Edge Partner Ecosystem

Nozomi Networks accelerates digital transformation by protecting the world’s critical infrastructure, industrial and government organizations from cyber threats. Our solution delivers exceptional network and asset visibility, threat detection, and insights for OT and IoT environments. Customers rely on us to minimize risk and complexity while maximizing operational resilience. Nozomi Networks tracks device vulnerabilities through its asset discovery and asset intelligence capabilities. We are aware of key asset attributes including OS and firmware patch levels and which CVE’s are applicable. Furthermore, we can assess and assign risk to each vulnerability by severity and number of assets to prioritize risk reduction efforts. The solution employs multi-faceted capabilities to identify threats through built-in behavior-based anomaly detection and contextual threat information. The Nozomi Networks platform detects threats by monitoring network traffic (network-based sensors) and provides detailed threat information based on: Yara rules, packet rules, STIX indicators, threat definitions, various threat knowledge bases and vulnerability signatures. With greater insight and analytics thanks to Nozomi’s AI/ML-based architecture, our platform can provide the greatest vigilance against potential security threats today.

Guardian: Industrial Strength OT and IoT Network Security and Visibility Software.

Remote Collector: Low-Resource Software for collecting and monitoring network traffic in distant and distributed locations.

Network-based + Endpoint Sensors - Nozomi Networks has established itself with the broadest sensor portfolio and direct visibility to all major attack surfaces in the industry. We have unified network–based monitoring and traffic visibility with endpoint sensors which gives us a combined perspective on each device as well as what’s happening in the network. Other solutions either offer only one or the other, or place a strong emphasis on one over the other. 

Passive + Active Security - Historically, OT/ICS security solutions were designed as passive monitoring solutions, meaning they were non-disruptive, low-impact services to very sensitive, mission-critical environments. IT security solutions tend to be much more invasive, active, or resource intensive by comparison. Where is might be possible to scan a network for attached devices, such behavior would not be prudent in a mission-critical operational network. However, as industrial requirements evolved, there is a need for a combined passive and active approach. Nozomi Networks offers the most flexibility in how data is collected to optimize the visibility needed on each asset, along with minimizing the impact on the operational network. We do this through a range of features including Smart Polling and the Arc endpoint sensor. No other solution is proven at scale across some of the largest customers in the world as Nozomi Networks. The architecture of our system provides us a huge advantage in multi-site, high-traffic environments, from our cloud-scale elasticity, to high-throughput sensor designs and a wide range of dedicated hardware appliances to deliver the performance needed. Some of the unique features of the Nozomi Networks platform include: 

• Workbooks - We determine risk scores across assets and vulnerabilities to prioritize remediation efforts, showing which vulnerabilities affect the most devices against realistic attack scenarios. 

• Playbooks - When it comes to incident response and remediation, the Nozomi platform helps prioritize and guide remediation efforts through playbooks (threat detection and incident response processes). Playbooks track remediation efforts to improve communication across teams and accelerate mean time to repair. 

• Content Packs - Remove the overhead and time of configuring your Nozomi Networks platform for a particular use case, threat or compliance initiative. Content Packs are readily available for most common issues and emerging threats to provide specific insights to your specific environment. Freely downloaded from Nozomi Networks or public share sites, get immediate reports for challenges such as Industroyer2 vulnerabilities, IEC 62243 compliance, and more. Content packs can customize dashboard layouts for different use cases or security issues/compliance efforts. 

• Time Machine - Time Machine helps forensic research and allows users to replay network events around an incident to help isolate the root cause and visualize the impact to reduce Mean Time to Repair (MTTR).

• Smart Polling is an optional asset reconnaissance feature that proactively checks devices and gathers critical endpoint information based on pre-defined polling policies. Smart polling can greatly increase asset visibility both in terms of attribute details and when data is collected without disrupting sensitive networks. Combining passive asset discovery and Smart Polling provides the best and most accurate sensing and data capture possible.

San Francisco, CA