PRODUCT

SCADAguardian Advanced
Real-time ICS Cyber Security and Operational Visibility

Exact Asset Inventory, Vulnerability Assessment & Network Monitoring Through Smart Polling

SCADAguardian Advanced™ extends the significant value obtained from passive network analysis with the use of Smart Polling™.

This precise, low volume, active technique provides a full asset inventory, exact vulnerability assessment and advanced ICS network monitoring.

Immediately Visualize Your Industrial Network

Real-time Network Visualization

  • Improves system awareness and understanding of network structure and activity
  • Displays key information such as traffic throughput, TCP connections, or the protocols used between nodes and zones
  • Speeds incident response and troubleshooting efforts

Flexible Navigation and Filtering

  • Shows macro views plus detailed information on endpoints and connections
  • Filters by subnets and network segments, or presents topologies

Click to enlarge.

Automatically Track Your Industrial Assets

Up-to-Date Asset Inventory

  • Advances cyber resiliency and saves time with automated asset inventory
  • Provides a full set of asset inventory, providing accurate, deep details
  • Identifies firmware versions and patch levels

Easy Asset Drilldown

  • Groups assets visually, as per the Purdue model, or in list views and detailed single asset summaries

Continuously Monitor Your Network and ICS

Comprehensive Cyber Security and Reliability Monitoring

  • Improves network security and productivity through dashboards, charts and queries relevant to your organization
  • Uses a full set of ICS data to monitor for threats and vulnerabilities

Clear Presentation of Key Metrics

  • Displays summarized data related to alerts, incidents, vulnerabilities, etc.
  • Includes indicators of reliability issues such as unusual variable values

Easy Access to ICS Data

  • Summarizes ICS risk information for selected date and time ranges
  • Supports drilldown on visual indicators for detailed information
  • Queries any aspect of your network or ICS performance, reducing data collection and spreadsheet work

Quickly Detect Threats to Your ICS or SCADA Systems

Up-to-the-Minute Threat Detection

  • Identifies cyber security and process reliability threats in real-time
  • Detects attacks in process, early stage advanced threats and cyber risks
  • Blocks attacks when integrated with compatible firewalls

Best-in-Class ICS Threat Detection

  • Uses multiple, hybrid techniques for comprehensive risk detection
  • Ensures current monitoring when integrated with our OT ThreatFeed subscription

Rapidly Identify Your Vulnerability Risks

Automated Vulnerability Assessment

  • Identifies and confirms which vendors’ devices are vulnerable
  • Utilizes the U.S. government’s NVD (National Vulnerability Database) for standardized naming, description and scoring

Efficient Prioritization and Remediation

  • Speeds workflows with vulnerability dashboards and drilldowns
  • Addresses questions like “Do certain devices have vulnerable firmware?”

Low Volume Smart Polling

Full Set of ICS Data

  • Discovers firmware, patch level and other device details not identified with passive analysis

  • Confirms vulnerabilities for faster, more efficient response

  • Monitors all assets for threats and risks

Hybrid Passive + Active Approach

  • Uses extensive information from passive network monitoring, adding precise, low volume, active Smart Polling, as needed

Flexible Usage Options

  • Offers a default configuration or manual options for limiting Smart Polling to specific devices and network segments

Reduce Your Troubleshooting and Forensic Efforts

Effective, Efficient Incident Response

  • Minimizes false positives with AI-powered Dynamic Learning™
  • Decreases response time with Smart Incident™ which correlates alerts, provides operational context and delivers automatic packet captures

Informative Forensics

  • Decodes incidents with Time Machine™ system snapshots and diff reports (Snapshots are dynamic, allowing drilldown into rich ICS data.)
  • Provides answers fast with a powerful ad hoc query tool

Easily Integrate / Share Information with Your IT/OT Environments

Integrated Security Infrastructure

  • Includes built-in integrations for asset management systems, firewalls, identity management systems, SIEMs and more
  • Extends further with an Open API

Broad Protocol Support

  • Supports dozens of ICS and IT protocols
  • Includes Protocol SDK for quick addition of new protocols

Quickly Achieve a Fast ROI

Swift Deployment

  • Requires minimal set up and risk to your industrial process
  • Installs as a proven, plug-and-play, ISO 9001: 2015 certified product
  • Rolls out across multiple sites in days and weeks versus months and years

Immediately Valuable

  • Improves ICS visibility, cyber security and reliability
  • Increases productivity and IT/OT collaboration

Enhances ROI of Existing Machines

  • Utilizes current hardware when installed as a container version

High Performance and Scalability for Multinational Deployments

Enterprise Ready

  • Scales for enterprisewide deployment with optimum performance
  • Adapts to all sites, with multiple appliance models and flexible deployment options

Centralized Monitoring of OT Risks

  • Consolidates information for up to hundreds of sites and thousands of devices
  • Facilitates maximum use of scarce cyber security skills

Solution Architecture –  SCADAguardian Advanced Edition

Click to enlarge.

The award-winning Nozomi Networks solution improves cyber resiliency and reliability via a modular, extensible and scalable architecture.

Compare SCADAguardian Advanced to SCADAguardian

Functionality SCADAguardian Advanced SCADAguardian
Network Analysis Passive + Active Smart Polling Passive
Asset Inventory Identifies All Assets Identifies Communicating Assets
Vulnerability Assessment Confirms Vulnerabilities Identifies Vulnerabilities
Network Monitoring & Threat Detection for All Assets & ICS Data for Communicating Assets & ICS Data
Deployment Requires Routable IP Address · Installed on Activated SPAN or Mirror Ports · Routing for Selected IPs Enabled No Network Changes · Installed on Inactive SPAN or Mirror Ports · No Routing Required

Examples of Threats Detected / Sample Deployment Architecture

Click to enlarge.

Shown above is a general example of how the Nozomi Networks solution can be deployed. A wide variety of appliances, a flexible architecture, and integrations with other systems allow us to provide a solution tailored to meet the needs of your organization.

 Helpful Resources

TECH SPECS

SCADAguardian Advanced

DATA SHEET

SCADAguardian Advanced

VIDEO

Hybrid Threat Detection

SOLUTION BRIEF

Nozomi Networks

#thosewhoknowpicknozomi

What You Can Achieve with Nozomi Networks

Superior Operational Visibility

Accurately visualize your industrial networks and improve resilience with real-time asset inventory and network monitoring.

Advanced ICS Threat Detection

Rapidly manage cyber threats and process risks with a solution that correlates multiple, advanced detection techniques.

Rapid Global Deployments

Centrally monitor hundreds of facilities with a solution proven to scale across continents and integrate with IT/OT systems.

Want to Know More?