Speeding IT Visibility into OT: New Integrations with Fortinet

Speeding IT Visibility into OT: New Integrations with Fortinet

Fortinet and Nozomi Networks achieved another partnership milestone with two new integrations that deliver full security visibility and management across IT and OT environments. With comprehensive integrations for FortiNAC and FortiSIEM, in addition to the existing FortiGate integration, we’re helping eliminate the gap between IT and OT.

As IT and OT networks become more interconnected, the attack surface for cyber threats expands, creating more risk. The Fortinet / Nozomi Networks integrations deliver visibility into every asset on the IT/OT network – meaning no more blind spots.

They also provide the ability to control access at the switch or device level, not just at the firewall. This allows industrial operators to streamline access control processes and accelerate incident response thanks to a centralized view of all assets and alerts.

Expanding Our Joint Offering for Full Security Visibility and Management

In 2016, Nozomi Networks and Fortinet collaborated on the creation of an industrial cyber security solution combining non-intrusive detection of OT security issues with proactive threat remediation and containment.

The first solution released was for FortiGate next-generation enterprise firewalls that protect networks from attacks. The offering integrated the Nozomi Networks solution, backed by our in-depth understanding of ICS (industrial control system) networks, protocols and device behavior, with Fortinet’s FortiGate industrial firewall for OT/ICS/SCADA systems.

As the convergence of IT and OT networks accelerates, we see a greater need for centralization of IT and OT information. The FortiGate integration provides industrial operators with the ability to automate incident response in their OT environments. When alerts are raised in Nozomi Networks, customers can choose response actions such as “kill suspicious session from the firewall.”

While speeding up incident response and reducing containment efforts was well received by our joint customers, it was clear that we needed to further integrate our two product sets to provide a holistic security solution.

We’re excited to announce the next step in our partnership with Fortinet – with two new integrations for FortiNAC and FortiSIEM.

FortiNAC for Full Asset Visibility and Access Control

FortiNAC is a network access and control solution that helps operators secure IoT devices on wireless and wired networks.

By leveraging the Nozomi Networks solution’s deep OT asset information, FortiNAC customers can supplement their IT asset inventory with full profiling for every asset within the OT environment. This new functionality allows FortiNAC to leverage the Nozomi Networks solution as an OT device visibility platform.

Pulling in asset information gathered from OT networks will provide full profiling capability for every asset located within the OT environment. This gives FortiNAC a unified view of all the assets in their IT and OT networks. Additionally, all alerts generated by the Nozomi Networks solution are mapped with FortiNAC to provide customer alerts plus automated device control and threat response.

Fortinet / Nozomi Networks Capabilities
The integrations between Fortinet FortiNAC, FortiSIEM and FortiGate, and Nozomi Networks Guardian deliver exceptional visibility and cyber security across IT and OT.

FortiSIEM for Cross-Correlation Across IT and OT

The FortiSIEM security information and event management technology provides visibility, correlation, automated response and remediation in a single solution.

By continuously monitoring data from ICS networks, the Fortinet / Nozomi Networks integration enables operators to obtain real-time intelligence about OT risk and correlate it with other threat information from their IT networks. It allows FortiSIEM to unite IT and OT data for complete visibility that provides security operations centers and incident responders with complete, comprehensive, and global access to alerts.

The Nozomi Networks solution prioritizes alerts based on risk by using a combination of machine learning and threat intelligence. FortiSIEM combines this data with IT network data for comprehensive IT/OT visibility. It can open incident tickets for investigation and even automate response and remediation, all in a single, scalable solution. We believe that reducing the complexity of network and security operations management and improving breach detection through the integration with FortiSIEM will be extremely valuable for industrial organizations.

Nozomi Networks and Fortinet Are Eliminating the Gap Between OT and IT

The combined intelligence provided by the integration of FortiSIEM, FortiNAC, FortiGate and Nozomi Networks eliminates network blind spots and allows for unified and automated threat response capabilities beyond traditional IT environments into OT environments.

The innovative integration between the Nozomi Networks solution and Fortinet’s industrial security products provide IT/OT networks with one of the most comprehensive visibility and cyber security solutions available today.

For more information on the integration between Nozomi Networks and FortiNAC, FortiSIEM and FortGate, please watch the video below or contact us.