Forescout eyeSegment Recent Product Enhancements

Abdi Saee | February 26, 2020
Enterprise-wide segmentation requires a context-driven, multilayered architecture to address today’s broad diversity of device types—regardless of where they connect to the network. Forescout launched its eyeSegment product in November 2019. This cloud-based addition to the Forescout platform simplifies and accelerates the design, planning and deployment of dynamic network segmentation across the extended enterprise.
Flexible visualization options
New eyeSegment visualization options allow you to quickly narrow your view by drilling down on the specific source group traffic to one or more destinations. They let you zoom in to the eyeSegment Matrix and focus on what is important to you so that you can analyze and investigate a particular traffic pattern in your environment. No matter where you are in the matrix hierarchy, you can instantly create desired eyeSegment policies to segment a specific traffic pattern to protect your business while ensuring business continuity.
Accelerate collaboration using the Sub-Group Matrix
Enable Forescout product admins to share focused traffic maps (mini matrix) with relevant stakeholders in other groups to seek their approval of suggested segmentation policies (for example, medical device owner, app owner).
The Sub-Group Matrix provides a zoom-in view of specific rows/columns/cells, providing a matrix of the selected group and its sub-groups. There is no limitation to continue drilling down into sub-groups after going to Mini Matrix view.
There are two ways to get to Sub-Groups:
Fish-eye sub menu
eyeSegment’s Matrix is a powerful representation tool. eyeSegment v2.2 release allows you to control configurations directly from the matrix. Each blue dot in the eyeSegment Matrix cell represents a flow between the source and destination groups. Hover over a blue dot to open the Fish-eye cell sub-menu. There are three possible options for Fish-eye:
Ignore Traffic by IP
You can choose to ignore the traffic flows (as shown in the figure) coming to eyeSegment to avoid them from being permanently recorded and stored. This helps you:
Traffic Filter
When you do not want to ignore traffic permanently, an alternative to filtering traffic in the eyeSegment Matrix is to use the Traffic Filter feature. This lets you filter based on traffic from a specific ‘Source Group’ to a specific ‘Destination Group’ or ‘Service’ type (port, protocol, etc.). You can choose to exclude this traffic or only see filtered traffic in the eyeSegment Matrix. Turning off this temporary filter restores the eyeSegment Matrix to full traffic mode.
For example, you can:
Matrix Settings, Delete Traffic and Ignored Traffic features are not available at the top menu of the eyeSegment Matrix for view-only roles.
Conflicting policies
When creating segmentation policies, eyeSegment helps you avoid creating conflicting policies by intuitively visualizing the configured policy.
Quickly identify conflicting policies in the eyeSegment Matrix and drill down to the policy set to modify and eliminate conflicts.
Export Traffic Data to CSV file from eyeSegment
From cell traffic details, there is a new ability to export traffic flows to a CSV file.
In addition to filtering options in the eyeSegment web interface, you now have the option to use the Export to CSV feature to download the complete set of data to sort, further analyze and investigate group-to-group traffic patterns in your environment. This feature can help your team collaborate with various stakeholders in the organization by sharing detailed information for further analysis.
Role-based Access Control
You can now enable role-based access control to the eyeSegment console to assign a different access level to users logging in to the console:
Option to Share Traffic Context with Forescout
You now have the option to share the traffic context with Forescout (Enabled by default) or disable this checkbox to avoid sending traffic context to Forescout.
These enhancements help our customers in different verticals to address variety of different use cases so customers can:
Upcoming Webinar
Implement Enterprise-Wide Network Segmentation with Forescout eyeSegment
Register for our upcoming webinar to learn more about Forescout platform, tools and best practices to help you efficiently plan and implement your network segmentation projects so you can move forward with confidence.
Learn more:
Toll-Free (US): 1-866-377-8771
Tel (Intl): +1-408-213-3191
Support: +1-708-237-6591
Headquarters
190 W Tasman Dr.
San Jose, CA, USA 95134