New Platform Updates Deliver on Vision to Secure the Enterprise of Things
Over the last number of years, enterprise organizations have turned into an Enterprise of Things made up of billions of connected devices, including PCs, mobile systems, and cloud workloads attached to today’s networks, as well as Internet of Things (IoT) and operational technology (OT) devices.
The reality is that the number and diversity of devices are growing quickly – nearly 42 billion connected devices by 2025 according to IDC – and many organizations are struggling to keep pace and maintain cybersecurity standards in this new digital world.
Our mission is to provide an active defense for the Enterprise of Things by identifying, segmenting, and enforcing compliance of every connected thing.
This protection should be informed by robust external data sources and an extensive enterprise customer base. The outcome is a holistic, Zero Trust approach that allows organizations to not just see devices, but to secure them – at scale across the full scope of their network.
Today, we are delivering on our mission, backing up our words with action and innovation. We announced a number of product releases that, along with the rest of the robust Forescout portfolio, further help customers identify, segment, and enforce policies across the entire extended enterprise, from IoT to OT, to the cloud. Here are some highlights:
Simple and Non-Disruptive Zero Trust Segmentation for Any Device, Anywhere
Given the scale and diversity of devices across the extended enterprise, many organizations are challenged to implement true, holistic network segmentation from cloud to edge. We have made updates to eyeSegment that are designed to address this, providing security teams with the tools they need to simplify Zero Trust segmentation and optimize risk management when it comes to IT, OT and ICS devices in your heterogeneous Enterprise of Things (EoT).
Specifically, we are adding a new integration to our eyeInspect product (formerly SilentDefense) to allow for a unified policy approach across IT and OT to prevent the lateral movement of threats across the network, as well as more granular capabilities for policy-planning, monitoring, and response. We are also adding a Medigate integration with eyeSegment, recognizing the unique needs of healthcare organizations, and delivering a way to address risk and compliance concerns with a non-disruptive, unified segmentation approach. Finally, we are introducing east-west traffic flows visualization for AWS Cloud, to enable cross-domain and data center segmentation from a unified policy.
Continued Investment in OT
Updates to Forescout eyeInspect build on our promise to continue innovation around OT/ICS. In addition to integration with eyeSegment, which will allow for network segmentation across IT and OT networks, eyeInspect will also include asset baselining and advanced alert aggregation, as well as a new analyst-centric UI/UX to simplify threat analysis and optimize IT-OT workflows.
The result of these updates will be that security analysts can save time and simplify threat analysis across fewer tools and fewer dashboards. They can also drive better, more immediate business value by aggregating associated alerts and suggested remediation workflows. These solutions will be available later this year.
Enhanced Integration for Policy Enforcement
Another key highlight is enhanced integration with next-generation firewalls via our eyeExtend modules. The goal here is to further accelerate the ability for organizations to segment devices at the perimeter, data center, or cloud, leveraging Forescout’s rich device context to apply dynamic firewall policies. In doing this, security analysts can collaborate better on risk mitigation across converging IT and OT networks, as well as prevent threats from crossing from domain to domain.
The ultimate goal with these updates is to allow organizations to operate fearlessly in this new Enterprise of Things world. While devices will continue entering the enterprise, organizations will have the tools at their disposal to identify, segment, and enforce security best practices without worrying about downtime or risk.