ForeScout Technologies, Inc. ForeScout-InternetOfThings-SolutionBrief-052118 Solution Brief Passive-Only Monitoring — Inventory OT Devices Safely Passive Monitoring Techniques Passive-only monitoring techniques allow non-disruptive discovery of critical IoT and OT devices on the network without impacting performance or reliability. The ForScout platform’s passive techniques include: • SNMP traps • DHCP fingerprinting • SPAN traffic • HTTP user-agent Industrial IoT and critical infrastructure systems create unique visibility challenges. Most of these devices can’t support agents, and they are especially sensitive to active probing and scanning techniques that can cause system and business disruption. To address these concerns, the ForeScout platform now allows you to use passive-only discovery and profiling techniques in such environments without actively scanning or interrogating connected devices. ForeScout’s passive discovery and profiling techniques glean information by inspecting network traffic, directly integrating with network infrastructure and monitoring various networking protocols. This enables you to gain device visibility without scanning or accessing connected devices, thereby minimizing operational risk in OT environments. It removes traditional blind spots within your extended enterprise network and gives you an accurate, real-time inventory of these devices. • TCP fingerprinting ForeScout Device Cloud — Auto-Classify New Devices • NetFlow Discovering IoT devices on your network is just part of the problem ForeScout addresses. Classification is the next important step. Auto-classifying IoT devices is essential for creating security policies for network access, device compliance and network segmentation. • Network infrastructure polling • Power over Ethernet • Radius requests • MAC classification • VMware® vSphere® • Amazon® EC2® • CMDB or external sources The ForeScout platform includes ForeScout Device Cloud, allowing you to benefit from crowd-sourced device insight from a growing community of over 500 enterprise customers across more than 10 industries to auto-classify your devices. The ForeScout platform provides a rich taxonomy to auto-classify your devices by their type and function, operating system and version, and manufacturer and model. ForeScout Research leverages intelligence from millions of real-world Classify IoT and OT devices using the ForeScout platform devices in our cloud to help improve classification efficacy and coverage in your environments. You can leverage new and updated auto-classification profiles published by ForeScout on a frequent basis. In addition, you can create custom classification policies to auto-classify devices unique to your environment. “ IoT Risk Assessment — Reduce Your Attack Surface 81 percent of breaches involve the misuse of stolen, weak or default credentials.” ?— Verizon 2017 Data Breach Investigations Report With IoT devices, weak and default credentials are an easy attack surface to exploit. Botnets such as Mirai take advantage of these weak credentials and harvest millions of IoT devices to disrupt critical services. The ForeScout platform allows you to assess and identify IoT devices with factory-default or weak credentials and automate policy actions to mitigate risk. You can use the ForeScout-provided IoT credentials library or your own custom credential library to identify devices using factory-default or commonly used credentials and SNMP strings in IoT devices. For high-risk devices with weak credentials, you can use ForeScout policies to automate risk-mitigation actions such as isolating or segmenting the devices until they are remediated. 3 Solution Brief “ IoT Use Cases: Separating Facts from Fiction Today we know what’s on our network—including IoT devices. The ForeScout platform classifies the device and slips it onto the appropriate VLAN segment.” ?— Ken Compres, Sr. Network Security Engineer/CSO, Hillsborough Community College Given the extraordinary value and broad-based adoption of IoT, many security vendors are quick to proclaim IoT security capabilities. While claims are plentiful, real use cases are much harder to find. Here is a real-world use case that shows how ForeScout Extended Modules orchestrate the visibility, continuous monitoring and control capabilities of the ForeScout platform with third-party security tools to increase IoT security. The ForeScout platform can automatically detect and classify IoT devices such IP security cameras, conference room displays and VoIP phones, then place them on appropriate network segments. It continuously monitors IoT devices to ensure they behave as expected and can share data with security information and event monitoring (SIEM) solutions. This same scenario is equally relevant to any number of corporate-connected devices such as HVAC/lighting controls. Segmentation Slide 1 ForeScout 2 2 3 SIEM 4 4 Firewall 5 Internet V 5 3 1 Figure 1: How the ForeScout platform applies policy-based network segmentation, monitoring and response to IoT devices. For more details about dynamic segmentation, read our Network Segmentation Solution Brief. Learn more at www.ForeScout.com 1 IoT device connects to the network. 2 ForeScout detects and classifies device as a printer. 3 Compromised printer attempts to access corporate file server. 4 Third-party Security Information and Event Management (SIEM) solution detects anomalous behavior. 5 ForeScout blocks the compromised printer from the network and quarantines it, allowing IT to safely remove the device from the network and perform forensic analysis. ForeScout Technologies, Inc. 190 West Tasman Drive San Jose, CA 95134 USA *As of December 31, 2017 Toll-Free (US) 1-866-377-8771 Tel (Intl) +1-408-213-3191 Support 1-708-237-6591 © 2018. ForeScout Technologies, Inc. is a Delaware corporation. The ForeScout logos and trademarks can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks/. Other names mentioned may be trademarks of their respective owners. Version 05_18 4 Please complete the form to gain access to this content Email * First name * Last Name * Access Now
