The ability to see 100% of devices connected to the campus (including IoT), data center, cloud and OT environments then the capability to secure those devices with appropriate level of automated controls.
Security begins by understanding with confidence what is on the network. This means having visibility into every single user credential that is logged in, knowing what applications each of those users is entitled to, and also identifying every single device—the moment it connects to the network and constantly thereafter. Then, you must have the ability to control the device for optimal security.
Agentless discovery and classification in real time coupled with continuous posture assessment provides accurate situational awareness. Use this accurate situational awareness to automate policy-based controls and orchestrate actions.
According to a Gartner September 2018 report on IoT Trends, Gartner estimates that by 2023 the average CIO will be responsible for more than three times the endpoints they managed in 2018. The vast majority of this growth is not coming from traditional managed devices like laptops and smartphones, but from IoT and OT devices which can’t support agents and thus can easily go undetected and unmanaged.
The ability to:
Discover every physical and virtual device across campus, data center, cloud and industrial environments.
Classify diverse IT, IoT and OT/ICS devices in real time.
Assess and continuously monitor compliance of all devices without requiring agents.
The ability to:
Conform with policies, industry mandates and best practices such as network segmentation.
Restrict, block or quarantine noncompliant or compromised devices.
Automate endpoint, network and third-party control actions.
A civilian agency recently expanded its device visibility and control capabilities to cover additional devices, bringing the total number of devices under Forescout management to approximately 1.5 million . Forescout integrates and orchestrates with Splunk to enhance and enforce control for these devices. This is part of Phase 3 of the U.S. Government’s Continuous Diagnostics and Mitigation (CDM) program. Phase 3 is focused on mitigation of threats and moving from device visibility to control mode.
The U.S. Department of Defense uses Device Visibility and Control from Forescout in support of the U.S. Department of Defense’s Comply to Connect framework, in which Forescout will be initially managing visibility for 250,000 devices. Forescout is a foundational component of the Comply to Connect framework to achieve better cyber hygiene and see 100 percent of the devices and systems connected to the network.
A top ten U.S. bank uses Device Visibility and Control from Forescout to secure and inventory more than 250,000 devices across its network. In addition, Forescout is enabling deep device visibility value that marries well with ServiceNow’s CMDB to enable a single source of truth for all devices on the network.
A U.S. Fortune 10 healthcare organizations uses Device Visibility and Control from Forescout for nearly 250,000 devices. It was implemented to solve the visibility and control challenges it was experiencing as a result of multiple acquisitions and divestitures over the years.
One of the largest industrial manufacturing companies on the planet uses device visibility and control from Forescout for over 1 million devices across their campus wired and wireless networks. In addition, Forescout enables real-time vulnerability management by identifying a device the second it joins the network and triggers a real-time scan from their VA product. If the device has known vulnerabilities, Forescout takes action by blocking it until it is patched.
A major telecommunications company uses Device Visibility and Control from Forescout for more than 200,000 devices within its campus wired and wireless network. In addition, Forescout, interoperates with the company’s existing networking and security solutions such as EDR.