Advance IT / ICS Cyber Security with Nozomi Networks and Fortinet

Advance IT / ICS Cyber Security with Nozomi Networks and Fortinet

This article was updated on October 9, 2019.

In the future, an organization’s cyber security strategy will largely be defined by how well both OT and IT networks can integrate to bring improved vigilance, visibility and protection. In today’s connected world this is more important than ever.

Recently, Nozomi Networks had the privilege of speaking at the 2017 Fortinet 361 event in Vienna, Austria, where IT / OT cyber resilience was a hot topic. I was pleased to discover that many attendees were interested in Fortinet’s commitment to OT (Operations Technology) and ICS (Industrial Control Systems) cyber security. They were also eager to learn how Nozomi Networks is helping Fortinet extend their security offering into the industrial realm with our technology.

As you may know, many enterprise organizations which have at least some of their infrastructure operated by OT networks, are concerned about cyber security. Industrial Control Systems (ICS), including the ones listed below, have increasingly come under attack:

  • Supervisory Control and Data Acquisition (SCADA)
  • Programmable Logic Controller (PLC)
  • Programmable Automation Controller (PAC)
  • Distributed Control Systems (DCS)

It is becoming more important than ever for enterprise cyber security strategies to include an integrated OT/ICS approach. This escalating need is why Nozomi Networks has partnered with Fortinet as part of the Fortinet Security Fabric offering.

What makes Nozomi Networks special and why has Fortinet chosen us as a partner? The answer is three-fold.

1. Passive ICS Threat Detection Seamlessly Integrated with Active Firewalls

First, the Nozomi Networks solution, composed of Guardian and the Central Management Console (CMC), is a non-intrusive and comprehensive ICS cyber security solution. Fortinet utilizes Guardian as a passive, yet discerning and dissecting solution to extend its Security Fabric to ICS networks and applications.

Guardian works in direct concert with Fortinet by transferring alerts generated for identified cyber threats to Fortinet’s FortiGate, automatically triggering policy changes and proactive remediation responses.

Since the Nozomi Networks solution integrates seamlessly with Fortinet assets and devices, ICS practitioners and security stakeholders can leverage Guardian’s automated vulnerability assessment and smart incident correlation capabilities within their IT cyber security infrastructure. This provides unparalleled threat, risk and anomaly detection for assets within their OT/ICS deployments

2. Unparalleled Operational ICS Visibility

Second, the Nozomi Networks solution provides excellent visibility of ICS networks in real-time. With rich functions like auto-discovery and mapping of devices, as well as automated identification of connections and vulnerabilities, it is easy to visualize and drill-down to potential threats within the ICS network.

When integrated with the Fortinet Security Fabric, large, geo-distributed enterprises can extend their visibility and monitoring strategies from the IT realm into the OT environment.

As part of the Fortinet Security Fabric, Guardian’s operational ICS visibility capabilities are helping stakeholders significantly reduce mitigation, troubleshooting and forensic efforts related to threats and process anomalies.

3. Proven in Large-Scale Deployments

Last, but certainly not least, the Nozomi Networks solution is tested and proven at the enterprise level. Guardian and the CMC are highly flexible and scalable, and can support thousands of industrial sites. In addition, Guardian can be deployed virtually and physically. We offer various Guardian appliance options that fit various computational form-factor requirements, providing the ICS thread to Fortinet’s Security Fabric no matter the industry or application.

Sample Fortinet / Nozomi Networks application architecture
This is a sample Fortinet / Nozomi Networks application architecture, illustrating how Guardian appliances (blue logo) integrate with Fortinet products, providing comprehensive ICS cyber security

Integrated IT / ICS Cyber Security is Here Today

I was excited and encouraged by the conversations, as well as the interest in ICS cyber security, at Fortinet 361 in Vienna. It was clear that stakeholders across the IT and OT divide are converging to agree on both the importance of OT/ICS cyber security, as well as the methods of achieving maximum protection.

If you are among the many stakeholders directly responsible for, or effected by cyber security policy within your organization, check out the resources available below. They include a joint solution brief as well as my slides from our talk at the Fortinet 361 event. Don’t miss finding out how Nozomi Networks and Fortinet are working together to help you advance your OT / ICS cyber security program.