keysight Partnership Is a Straightforward Call
The Forescout-Keysight offering can be aligned to CISO’s strategic priorities around operational efficiency and risk reduction. The solution provides security teams with continuous and scalable monitoring in previously unknown territory and supports faster incident response and audit readiness without requiring an overhaul of existing infrastructure.
The Forescout-Keysight strategic alliance is part of the Keysight Fusion Program, launched to enable high-performance applications to run directly on Keysight NPBs. Forescout is one of the flagship integrations, enabling native deployment of Forescout sensors on Vision hardware.
For organizations struggling with data fragmentation, unmanaged assets, or compliance mandates, this solution offers a compelling solution: real-time visibility and automated control at the packet level across every device, with zero compromise.