SCADAguardian Advanced
Real-time ICS Cyber Security and Operational Visibility

Exact Asset Inventory, Vulnerability Assessment & Network Monitoring Through Smart Polling

SCADAguardian Advanced™ extends the significant value obtained from passive network analysis with the use of Smart Polling™.

This precise, low volume, active technique provides a full asset inventory, exact vulnerability assessment and advanced ICS network monitoring.

Immediately Visualize Your Industrial Network

Real-time Network Visualization

  • Improves system awareness and understanding of network structure and activity
  • Displays key information such as traffic throughput, TCP connections, or the protocols used between nodes and zones
  • Speeds incident response and troubleshooting efforts

Flexible Navigation and Filtering

  • Shows macro views plus detailed information on endpoints and connections
  • Filters by subnets and network segments, or presents topologies

Click to enlarge.

Automatically Track Your Industrial Assets

Up-to-Date Asset Inventory

  • Advances cyber resiliency and saves time with automated asset inventory
  • Provides a full set of asset inventory, providing accurate, deep details
  • Identifies firmware versions and patch levels

Easy Asset Drilldown

  • Groups assets visually, as per the Purdue model, or in list views and detailed single asset summaries

Continuously Monitor Your Network and ICS

Comprehensive Cyber Security and Reliability Monitoring

  • Improves network security and productivity through dashboards, charts and queries relevant to your organization
  • Uses a full set of ICS data to monitor for threats and vulnerabilities

Clear Presentation of Key Metrics

  • Displays summarized data related to alerts, incidents, vulnerabilities, etc.
  • Includes indicators of reliability issues such as unusual variable values

Easy Access to ICS Data

  • Summarizes ICS risk information for selected date and time ranges
  • Supports drilldown on visual indicators for detailed information
  • Queries any aspect of your network or ICS performance, reducing data collection and spreadsheet work

Quickly Detect Threats to Your ICS or SCADA Systems

Up-to-the-Minute Threat Detection

  • Identifies cyber security and process reliability threats in real-time
  • Detects attacks in process, early stage advanced threats and cyber risks
  • Blocks attacks when integrated with compatible firewalls

Best-in-Class ICS Threat Detection

  • Uses multiple, hybrid techniques for comprehensive risk detection
  • Ensures current monitoring when integrated with our OT ThreatFeed subscription

Rapidly Identify Your Vulnerability Risks

Automated Vulnerability Assessment

  • Identifies and confirms which vendors’ devices are vulnerable
  • Utilizes the U.S. government’s NVD (National Vulnerability Database) for standardized naming, description and scoring

Efficient Prioritization and Remediation

  • Speeds workflows with vulnerability dashboards and drilldowns
  • Addresses questions like “Do certain devices have vulnerable firmware?”

Low Volume Smart Polling

Full Set of ICS Data

  • Discovers firmware, patch level and other device details not identified with passive analysis

  • Confirms vulnerabilities for faster, more efficient response

  • Monitors all assets for threats and risks

Hybrid Passive + Active Approach

  • Uses extensive information from passive network monitoring, adding precise, low volume, active Smart Polling, as needed

Flexible Usage Options

  • Offers a default configuration or manual options for limiting Smart Polling to specific devices and network segments

Reduce Your Troubleshooting and Forensic Efforts

Effective, Efficient Incident Response

  • Minimizes false positives with AI-powered Dynamic Learning™
  • Decreases response time with Smart Incident™ which correlates alerts, provides operational context and delivers automatic packet captures

Informative Forensics

  • Decodes incidents with Time Machine™ system snapshots and diff reports (Snapshots are dynamic, allowing drilldown into rich ICS data.)
  • Provides answers fast with a powerful ad hoc query tool

Easily Integrate / Share Information with Your IT/OT Environments

Integrated Security Infrastructure

  • Includes built-in integrations for asset management systems, firewalls, identity management systems, SIEMs and more
  • Extends further with an Open API

Broad Protocol Support

  • Supports dozens of ICS and IT protocols
  • Includes Protocol SDK for quick addition of new protocols

Quickly Achieve a Fast ROI

Swift Deployment

  • Requires minimal set up and risk to your industrial process
  • Installs as a proven, plug-and-play, ISO 9001: 2015 certified product
  • Rolls out across multiple sites in days and weeks versus months and years

Immediately Valuable

  • Improves ICS visibility, cyber security and reliability
  • Increases productivity and IT/OT collaboration

Enhances ROI of Existing Machines

  • Utilizes current hardware when installed as a container version

High Performance and Scalability for Multinational Deployments

Enterprise Ready

  • Scales for enterprisewide deployment with optimum performance
  • Adapts to all sites, with multiple appliance models and flexible deployment options

Centralized Monitoring of OT Risks

  • Consolidates information for up to hundreds of sites and thousands of devices
  • Facilitates maximum use of scarce cyber security skills

Solution Architecture –  SCADAguardian Advanced Edition

Click to enlarge.

The award-winning Nozomi Networks solution improves cyber resiliency and reliability via a modular, extensible and scalable architecture.

Compare SCADAguardian Advanced to SCADAguardian

Functionality SCADAguardian Advanced SCADAguardian
Network Analysis Passive + Active Smart Polling Passive
Asset Inventory Identifies All Assets Identifies Communicating Assets
Vulnerability Assessment Confirms Vulnerabilities Identifies Vulnerabilities
Network Monitoring & Threat Detection for All Assets & ICS Data for Communicating Assets & ICS Data
Deployment Assigned IP Address · Installed on Switch or Router Port · Routing for Selected IPs Enabled No IP Address · Installed on SPAN or Mirror Ports · No Routing Required

Examples of Threats Detected / Sample Deployment Architecture

Click to enlarge.

Shown above is a general example of how the Nozomi Networks solution can be deployed. A wide variety of appliances, a flexible architecture, and integrations with other systems allow us to provide a solution tailored to meet the needs of your organization.

 Helpful Resources


SCADAguardian Advanced


SCADAguardian Advanced


Hybrid Threat Detection


Nozomi Networks


Nozomi Networks Labs


What You Can Achieve with Nozomi Networks

Superior Operational Visibility

Accurately visualize your industrial networks and improve resilience with real-time asset inventory and network monitoring.

Advanced ICS Threat Detection

Rapidly manage cyber threats and process risks with a solution that correlates multiple, advanced detection techniques.

Rapid Global Deployments

Centrally monitor hundreds of facilities with a solution proven to scale across continents and integrate with IT/OT systems.

Want to Know More?