Note: on July 23rd 2019, SCADAguardian was renamed Guardian, and SCADAguardian Advanced was renamed Smart Polling.
Large organizations utilize a variety of technologies and solutions to create cyber resiliency, an important part of the best practice known as Defense in Depth. But, using disparate systems can actually result in increased security exposure and risks, and slower response to threats.
A few years ago, Cisco began working with the best and brightest minds around the world to address this issue. This led to the creation of their security technology program, which included an open platform for collaboration called the Cisco Security Technology Alliance (CSTA).
Nozomi Networks has integrated its ICS security solution with the CSTA to deliver comprehensive operational visibility and cyber security across IT/OT networks. Together, we provide real-time monitoring and threat detection that streamlines security policy management & enforcement, and speeds incident response.
By integrating the Nozomi Networks solution with Cisco technologies, manufacturers and other industrial operators benefit from comprehensive IT / ICS security.
Nozomi Networks Integrates with Cisco Security Policy Platform and Devices
The CSTA provides an environment for leading security solution providers like us to integrate with Cisco APIs and SDKs across the Cisco security portfolio.
Nozomi Networks kicked off our membership in CSTA with security integration for Cisco’s Identity Services Engine (ISE).
The Identity Services Engine (ISE) is a security policy management platform that helps organizations manage users and devices on business networks. Sharing contextual usage data amongst IT systems and solutions makes it much easier to enforce policies for resource access, and more.
Unified IT / ICS Security Policy Management, Monitoring and Incident Response
Today, enterprise security extends beyond business networks to include operational technology (OT) environments. The Nozomi Networks solution adds deep OT visibility and threat detection to Cisco’s security platform, for integrated IT/OT security monitoring, policy management and incident response.
For example, Cisco’s ISE provides network access control and creates profiles for devices connected to the ICS network. The Nozomi Networks solution passively analyzes network traffic and collects information about endpoints to enhance OT visibility. The systems exchange bidirectional information as follows:
- ISE provides additional asset details gathered from endpoint supplicants to enhance Nozomi Networks asset inventory. Similarly, ISE uses SCADAguardian information to build out more robust device profiles.
- SCADAguardian provides ISE with MAC information, enabling enhanced MAC allowlist for OT networks.
- SCADAguardian provides ISE with information that assists in changing authorization rules, such as modifying security group tags, applying downloadable ACLs to switchports, changing the VLAN, etc.
The Nozomi Networks solution provides OT asset details to Cisco’s ISE and vice versa, delivering integrated IT/OT visibility.
The Nozomi Networks solution also provides joint customers with:
- OT network visualization – for situational awareness and fast troubleshooting
- Operational visibility – for real-time OT network monitoring
- OT cyber security – for rapid, OT-specific threat detection and incident response
Integrated IT-OT Security Infrastructure Reduces Corporate Risk
Membership in CSTA allows us to better support our customers’ adoption of an integrated IT-OT security infrastructure. As more and more organizations move towards enterprise-wide cyber security management across business and industrial networks, our integrated solution provides the visibility and cyber resiliency they’re looking for.
Related Content to Download
WHITE PAPER
“Advancing ICS Visibility and Cyber Security with the Nozomi Networks Solution”
[ezcol_1third]
[/ezcol_1third]
[ezcol_2third_end]
Read this document to learn how the Nozomi Networks solution:
Improves network and operational visibility for ICS
Detects ICS cyber and process risks
Facilitates rapid threat response
Enables enterprise-scale OT risk monitoring
Uniquely provides superior visibility and threat detection
[/ezcol_2third_end]
Related Links
Cisco Materials
- Cisco Blog: Securing Critical Infrastructure in the Digital Age
- Cisco Blog: How Alliances Strengthen Your Cybersecurity Defenses
- Cisco Blog: The Security Seven: 7 Ways to Defend Your Factory from Today’s Threats
- Cisco.com: Identity Services Engine
Nozomi Networks Materials
- Data Sheet: Nozomi Networks Guardian
- Data Sheet: Nozomi Networks Central Management Console (CMC)
- Executive Brief: Business Leaders Need to Quickly Shift Focus to Industrial Security
- Case Study: Enel Secures Global Power Distribution Network
- Blog: Black Hat – Understanding TRITON, The First SIS Cyber Attack
SVP of BD and Alliance, Nozomi Networks
Chet brings passion and the wisdom of almost three decades of cross-functional, multi-industry experience to his role as VP of WW Business Development and Channel Sales. He draws on his deep expertise within industrial automation and control systems (IACS), operational (OT) networking and manufacturing technologies to lead Nozomi Networks’ business and technology partnering strategy and relationships.
Prior to Nozomi Networks, Chet directed sales, business development, solution architecture and industry marketing teams at Cisco Systems, achieving worldwide market leadership for IACS and OT networking infrastructure within the manufacturing sector. He previously managed product P&L growth, share and profitability within GE’s industrial, power, lighting and controls businesses.
Chet holds a Master’s from Virginia Tech and a Bachelor’s in Mechanical Engineering from Clemson University.
Podcast – The Power of Partnerships: Taking OT Cybersecurity to the Next Level