Forescout eyeInspect v4.2.1 release is now GA!
In August, Forescout announced the launch of Forescout eyeInspect 4.2, and with this release set a new standard for visibility and threat detection for operational technology (OT) networks on the market today.
With this 4.2.1 release eyeInspect enables OT asset owners and network administrators to identify and analyze security and operational risks to their OT network faster and more effectively than ever before. With 4.2.1, eyeInspect reaches new levels in terms of robustness, scalability, easiness of deployment, and ease of use.
Customers will be able to:
- Streamline security analyst tasks, optimize risk management workflows and pinpoint compliance gaps with a new persona-centric user interface.
- Leverage deeper integration with the Forescout platform to implement non-disruptive segmentation within the OT network stack and in converging IT-OT environments.
- Reduce their attack surface, limit threat blast radius and mitigate a full range of cyber and operational risks.
What’s New?
New UI / UX on the Command Center
- A brand-new Graphical User Interface is now available on the Command Center. This new UI covers the most important capabilities for Asset inventory and Alert analysis and is designed to make user flows smooth and the analysis faster and more effective with Improved Map performance and usability, new dashboards and interactions.
- Localization: Users can choose among the available languages and new packages can be developed on the need
Advanced Alert Aggregation
Faster and more cost-effective response to cyberthreats reducing the “noise” and helping analysts focus on the highest priority alerts. Advanced Alert Aggregation helps you better understand your risk posture and operating status. It offers ability to aggregate and create multidimensional alert groups to better uncover trends in the network. Functioning like a pivot table, alerts are aggregated by multiple dimensions, according to source IP, type of vulnerability, sensor, etc.
Asset Baselining & Reporting
The Asset Baseline allows users to define granular compliance policies for OT assets, and to identify and analyze compliance deviations. For example, it allows users to define what OS, firmware version or open ports are allowed for assets from a specific vendor or of a specific type (e.g. PLCs, HMIs, etc.), and report non-compliance assets through dedicated views. It enables automation of compliance verification and reporting tasks, for both internal and external audits.
Active Sensor Improvements
The following improvements and new capabilities are now available for Active Sensors:
- SEL devices (IP-enabled and serial): Two new types of Active Sensor queries are now available, enabling users to quickly retrieve details of SEL IEDs or RTAC devices and connected IEDs (including serial). SEL is a pervasive presence in the Utilities world
- Improvements in Windows active query: the active Windows query now exploits WinRM in combination with the original WMI query to retrieve more accurate Windows software and patches.
FIPS Compliance
eyeInspect 4.2 adheres to the security requirements of FIPS 140-2 lv.1 . This is a fundamental capability for Federal Agencies and DoD.
Data Encryption at Rest
eyeInspect 4.2 can encrypt sensitive information stored on eyeInspect sensors. This enhanced level of security protects asset owner’s data from physical attacks. This is of critical importance if you have sensors deployed in unmanned and/or remote locations.
Coverage Expansion
Forescout eyeInspect 4.2 increases its device visibility and threat detection reach with the additional support of 30+ new industrial protocols, improved auto-classification, and 140+ additional behavioral checks.
OT Segmentation with Forescout eyeSegment
As a pioneer in Zero Trust Networking Segmentation of the Enterprise of Things, Forescout eyeInspect integrates with Forescout eyeSegment to provide asset owners with the ability to have a unified segmentation policy approach to mitigate threats crossing networks and achieve tighter alignment with IEC 62443 Conduit and Zones standards.
Supported Versions & Requirements
eyeInspect 4.2.1 is distributed as an update for SilentDefense 4.1.x
Availability
eyeInspect Users:
Download the modules and related documentation from the Downloads / Resources section of the OT Customer portal, https://portal.secmatters.com/.
- FLEXX – Customer Support Portal
- PAL – Updates Portal