Control.com

Phoenix Contact and Forescout Partner to De-risk the IT/OT Network Systems

By integrating edge networking and OT threat detection, Phoenix Contact and Forescout aim to de-risk converged IT/OT systems.

News January 07, 2026 by Stephanie Leonida

Forescout Technologies and Phoenix Contact USA are integrating their respective technologies—the Phoenix Contact’s EP Raptor Series of industrial switches and operational technology threat tracking and detection capabilities of the Forescout 4D Platform—offering a powerful, cyber-secure solution at the edge, one which supports compliance to top-tier standards (NERC CIP and IEC 62443) while providing a defense-in-depth framework that can identify, target, and defend against cyber threats before they compromise the safety and performance of industrial operations.

 

The EP 7200 managed switches can support up to 32 ports with static routing.

The EP 7200 managed switches can support up to 32 ports with static routing. Image used courtesy of Phoenix Contact

 

Ransomware Threats

A national security report by KELA Cyber, “Escalating Ransomware Threats to National Infrastructure,” found that nearly 50% of ransomware attacks targeted critical infrastructure sectors, including healthcare, transport, manufacturing, energy, and finance.

KELA Cyber is a global cybersecurity threat intelligence firm dedicated to sourcing intelligence from the Dark Web where cybercriminals operate, providing businesses, organizations, and governments with important data and insights to help defend against potential cyber threats.

KELA’s report highlighted the U.S. as a hot spot for cyberattacks targeting critical infrastructure, accounting for 21% of global attacks in 2025. The report tallied 4,701 ransomware incidents between January and September 2025, representing a 34% year-over-year increase. Among the most severely affected critical infrastructure sectors, manufacturing took a major blow, with 838 incidents (up from 520). One infamous attack involved the global shutdown of Jaguar Land Rover. The Manufacturing sector in the U.S. (along with other critical infrastructure) is a key foundation of the nation’s economy. Manufacturers need to shore up their defences by upgrading to unified, secure system architectures to help identify cyber threats and prevent potential attacks.

 

IT/OT Convergence

The convergence of information technology and operational technology within manufacturing systems creates vulnerabilities that could be exploited by threat actors (people, groups, or entities that instigate cyber attacks).

Manufacturing organisations lack visibility of networked systems (including hardware and software) and defensive strategies to mitigate the risk of cyber attacks. Outdated, security-poor legacy systems require updating and optimizing to withstand cyber threats.

Particular IT/OT Convergence vulnerabilities include unmanaged devices and fragmented toolchains. A fragmented network of devices means poor visibility. In fragmented systems (particularly legacy), unmonitored and unmanaged devices can leave gaps for hackers to exploit, including a lack of monitoring, weak encryption, inconsistent patching, and poor authentication. There is a need for secure and efficient networked IT/OT systems to support critical infrastructure.

 

Forescout provides an overview of the need for comprehensive Cyber Threat and Exposure Management. Video used courtesy of Forescout Technologies

 

The Forescout 4D Platform

Forescout’s modern industrial cybersecurity platform, Forescout 4D, identifies and classifies managed and unseen assets across IT, IoT, IoMT, OT/industrial control systems. Key features include a centralized policy engine, policy-based decision sharing between systems for proactive and responsive security measures, and a central dashboard for visualizing analytics data, providing important insights concerning anomalous behaviours, potential threats, risks, and compliance state.

The automated asset management offered by the Forescout 4D platform removes blind spots that threat actors could use by identifying and authorizing each device within integrated industrial systems. The technology prevents a typical IT breach from spreading to the manufacturing floor by directing your firewalls to routinely isolate vulnerable IT assets, effectively terminating the "kill chain" before an attack reaches PLCs or causes an unexpected shutdown.

The system tactfully monitors inter-device communication using deep packet inspection (DPI) across more than 250 industrial communication protocols. Such monitoring eliminates the visibility gap for the myriad devices on the shop floor, including the potentially vulnerable ones that need careful monitoring and upgrading. The Forescout 4D platform uses threat indicators specific to industrial control systems to detect anomalies, operational errors, and cyberattacks.

The platform is compliant with important laws and frameworks: NERC CIP (Critical Infrastructure Protection), EU NIS (Network and Information Systems) Directive/NIS2, NIST (U.S. National Institute of Standards and Technology) CSF, and IEC 62443 (the technical framework for OT).

 

Phoenix Contact and Forescout

Phoenix Contact’s EP Raptor Series industrial network switches feature VLAN functions, which segment large networks into smaller subnetworks to reduce traffic and enhance security. Customers can monitor hardware changes with syslog support and user authentication. Network security is managed using IPsec, NAT, and an in-built firewall. The EP Raptor switches (both EP 7400 and EP 7500 models) are configurable with the ability to add communication (up to four) and supply modules (up to two) as required. The Raptor switches are highly resilient against external electromagnetic interference, vibrations, extreme temperatures (-40° C to +85° C), and shock, making them robust options for industrial settings. Customers can increase the port number and add SFP (Small Form-factor Pluggable) modules to suit speed and other network performance needs. This modular nature allows users to adapt to energy management demands, reduce operational costs, and lower the cost of ownership.

The Raptor's ability to operate at the Data Link Layer (Layer 2) and the Network Layer (Layer 3) means that it acts as a multiple-point sensor for detecting potential security issues and a proactive enforcement point, taking command from the Forescout platform and automatically shutting down ports leading to infected devices. In this way, the Raptor-Forescout 4D Platform integration enhances visibility into industrial IT/OT systems, helping secure critical infrastructure against the ever-increasing threat of cyberattacks.

Related Content

Introduction to Machine Vision
Introduction to Machine Vision
industry white papers
Introduction to Industrial Barcode Reading
Introduction to Industrial Barcode Reading
industry white papers
The Power of CAN Partial Networking
The Power of CAN Partial Networking
industry white papers
Introduction to Industrial Network Gateways
Introduction to Industrial Network Gateways
Technical Articles
Capturing Edge Data Through Cellular Networks
Capturing Edge Data Through Cellular Networks
industry white papers
An Introduction to Track Conveyance Systems
An Introduction to Track Conveyance Systems
Technical Articles
Industrial Cabling Solutions: HELUKABEL Acquires EKD and Sangel
Industrial Cabling Solutions: HELUKABEL Acquires EKD and Sangel
News
Control eBook: The Guide to Digital Multimeters
Control eBook: The Guide to Digital Multimeters
industry white papers

Learn More About

Cyber Security cyber attacks IT systems IT/OT cybersecurity management software

You May Also Like