Select Page

Real-time ICS Cyber Security and Operational Visibility

 Complete Cyber Security and Visibility For ICS Environments

Guardian™ protects control networks from cyberattacks and operational disruptions by providing complete ICS visibility and security in a single solution.

Its advanced technology automatically maps and visualizes your entire industrial network, including assets, connections and protocols. Guardian monitors network communications and behavior for risks that threaten the reliability of your systems, and provides the information you need to respond quickly.

Available as a passive monitoring solution, or low-impact active solution with the Smart Polling™ add-on, Guardian allows you to choose the asset discovery approach that best fits your organization.

Immediately Visualize Your Industrial Network

Real-time Network Visualization

  • Improves system awareness and understanding of network structure and activity
  • Displays key information such as traffic throughput, TCP connections and protocols used between nodes and zones
  • Speeds incident response and troubleshooting efforts

Flexible Navigation and Filtering

  • Shows macro views plus detailed information on endpoints and connections 
  • Filters by subnets, network segments, and topologies

Click to enlarge.

Click to enlarge.

Automatically Track Your Industrial Assets

Up-to-Date Asset Inventory

  • Advances cyber resiliency and saves time with automated asset inventory

  • Provides detailed and verified asset information

  • Identifies communicating assets using built-in passive network monitoring

Enhance Asset Tracking with Smart Polling Add-on Module

  • Discovers silent and rogue assets with active discovery
  • Includes firmware versions, patch levels and more

Continuously Monitor Your Network and ICS

Comprehensive Cyber Security and Reliability Monitoring

  • Improves network security and productivity through dashboards, charts and queries relevant to your organization
  • Monitors assets from all vendors and network communications

Clear Presentation of Key Metrics

  • Displays summarized data related to alerts, incidents, vulnerabilities, etc.
  • Includes indicators of reliability issues such as unusual variable values

Easy Access to ICS Data

  • Summarizes ICS risk information for selected date and time ranges
  • Supports drilldown on visual indicators for detailed information
  • Queries any aspect of your network or ICS performance, reducing data collection and spreadsheet work

Click to enlarge.

Click to enlarge.

Quickly Detect Threats to Your ICS or SCADA System

Up-to-the-Minute Threat Detection

  • Identifies cyber security and process reliability threats in real-time
  • Detects attacks in process, early stage advanced threats and cyber risks
  • Blocks attacks when integrated with compatible firewalls

Best-in-Class ICS Threat Detection

  • Uses anomaly and signature-based threat detection for comprehensive risk detection
  • Ensures current monitoring when integrated with an OT ThreatFeed™ subscription

Rapidly Identify Your Vulnerability Risks

Automated Vulnerability Assessment

  • Identifies which vendors’ devices are vulnerable
  • Utilizes the U.S. government’s National Vulnerability Database (NVD) for standardized naming, description and scoring

Efficient Prioritization and Remediation

  • Speeds workflows with vulnerability dashboards and drilldowns
  • Addresses questions like “Do certain devices have vulnerable firmware?”

Click to enlarge.

Click to enlarge.

Reduce Your Troubleshooting and Forensic Efforts

Effective, Efficient Incident Response

  • Minimizes false positives with AI-powered Dynamic Learning™
  • Decreases response time with Smart Incident™, which correlates alerts, provides operational context and delivers automatic packet captures

Informative Forensics

  • Decodes incidents with TimeMachine™ system snapshots and diff reports (Snapshots are dynamic, allowing drilldown into rich ICS data)
  • Provides answers fast with a powerful ad hoc query tool

Easily Integrate with Your SOC/IT Environments

Integrated Security Infrastructure

  • Includes built-in integrations for asset, ticket and identity management systems, SIEMs and more
  • Extends further with OpenAPI for additional integrations

Broad Protocol Support

  • Supports hundreds of ICS and IT protocols
  • Includes Protocol SDK and on-demand engineering services for quick creation of new protocol support

Click to enlarge.

Examples of Threats Detected / Sample Deployment Architecture

Click to enlarge.

Shown above is a general example of how the Nozomi Networks solution can be deployed. A wide variety of appliances, a flexible architecture, and integrations with other systems allow us to provide a solution tailored to meet the needs of your organization.

Additionally, Remote Collectors can be added to Guardian appliances to capture data from remote and offsite locations.


