Forescout Silent Defense Industrial Control System Security Demo

1 Launch
Solution Overview
SilentDefense is a non-intrusive network monitoring and situational awareness platform that provides in-depth visibility and cyber resilience for industrial control systems (ICS) and SCADA networks.

SilentDefense protects ICS/SCADA networks from a wide range of threats. It combines patented anomaly detection and deep packet inspection (DPI) with a library of over 2,400+ ICS-specific behavioral checks and a continuously growing library of 3,500+ IoCs to protect asset owners from advanced cyberattacks, network misconfigurations, and operational errors.

SilentDefense natively interfaces with enterprise systems such as SIEM, firewalls, IT asset management, malware analysis, authentication servers and third-party platforms.

Goals & Objectives

Forescout Silent Defense monitors span port traffic to monitor the ICS network. The network has no security controls. All traffic generated in the network is monitored and analyzed by Silent Defense. Silent Defense provides insight into the hosts in the network, their roles, and their communications. Once traffic is baselined, new hosts or traffic baseline deviations will generate an alert.

This lab demonstrates the following Silent Defense features:

  • Discover and identify ICS assets
  • Map ICS network
  • Baseline ICS traffic
  • Generate alerts related to ICS assets/traffic
  • Become acquainted with Dashboard and Reporting capabilities

Hardware & Software

1 x Forescout Silent Defense
3 x Ubuntu Linux hosts
1 x Debian Linux host