In August, Forescout announced the launch of Forescout eyeInspect 4.2 (formerly SilentDefense™), setting a new standard for visibility and threat detection for operational technology (OT) networks on the market today.
In this blog, we expand on the new features and functionality in this release that help asset owners and network administrators identify and analyze security and operational risks to their OT networks faster and more effectively than ever before. With version 4.2, eyeInspect reaches new levels of robustness, scalability, flexibility and ease of use.
Accelerating Innovation to Protect OT Networks
Asset Baselining – define and track the compliance status of network assets. This feature reduces compliance risk and improves compliance automation by enabling the definition of compliance policies and continuous compliance violation identification. Now you can see the real-time compliance status of all the assets across your network, making reporting easier (i.e., NERC CIP, NIST framework and the EU NIS directive).
Active Queries – easily monitor and manage Schweitzer Engineering Laboratories (SEL) IP-enabled and serial devices. The ability to extract critical information without requiring a passive sensor has been limited across the industry, especially for SEL serial devices, leading to blind spots for asset owners. This capability lets you improve asset inventory data acquisition and reduce the number of manual audits.
OT Segmentation with Forescout eyeSegment – safely secure extended OT networks that are no longer air-gapped. The increase in network traffic between IT and OT networks continues to increase and with it, so does the risk of cyberthreats moving laterally across the network. As a pioneer in Zero Trust Network Segmentation for the Enterprise of Things, Forescout provides asset owners with a unified segmentation policy approach to mitigate threats crossing network boundaries and achieve tighter alignment with IEC 62443 Conduit and Zones standards.
Advanced Alert Aggregation – achieve a faster and more effective response to cyber and operational threats. It’s not uncommon for asset owners and security analysts to be overwhelmed by the number of alerts they receive. Advanced Alert Aggregation helps you reduce the clutter and better understand your risk posture. Similar to a pivot table, it offers the ability to aggregate alerts across multiple dimensions, such as source or destination IP, event type or impacted network, to uncover trends and prioritize response.
Analyst-centric UI/UX – gain more efficient analysis and response. Multiple screens, multiple tools, and lengthy processes are common in OT network monitoring and threat remediation. Forescout’s eyeInspect 4.2 has fewer pages, better analysis flows and more actionable risk indicators.
FIPS Compliance – ensure the use of the most secure cipher suites. All communications and algorithms of eyeInspect 4.2 are available in FIPS-compliant mode to adhere to FIPS 140-2 Level security requirements.
Data Encryption at Rest – secure the physical threat vector. eyeInspect 4.2 encrypts sensitive information stored on eyeInspect sensors. This enhanced level of security protects asset owners’ data from physical theft, which is especially important if you have sensors deployed in unmanned and/or remote locations.
That’s a lot, but there’s one more thing.
Forescout eyeInspect 4.2 also increases its device visibility and threat detection reach with the support of 30+ new industrial protocols, improved auto-classification and 140+ additional behavioral checks.
The Enterprise of Things. Secured.™