New Anomaly Detection Accelerates OT and IoT Security

New Anomaly Detection Accelerates OT and IoT Security

At Nozomi Networks, we’re obsessed with customer experience and innovation. As co-founder, I’ve seen these two forces combine to create a leap forward for industrial cybersecurity.

Over the last year I’ve collaborated with security, OT and IT teams at dozens of large organizations around the world and seen firsthand how fast they are changing. They’re working hard to embrace the benefits of digital transformation while tackling the pressures of increased cyber threats.

Our customers’ dedication to these challenges has inspired us to come up with truly innovative solutions.

Network modernization is a great way to improve efficiency and productivity in every industry, from energy to biomedical. This evolution requires deep network visibility and event correlation capabilities.

Our engineers re-examined ways to provide better visibility and detection to OT networks and beyond. And, today I’m very proud to introduce our new adaptive learning technology. It brings industrial strength security and visibility to OT/IoT networks at a level never seen in our industry.

In version 20.0, the Nozomi Networks solution introduces groundbreaking anomaly detection for IoT devices, a new Asset Intelligence service, and up to 1000% higher performance.

New Anomaly Detection for IoT Devices Accelerates Incident Response

This groundbreaking IoT anomaly detection, leveraging our new adaptive learning technology, is designed to augment behavior-based learning to identify assets faster and detect alerts more accurately. Many assets, particularly IoT devices, are rapidly evolving, and are connected in one way or another to the most critical systems inside an organization.

For these reasons it’s mandatory to correlate visibility between every component of the network. For example, identifying a suspicious communication between the SCADA consumer and a critical PLC in your network is a fundamental monitoring capability.

Going a step further, detecting activity that occurred before the suspicious communication happened is value added information. This might include unauthorized access to the control room and a camera in that room that went offline. Understanding the broader sequence of events helps cybersecurity and SOC teams immediately take action to reduce risk.

On the other hand, dynamic environments require a solution that helps security teams stay focused on important incidents and not get overwhelmed by every change in the network. In most anomaly detection tools, basic actions like updating the firmware of a tablet in a plant can generate hundreds of alerts due to a benign behavioral change.

Our new v20 solution eliminates the alerts caused by such benign anomalies, helping your teams stay focused, and accelerating their response to valid alerts.

A new Asset Intelligence service continuously updates our adaptive learning technology, sustaining accurate inventory and anomaly detection over time. It includes rich profile and behavior data for millions of devices. This information is based on our analysis of assets in use at thousands of sites around the world, and ongoing research at our test lab.

In addition to highly accurate behavioral monitoring and anomaly detection for OT, IoT and IT assets, v20’s new anomaly detection capabilities provide:

  • Precise asset identification in dynamically changing environments
  • Persistent asset awareness, even if an IP address changes
Nozomi Networks v20 new IoT anomaly detection
Nozomi Networks v20 new IoT anomaly detection combines our newly invented adaptive learning with our Asset Intelligence service for precise asset inventory and accelerated incident response.

New Cloud-based Central Management Console

Looking back, we pioneered our customers’ migration to the cloud beginning with the release of a centralized monitoring appliance on Amazon AWS in 2017. Today, our Central Management Console also supports Microsoft Azure, giving you:

  • The ability to centrally manage assets distributed across a region or around the world
  • Anywhere, anytime OT and IoT visibility and monitoring
  • The flexibility to deploy your SOC in the cloud or across a multi-cloud environment

New High-Performance Appliances for Today’s Enterprise OT and IoT Networks

I’m also thrilled by the speeds and feeds of our new v20 line-up of appliances. We have dramatically improved performance to meet the needs of vast, dynamic networks of IoT devices, and the very large installations of our global customers.

At the top end, we have new physical appliances that protect up to 500,000 nodes with a single device.

We’ve also upgraded the performance of our existing physical and virtual appliances, so they deliver up to 1000% faster throughput and up to 667% higher node protection capacity.

And, we’ve introduced a new portable appliance (with a cool carrying case) that makes it easy to analyze OT and IoT security at isolated or remote sites.

All-in-all we’re introducing seven brand new appliances and upgrading ten others – meaning we have appliances to meet any deployment scenario you can throw at us.

“The lines between cyber and physical systems are blurring as IT, OT and IoT networks and devices are increasingly interconnected. Nozomi Networks offers a unified approach to network visibility and cybersecurity in one solution. A new option to run Nozomi Networks Central Management Console in the cloud gives security teams an easy way to deploy a single dashboard view and control for all of their global industrial and OT sites.”

Andrea Carcano, Co-founder and Chief Product Officer, Nozomi Networks

Enterprise-scale OT and IoT Security and Visibility

The biggest driver for the rapid change in cybersecurity practices that I’ve seen firsthand is the need for large enterprises to tackle escalating cyber risks. Boards, CEOs and CISOs are pushing their teams for better risk oversight, while at the same time demanding digital transformation for competitive differentiation.

With our v20 release, we’re demonstrating our strong commitment to advancing OT and IoT security and visibility at scale, and helping customers meet both their security and business objectives.

To learn more about our v20 release (there’s lots of other good stuff I didn’t get to here), don’t miss the upcoming webinar shown below.

Existing customers contact their Nozomi Networks Sales Director for more information.