Forescout Transforms Enterprise-Wide Network Segmentation with Release of Cloud-Based eyeSegment
ForescouteyeSegment ties together fragmented segmentation point solutions in a scalable approach across campus, data center, cloud and OT
- Enables a
Zero Trustapproach to implementing granular security controls and reducing operational complexity of network segmentation projects
“The demands on today’s security organizations are greater than ever before. Attackers are proving again and again their ability to take advantage of the dissolving network perimeter and move unrestricted across company networks,” said
- Translate every IP-connected entity into context and groups: eyeSegment builds on
ForescouteyeSight’s ability to automatically translate every IP-connected entity into a logical taxonomy of users, devices, applications and services. Additional context from third-party systems, such as vulnerability and compliance information, can be integrated to this taxonomy to enable a customer to define policy in business terms and drive device segmentation decisions across the entire enterprise. This capability closes the gap between infrastructure controls and business segmentation policy.
- Visualize device communication and behavior: eyeSegment then marries traffic flows to how these entities are communicating across all networks from campus, data center, cloud and OT in business terms. Frequent baseline communication can be used to create a segmentation policy. This accelerates segmentation design planning based on in-depth understanding of traffic flow baselines and anomalies.
- Design and visualize policies and gauge impact: Customers can proactively design, fine-tune and simulate policies before enforcing segmentation controls. This allows organizations to determine how specific policies would impact the rest of their network from a single policy layer before implementing the controls to understand overall business efficacy.
- Monitor and automatically respond to policy violations: eyeSegment allows customers to centrally monitor traffic flows between segmentation zones, validate
Zero Trustcontrols, and automatically react to policy violations with restrictive controls, alerting and/or logging. This approach allows customers to implement enterprise-wide segmentation policies quickly and only target violations which eliminates disruption.
- Orchestrate heterogenous enforcement solutions: Combined with eyeControl and eyeExtend, eyeSegment can orchestrate policy-based control actions across multiple segmentation enforcement points, such as next-generation firewalls, wired and wireless network infrastructure, software defined networking and cloud infrastructure, as well as agent-based segmentation technologies. This allows customers to choose best of breed options across their enterprise to carry out restrictive enforcement.
- “Arista is leveraging our cloud networking principles to bring resiliency and automation to campus networks. The growth of IoT devices and proliferation of malware fundamentally impacts network operations, visibility and security in enterprise networks. The combination of Arista EOS® and CloudVision® for cognitive campus infrastructure and
Forescout'sdevice visibility and policy control will enable joint customers to implement enterprise-wide segmentation and fine-grained device control.” – Anshul Sadana, chief operating officer, Arista Networks
- “VMware NSX micro-segmentation policies lock down critical applications to achieve
Zero Trustlevel security in private and public cloud environments. We are excited about ForescouteyeSegment’s ability to dynamically group heterogeneous devices by business context and accelerate segmentation policy creation based on in-depth visibility of traffic flows between device groups regardless of connection point. Together, VMwareand Forescoutdeliver comprehensive segmentation to achieve Zero Trustsecurity for the entire corporate estate: from campus, including IoT and Operational Technology, to data center and cloud environments.” – Nikhil Kelshikar, vice president of NSX product management, VMware
- “PwC helps customers architect, design and deploy networks with a business-centric, top-down approach to prevent the sprawl of inconsistent policies and solutions. In addition to Forescout’s enterprise scale device visibility, eyeSegment’s business context view of network communication patterns, and ability to simulate and refine segmentation policies before enforcement, are key capabilities that can help accelerate segmentation projects and further reduce risk for our clients.” – Don O’Neil, director of cybersecurity and privacy consulting, PwC
- “Segmentation is the buzzword of the day, but how does one implement segmentation given the realities of IoT?
Forescoutis addressing the need with eyeSegment, which is an ‘easy button’ to start designing and planning enterprise-wide network segmentation. It allows organizations to create a baseline of what is communicating with what and helps make sense of the network chaos associated with the volume and diversity of connected devices.” – Frank Dickson, program vice president of security and trust, IDC
Media Relations Contact:
Investor Relations Contact:
Source: Forescout Technologies, Inc.