Solution Brief Passive-Only Monitoring — Inventory OT Devices Safely Passive Monitoring Techniques Passive-only monitoring techniques allow non-disruptive discovery of critical IoT and OT devices on the network without impacting performance or reliability. The ForScout platform’s passive techniques include: • SNMP traps • DHCP fingerprinting • SPAN traffic • HTTP user-agent Industrial IoT and critical infrastructure systems create unique visibility challenges. Most of these devices can’t support agents, and they are especially sensitive to active probing and scanning techniques that can cause system and business disruption. To address these concerns, the ForeScout platform now allows you to use passive-only discovery and profiling techniques in such environments without actively scanning or interrogating connected devices. ForeScout’s passive discovery and profiling techniques glean information by inspecting network traffic, directly integrating with network infrastructure and monitoring various networking protocols. This enables you to gain device visibility without scanning or accessing connected devices, thereby minimizing operational risk in OT environments. It removes traditional blind spots within your extended enterprise network and gives you an accurate, real-time inventory of these devices. • TCP fingerprinting ForeScout Device Cloud — Auto-Classify New Devices • NetFlow Discovering IoT devices on your network is just part of the problem ForeScout addresses. Classification is the next important step. Auto-classifying IoT devices is essential for creating security policies for network access, device compliance and network segmentation. • Network infrastructure polling • Power over Ethernet • Radius requests • MAC classification • VMware® vSphere® • Amazon® EC2® • CMDB or external sources The ForeScout platform includes ForeScout Device Cloud, allowing you to benefit from crowd-sourced device insight from a growing community of over 500 enterprise customers across more than 10 industries to auto-classify your devices. The ForeScout platform provides a rich taxonomy to auto-classify your devices by their type and function, operating system and version, and manufacturer and model. ForeScout Research leverages intelligence from millions of real-world Classify IoT and OT devices using the ForeScout platform devices in our cloud to help improve classification efficacy and coverage in your environments. You can leverage new and updated auto-classification profiles published by ForeScout on a frequent basis. In addition, you can create custom classification policies to auto-classify devices unique to your environment. “ IoT Risk Assessment — Reduce Your Attack Surface 81 percent of breaches involve the misuse of stolen, weak or default credentials.” ?— Verizon 2017 Data Breach Investigations Report With IoT devices, weak and default credentials are an easy attack surface to exploit. Botnets such as Mirai take advantage of these weak credentials and harvest millions of IoT devices to disrupt critical services. The ForeScout platform allows you to assess and identify IoT devices with factory-default or weak credentials and automate policy actions to mitigate risk. You can use the ForeScout-provided IoT credentials library or your own custom credential library to identify devices using factory-default or commonly used credentials and SNMP strings in IoT devices. For high-risk devices with weak credentials, you can use ForeScout policies to automate risk-mitigation actions such as isolating or segmenting the devices until they are remediated. 3 Solution Brief “ IoT Use Cases: Separating Facts from Fiction Today we know what’s on our network—including IoT devices. The ForeScout platform classifies the device and slips it onto the appropriate VLAN segment.” ?— Ken Compres, Sr. Network Security Engineer/CSO, Hillsborough Community College Given the extraordinary value and broad-based adoption of IoT, many security vendors are quick to proclaim IoT security capabilities. While claims are plentiful, real use cases are much harder to find. Here is a real-world use case that shows how ForeScout Extended Modules orchestrate the visibility, continuous monitoring and control capabilities of the ForeScout platform with third-party security tools to increase IoT security. The ForeScout platform can automatically detect and classify IoT devices such IP security cameras, conference room displays and VoIP phones, then place them on appropriate network segments. It continuously monitors IoT devices to ensure they behave as expected and can share data with security information and event monitoring (SIEM) solutions. This same scenario is equally relevant to any number of corporate-connected devices such as HVAC/lighting controls. Segmentation Slide 1 ForeScout 2 2 3 SIEM 4 4 Firewall 5 Internet V 5 3 1 Figure 1: How the ForeScout platform applies policy-based network segmentation, monitoring and response to IoT devices. For more details about dynamic segmentation, read our Network Segmentation Solution Brief. Learn more at www.ForeScout.com 1 IoT device connects to the network. 2 ForeScout detects and classifies device as a printer. 3 Compromised printer attempts to access corporate file server. 4 Third-party Security Information and Event Management (SIEM) solution detects anomalous behavior. 5 ForeScout blocks the compromised printer from the network and quarantines it, allowing IT to safely remove the device from the network and perform forensic analysis. ForeScout Technologies, Inc. 190 West Tasman Drive San Jose, CA 95134 USA *As of December 31, 2017 Toll-Free (US) 1-866-377-8771 Tel (Intl) +1-408-213-3191 Support 1-708-237-6591 © 2018. ForeScout Technologies, Inc. is a Delaware corporation. The ForeScout logos and trademarks can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks/. Other names mentioned may be trademarks of their respective owners. Version 05_18 4
Related Resources ForeScout Technologies, Inc. NULL Read more ForeScout Technologies, Inc. Simple and Non-Disruptive Zero Trust Segmentation ... Read more ForeScout Technologies, Inc. Simple and Non-Disruptive Zero Trust Segmentation ... Read more ForeScout Technologies, Inc. Zero Trust Frequently Asked Questions Read more ForeScout Technologies, Inc. Zero Trust - A 5-Step Guide to Rapid Implementatio... Read more ForeScout Technologies, Inc. Enterprise-Wide Network Segmentation Read more ForeScout Technologies, Inc. Vos appareils IoT sont-ils vraiment sécurisés? Read more ForeScout Technologies, Inc. Total Visibility: The Master Key to Zero Trust T2 Read more ForeScout Technologies, Inc. Reducing Risks from IoT Devices in an Increasingly... Read more ForeScout Technologies, Inc. Tackling Today's Critical Infrastructure Cybersecu... Read more ForeScout Technologies, Inc. Sutton-and-East-Surrey-Water-ForeScout-Case-Study Read more ForeScout Technologies, Inc. Smart-Transportation-ForeScout-Solution-Brief Read more ForeScout Technologies, Inc. Smart-Cities-ForeScout-Solution-Brief Read more Load more
© 2024 Infotech Crowd. All rights reserved. Privacy Policy Cookies Policy Advertise with us Back to top
