This lab in its first module is designed to serve as a preconfigured environment for users to explore the Forescout Silent Defense product interface and operations at their own direction. WWT can provide a guided demo of the solution as well as coordinate a deep dive session with Forescout upon email request to the listed lab owners and creators for this deployment.
Forescout Silent Defense monitors span port traffic to monitor the ICS network. The network has no security controls. All traffic generated in the network is monitored and analyzed by Silent Defense. Silent Defense provides insight into the hosts in the network, their roles and their communications. Once traffic is baselined, new hosts or traffic baseline deviations will generate an alert.
This lab demonstrates the following Silent Defense features:
- Discover and identify ICS assets
- Map ICS network
- Baseline ICS traffic
- Generate alerts related to ICS assets/traffic
- Become acquainted with dashboard and reporting capabilities