Nozomi Arc: Endpoint Security Built for High Availability Environments

Extend visibility and protection across endpoint attack surfaces in your operational environment.

The industry’s first endpoint security solution specifically designed for OT and IoT environments.

Arc screenshot

The Nozomi Arc endpoint sensor provides enhanced data collection and asset visibility for Windows, Linux and MacOS endpoints in operating environments. Arc identifies endpoints compromised by malware, rogue applications, unauthorized USB drives or suspicious user activity.

Product Overview

Detect and Defend Against Malicious and Compromised Endpoints and Insider Attacks

Increasingly accurate and more detailed asset information

An endpoint sensor can identify more relevant cybersecurity details than what can be learned from traffic monitoring and remote polling alone, including monitoring log files, user activity and USB drives.

No externally initiated polling requests

Many endpoints sit behind firewalls that block such externally initiated connection requests. Nozomi Arc allows endpoints to initiate all data collection and send data upstream.

Continuous monitoring

Even when the device is not sending or receiving traffic, Nozomi Arc can provide continuous visibility and monitoring since the sensor resides on the host.

Immediate visibility into asset changes and details

By residing directly on the host, any interesting changes in asset configurations, behavior, or traffic can be immediately identified.

Monitoring offline assets

Discover additional assets on the network that may not be visible to local Guardian sensors for a more complete network visibility and analysis.

More efficient data collection, reduced impact on system resources

Customers can flexibly select the depth of visibility collected and the amount of system traffic generated.

Awards & Recognition

SNEAK PEEK

Watch our demo video

Play button

Why Nozomi Arc?

Custom-built to meet the unique requirements of OT and industrial environments, Nozomi Arc is the only solution that provides continuous visibility to key endpoint attributes.

Nozomi Arc
Other Endpoint Agents
Threat detection and deeper asset visibility
Support for Windows, MacOS, Linux
Automated installation
Additional features (SIGMA rules, Windows Registry monitoring, USB threats, etc.)
User activity correlation

Nozomi Arc Endpoint Sensor

Threat detection and deeper asset visibility
Support for Windows, MacOS, Linux
Automated installation
Additional features (SIGMA rules, Windows Registry monitoring, USB threats, etc.)
User activity correlation

Other Endpoint Agents

Primarily an asset visibility feature
Windows only
Do not scale beyond a few dozen devices
No additional features
No User ID visibility

Nozomi Arc vs. Other Endpoint Security Agents

Sample Deployment Architecture for Nozomi Arc and Arc Embedded

Nozomi Arc sensors are an endpoint executable that runs on either Windows, Linux or MacOS hosts in mission critical networks. Nozomi Arc can easily scale to accommodate large multi-site enterprise networks, while minimizing management overhead, impact on host resources and potential security and access concerns. Nozomi Arc  is the ideal complement to Guardian sensors to identify additional assets on the network. Data collected can be sent to Guardian or Vantage cloud for analysis and reporting.

Nozomi Arc accelerates time to resiliency and scales to fit any enterprise.

Arc diagram with embedded
Arc embedded icon

Meet The World’s First Security Sensor Embedded in ICS

Arc Embedded transforms existing industrial control systems into Secure-by-Design assets, offering a fully integrated security layer from an independent vendor that delivers robust, comprehensive protection for today’s in-production systems.

With Arc Embedded, security and operations teams gain previously unavailable visibility into important enhanced data, from within industrial control systems such as PLCs, and the field assets controlled by those PLCs, such as:
  • Updates to PLC endpoint status, including software and hardware inventory, vulnerability details, resource utilization and performance data
  • Physical access to the PLC, including user login data, USB peripheral usage, files transferred, etc.
  • Updates to PLC operational status and changes, including PLC running state and programming changes like ladder logic changes
  • Operational and protocol information from field assets connected to the PLC backplane
Learn More

Take the next step.

Discover how easy it is to identify and respond to cyber threats by automating your IoT and OT asset discovery, inventory, and management.