Top Five Global Airport Improves Visibility and Security

The Customer: Top 5 Global Airport

This global airport is located in the EMEA region and has over 90,000 employees.

How Does a Top Global Airport Gain Visibility Across Diverse OT and IoT Systems?

Airports are under tremendous pressure to secure highly diverse and dispersed networks from cyberattacks and incidents that could disrupt passenger services and operations. While this global airport was not directly required to comply with cybersecurity regulations, it wanted to measure up to industry best practices to ensure safety and security across their enormous threat landscape.

‍

Protecting the airport’s core operations required improved visibility across a complex and diverse mix of OT and IoT systems with high volumes of endpoints and network traffic. Another key priority was to improve security analysis and decision making through the integration of operational and security information into the data lake/SIEM. The airport included 20 separate systems containing >100,000 nodes with various protocols and integrations into third-party systems. To achieve their security objectives, the airport was looking for an open platform visibility and security solution that could scale across a huge environment and integrate with the data lake.

A Highly Scalable Solution That Provides Visibility into Core Operations and Seamlessly Integrates with IT Infrastructure

When looking for a solution, the airport ran a proof-of-concept play-off with two other vendor offerings and quickly realized that Nozomi Networks would best fit their needs. “Guardian worked out of the box, and produced results in only a few hours. It was quickly evident that it was able to meet our requirements, which were very much in the identify phase of our OT security journey, and accompanied with excellent local support.”

‍

Close to 20 Guardian sensors and multiple Central Management Consoles (CMCs) were deployed across three terminals, creating unified visibility into core airport OT and IoT systems, including the airport's building management system, CCTV, emergency and fire alarm systems, x-ray, AirOS, baggage handling system, public address system, gate operating systems, and catering systems. The solution was delivered locally, scaled across an enormous environment, and integrated with the airport’s data lake.

‍

Even with multiple proprietary systems, Nozomi Networks supplied data flow diagrams, revealing communications between systems, and detecting anomalies. Thanks to its powerful ad hoc query tool, Nozomi Networks added custom rules to provide alerts and actionable insights so the airport could mitigate cyber and operational threats before they caused harm.

‍

Nozomi Networks utilized industry-leading integrations with SIEM and SOC systems to bring missing operational data and contextual information into the airport’s IT infrastructure for faster, more comprehensive risk reduction and incident response.

‍

Unified Visibility Across Complex Environments and Improved Security Decision Making

The deployment of Guardian generated an interactive network visualization map that displayed a consolidated view of the airport’s core systems, reducing time to visibility by 90%. Using the Nozomi Networks solution, the customer was able to normalize operational data and integrate it into their data lake. As a result, the customer was able to run analytics using comprehensive data for better decision making.

‍

The airport was able to ensure security and improve KPIs with a scalable solution that provides visibility, assesses vulnerabilities detects malware and gives advance notice of disruptions. The Nozomi Networks solution enabled this top 5 global airport to manage cyber risk while innovating and adding new technologies.