This article was updated on October 7, 2019.
Without comprehensive, real-time visibility of industrial control system (ICS) networks, devices and process status, protecting control networks from cyberattacks and avoiding operational disruptions is a serious challenge. Over the last half-decade, Nozomi Networks has built a successful reputation providing a solution to this very problem by offering a non-intrusive, real-time monitoring and threat detection solution built for ICS.
Now, Nozomi Networks has extended the utility and reach of Nozomi Networks Guardian through an integration with the Palo Alto Networks Next-Generation Firewall (NGFW). Find out why Nozomi Networks chose to integrate with this leading firewall and how the companies’ offerings work in tandem to help bridge the IT/OT gap.
Why Nozomi Networks Chose to Integrate with the Palo Alto Networks Firewall
The Nozomi Networks solution is the most comprehensive passive ICS cyber security solution available, offering a base of proprietary and foundational technologies that comprehensively learn, model and analyze industrial control networks. When integrated with the Palo Alto Networks NGFW, it offers customers the ability to visualize and monitor deep into their industrial processes and applications. And, in concert with the Palo Alto Networks NGFW, organizations can segment OT networks and enforce cyber security policies to protect these essential infrastructure systems from successful cyberattacks.
The Nozomi Networks solution, including Guardian and the Central Management Console (CMC), arm the customer with application modules that map ICS network nodes and devices, identify cyber threats and assess risk in real-time. SCADAguardian’s hybrid ICS threat detection defends customers’ systems with behavior-based anomaly detection plus signature and rules-based threat detection. It also includes a powerful analysis toolkit with an easy-to-use query engine that speeds troubleshooting and forensic efforts.
Furthermore, the Nozomi Networks Open API and SDK support the seamless and secure integration that automated threat response and protection in ICS demands, allowing for dataflow between SCADAguardian and the Palo Alto Networks NGFW. This integration facilitates the continued move towards converged IT and OT architectures.
The Palo Alto Networks & Nozomi Networks Solution
The Palo Alto Networks and Nozomi Networks’ joint solution offers enterprise and industrial cyber security stakeholders a scalable cyber security solution that seamlessly bridges the gap between IT and OT operations.
Using the Palo Alto Networks API and the Nozomi Networks Open API, the solutions work in concert to extend threat detection, prevention and remediation actions beyond what was previously possible. In addition, both Palo Alto Networks and Nozomi Networks offer powerful threat hunting capabilities, allowing organizations to extend policy enforcement proactively.
With the Palo Alto Networks and Nozomi Networks integration, joint customers can be certain they can reliably implement our solutions and gain benefits such as hybrid ICS threat detection and real-time OT visibility.
Bridging the OT/IT Divide for Better Enterprise Cyber Security
Nozomi Networks’ Guardian and the CMC work in concert with existing security infrastructure to automatically monitor and detect cyberattacks, assess cyber risks and process anomalies in real-time. When coupled with the Palo Alto Networks NGFW, customers can extend the utility and reach of their cyber security to have a comprehensive and cyber resilient solution for visibility and automated threat protection across IT and OT.
To learn more about cyber security benefits of the Palo Alto Networks and Nozomi Networks integration, download the Solution Brief below.
Nozomi Networks / Palo Alto Networks Solution Brief
This brief explains:
- Overview of the joint solution
- Sample deployment architecture
- Power substation use case
- Process manufacturing use case
- Discrete manufacturing use case