(photo: Chivozol)
07.11.2019, 01:48

Transforming Enterprise-Wide Network Segmentation

ICT, Cloud Solutions & Strategies, Americas, Technology, Supplier News
A new cloud-based offering from Forescout Technologies, Inc., promises to support critical application development by accelerating network segmentation projects used in mitigating exposure from IoT devices.


Forescout eyeSegment allows organisations to define and implement holistic network segmentation to secure the increasingly complex and interconnected enterprise network across campus, data centre, cloud and OT.


According to Forescout, the new platform empowers organisations with new capabilities, including: 

Translating every IP-connected entity into context and groups - eyeSegment builds on Forescout eyeSight’s ability to automatically translate every IP-connected entity into a logical taxonomy of users, devices, applications and services. Additional context from third-party systems, such as vulnerability and compliance information, can be integrated to this taxonomy to enable a customer to define policy in business terms and drive device segmentation decisions across the entire enterprise. This capability closes the gap between infrastructure controls and business segmentation policy. 


Visualising device communication and behaviour - eyeSegment then marries traffic flows to how these entities are communicating across all networks from campus, data centre, cloud and OT in business terms. Frequent baseline communication can be used to create a segmentation policy. This accelerates segmentation design planning based on in-depth understanding of traffic flow baselines and anomalies. 


Designing and visualising policies and gauge impact - Customers can proactively design, fine-tune and simulate policies before enforcing segmentation controls. This allows organisations to determine how specific policies would impact the rest of their network from a single policy layer before implementing the controls to understand overall business efficacy.  


Monitoring and automatically responding to policy violations - eyeSegment allows customers to centrally monitor traffic flows between segmentation zones, validate Zero Trust controls, and automatically react to policy violations with restrictive controls, alerting and/or logging. This approach allows customers to implement enterprise-wide segmentation policies quickly and only target violations which eliminates disruption.


Orchestrating heterogenous enforcement solutions - Combined with eyeControl and eyeExtend, eyeSegment can orchestrate policy-based control actions across multiple segmentation enforcement points, such as next-generation firewalls, wired and wireless network infrastructure, software defined networking and cloud infrastructure, as well as agent-based segmentation technologies. This allows customers to choose best of breed options across their enterprise to carry out restrictive enforcement.


Announcing eyeSegment's launch, Michael DeCesare, Forescout Technologies' CEO and President, said:

"The demands on today’s security organisations are greater than ever before. Attackers are proving again and again their ability to take advantage of the dissolving network perimeter and move unrestricted across company networks.


"EyeSegment puts the security teams back in control. Understanding what is on the network is in our DNA, and we are now using that visibility-first approach to give our customers the edge against attackers with true, enterprise-wide network segmentation."


Anshul Sadana, chief operating officer at Arista Networks, added:

"Arista is leveraging our cloud networking principles to bring resiliency and automation to campus networks. The growth of IoT devices and proliferation of malware fundamentally impacts network operations, visibility and security in enterprise networks. The combination of Arista EOS® and CloudVision® for cognitive campus infrastructure and Forescout's device visibility and policy control will enable joint customers to implement enterprise-wide segmentation and fine-grained device control."


Nikhil Kelshikar, vice president of NSX product management for VMware, commented:

"VMware NSX micro-segmentation policies lock down critical applications to achieve Zero Trust level security in private and public cloud environments. We are excited about Forescout eyeSegment’s ability to dynamically group heterogeneous devices by business context and accelerate segmentation policy creation based on in-depth visibility of traffic flows between device groups regardless of connection point. Together, VMware and Forescout deliver comprehensive segmentation to achieve Zero Trust security for the entire corporate estate: from campus, including IoT and Operational Technology, to data centre and cloud environments."

Don O’Neil, director of cybersecurity and privacy consulting at PwC, added:  

"PwC helps customers architect, design and deploy networks with a business-centric, top-down approach to prevent the sprawl of inconsistent policies and solutions. In addition to Forescout’s enterprise scale device visibility, eyeSegment’s business context view of network communication patterns, and ability to simulate and refine segmentation policies before enforcement, are key capabilities that can help accelerate segmentation projects and further reduce risk for our clients."


 Frank Dickson, program vice president of security and trust at IDC, said: 

"Segmentation is the buzzword of the day, but how does one implement segmentation given the realities of IoT?


"Forescout is addressing the need with eyeSegment, which is an ‘easy button’ to start designing and planning enterprise-wide network segmentation. It allows organisations to create a baseline of what is communicating with what and helps make sense of the network chaos associated with the volume and diversity of connected devices."


Visit for additional information.









Article rating:

vote data

Leave a reply

Rushmore Primary School. (photo: )
Delta Security  - 12.02.2019, 08:07

Delta Secures a Local Primary School

UK high-security specialist Delta Security has installed a sophisticated 1080p HD CCTV system at the Rushmore Primary School in Hackney.

The Bridges Shopping Centre in Sunderland. (photo: Bowman Riley Architects)
FM Editor  - 15.04.2019, 10:47

OCS Achieves Success at Revo ACE Awards

OCS UK has been named "Top Scoring Service Supplier 2019" at this year's Revo ACE Awards which celebrate retail destinations and people that deliver a consistently positive experience for customers.

 (photo: )
FM Editor  - 01.05.2019, 09:05

Future-Orienting Building Systems

A new BACnet/IP automation station from Sauter interfaces with common field bus protocols, the IoT and Cloud storage solutions to facilitate the control of critical building systems.

 (photo: )
FM Editor  - 15.03.2019, 08:10

International Property Award for APAC House

Sodexo's APAC House regional headquarters building in Singapore has won an award in the Office Category of the 2019 International Property Awards.

 (photo: )
FM Editor  - 12.11.2019, 18:11

A Novel Access Control Concept

Allegion UK has unveiled the ISONAS Pure IP family of patented reader access controllers which utilise existing security networks to obviate the requirement for traditional door control panels.

 (photo: )
FM Editor  - 12.11.2019, 13:35

Focusing on Hidden Disabilities in Retail

A new initiative from OCS UK at centre:mk in Milton Keynes aims to make the shopping destination even more inclusive by meeting the needs of an estimated 18 per cent of visitors with a hidden...

 (photo: )
FM Editor  - 11.11.2019, 20:06

Aramark in Veterans Recruitment Drive

Following the involvement of its employees in activities to mark Veterans Day today, Aramark has announced it will be recruiting thousands of former armed services personnel in 2020.