Smart Polling for Active Asset Inventory

Hybrid Passive + Active Asset Discovery Enhances Guardian

  • Adds low volume, active technologies to Guardian’s passive asset discovery
  • Provides precise asset detail, a complete asset inventory, exact vulnerability assessment and advanced ICS security monitoring

Comprehensive ICS Asset Details

  • Identifies non-communicating assets and rogue devices
  • Detects USB devices on Windows systems
  • Gathers details about changes in process flows and variables
  • Discovers operating system information, firmware, patch levels and more
  • Delivers accurate vulnerability assessment for fast and efficient response

Enhanced Network Monitoring and Threat Detection

  • Uses a full set of ICS data for enhanced anomaly detection
  • Integrates with OT ThreatFeed for up-to-date detection of emerging threats and zero-days

Flexible Usage Options

  • Deploys across your entire network or only to targeted segments or assets

OT ThreatFeed for Up-to-Date Threat Intelligence

Stay on Top of the Dynamic Threat Landscape

  • Makes it easy and efficient to stay on top of current ICS risks
  • Delivers up-to-date threat intelligence for ICS environments

Timely Threat Updates

  • Provides emerging threats, zero-day and vulnerability information, curated by Nozomi Networks Labs

  • Includes threat detection tools such as Packet rules, Yara rules, vulnerability signatures, STIX indicators and a threat knowledgebase

Threat Insights that Strengthen Cyber Resiliency

  • Provides full network visibility with integrated threat intelligence

  • Delivers valuable security and operational context regarding detected risks

  • Alerts you about suspicious activity in real-time

  • Reduces security management costs as a single, comprehensive ICS threat detection tool


Remote Collectors for Expansive Visibility and Cyber Security

Low-Resource Appliances for Distant and Distributed Installations

  • Cost-effectively extend network monitoring to provide full visibility across the entire ICS environment
  • Collect data from remote locations and send it to Guardian for further analysis
  • Reduce deployment costs for wilderness, off-shore and desert installations

For more information on Remote Collectors, contact us.

Nozomi Networks Solution Architecture

Click to enlarge.

Quotes 1 – 2


“Once you try Nozomi and its rich feature set you cannot imagine operating without it!”

Nozomi hands down wins the evaluations … the Nozomi platform was able to pick out and properly categorize more L2 devices than any other tool in the market place.

Security Analyst

Manufacturing Industry


“Innovative, easy to implement and even easier to maintain.”

From POC to implementation Nozomi has been quick to answer questions, provide feedback, and extensive support … Guardian is feature rich and Nozomi offers many different solutions for all aspects of our OT environment

Systems Specialist

Services Industry

Quotes 5 – 6


“Exceeded expectations. Deeper visibility than expected.”

Best part was the willingness to adapt to our unique environment. … Not only has their solution done as advertised, and then some.

Senior Industrial Security Manager

Manufacturing Industry


“Nozomi Guardian is literally window to the wire”

I have had an extremely positive experience with Nozomi. … I was amazed that 15 minutes later the things we were learning about our network – not all of it was good!

Lead C&I Engineer

Energy and Utilities Industry

Quotes 7 – 8


“Ease of deployment, behavioural baselining, visibility and granular asset inventory.”

Nozomi won hands down in terms of key features … The superb support and technical know-how provided by their Lead Engineer … [was] a key deciding factor.

Senior Security Engineer

ICS Manufacturing Industry


“Excellent Customer Service””

Nozomi offers excellent pre and post customer support, including 24/7 service that launched in 2019.

Senior System Architect

Energy and Utilities Industry

Quotes 9 – 10

From IT…

“With Nozomi Networks Guardian we can now detect and collect operational and cyber security issues in real-time, and take corrective actions before the threat can strike.”


Head of Cyber Security Design, Enel

From OT…

“Nozomi Networks Guardian is now a fundamental element of our network infrastructure and an essential tool for our daily activities.”


Head of Power Generation Remote Control System, Enel

Quotes 3 – 4


“The Guardian appliance is powerful, their team is skilled, they solved our problem.”

Nozomi has provided a high level of customer service and expertise throughout our procurement and implementation process. Their sales, engineering, and support teams are excellent and their product is best in class. 

Senior Program Manager

Manufacturing Industry


“This product keeps its promises.”

Guardian gives us precise alerts, with almost no false positives. Real events are clearly visible with the risk level indicator, making it easy to decide when and how to react.

System Administrator

Energy and Utilities Industry

 Helpful Resources






Central Management Console


OT ThreatFeed


Nozomi Networks


What You Can Achieve with Nozomi Networks

Superior Operational Visibility

Accurately visualize your industrial networks and improve resilience with real-time asset inventory and network monitoring.

Advanced ICS Threat Detection

Rapidly manage cyber threats and process risks with a solution that correlates multiple, advanced detection techniques.

Rapid Global Deployments

Centrally monitor hundreds of facilities with a solution proven to scale across continents and integrate with IT/OT systems.

Want to Know More?