Industrial Cyber Security and Visibility Solution

Real-time Cyber Security and Visibility for Your ICS Networks

Superior Operational Visibility

Accurately visualize your industrial networks and improve resilience with real-time asset inventory and network monitoring.

Advanced ICS Threat Detection

Rapidly manage cyber threats and process risks with a solution that correlates multiple, advanced detection techniques.

Rapid Global Deployments

Centrally monitor hundreds of facilities with a solution proven to scale across continents and integrate with IT/OT systems.



Guardian protects control networks from cyberattacks and disruptions by providing complete ICS visibility and security in a single solution.

It’s available as a passive monitoring solution, or a low impact, active solution with the Smart Polling add-on module.



Central Management Console

The Central Management Console™ makes it easy to monitor and manage cyber security across distributed industrial sites.

A single console provides consolidated access to data from all Guardian appliances in the field or on the plant floor.



Smart Polling

Smart Polling™ extends Guardian’s asset discovery functionality with active capabilities that deliver precise details about each asset in your network.

This add-on module identifies non-communicating and rogue devices, and gathers extensive information including OS, firmware, patch levels and more.



OT ThreatFeed

OT ThreatFeed™ delivers up-to-date threat intelligence to Guardian, making it easy to detect threats and identify vulnerabilities in your environment.

This annual threat intelligence subscription provides valuable context around potential risks detected in your network.


Nozomi Networks Solution Architecture


Core Capabilities

Deep Packet Inspection & Protocol Analysis

  • Evaluates the communications of hundreds of ICS and IT protocols
  • Examines packets at all seven layers of the OSI model
  • Provides packet captures for deeper analysis
  • Analyzes packets in real-time using a high performing algorithm

Real-Time Process Analytics Engine

  • Analyzes process control variables for indications of nefarious activity and critical issues that could impact reliability
  • Identifies early stages of cyberattacks, failing equipment, causes of lost resources or raw materials and more

Asset Discovery and Network Visualization

  • Automates asset inventory using built-in passive network monitoring
  • Improves environmental awareness and understanding of network structure and activity

Vulnerability Assessment

  • Improves cyber resiliency with up-to-date vulnerability assessment
  • Identifies which vendors’ devices are vulnerable
  • Speeds workflows with vulnerability dashboards and drilldowns

ICS Risk Monitoring

  • Monitors for ICS threats and reliability risks in real-time
  • Presents and displays incident, alert and vulnerability metrics

Threat & Anomaly Detection

  • Identifies cyber security and process reliability threats using comprehensive anomaly and signature-based threat detection

Dashboards And Reporting

  • Improves network security and productivity through customizable dashboards and reports


  • Integrates seamlessly with IT/SOC environments via many built-in integrations plus an OpenAPI
  • Includes Protocol SDK and on-demand engineering services for additional protocols


  • Provides complete visibility and cyber security for ICS environments
  • Combines asset discovery, vulnerability assessment, threat detection, and anomaly detection in a single, unified solution

Central Management Console

  • Enables centralized security visibility and management for multi-tier, distributed OT deployments across the world
  • Helps manage and consolidate OT risk across the enterprise

Smart Polling (Guardian Add-on Module)

  • Adds low volume, active discovery technologies to Guardian’s passive asset discovery capabilities
  • Provides precise asset details, a complete asset inventory, exact vulnerability assessment and advanced ICS security monitoring

OT ThreatFeed (Guardian Add-on Subscription)

  • Delivers up-to-date threat intelligence to effectively detect threats and identify vulnerabilities in ICS environments
  • Includes threat detection tools such as packet rules, Yara rules, vulnerability signatures, STIX indicators and a threat knowledgebase

Remote Collectors

  • Collect data from remote locations and send it to Guardian for further analysis
  • Reduce deployment costs for wilderness, off-shore or desert installations

Sample Deployment Architecture

This is a general example of how the Nozomi Networks solution can be deployed.

A wide variety of appliances, a flexible architecture, and integrations with other systems allow us to provide a solution tailored to meet the needs of your organization.

Additionally, Remote Collectors™ can be added to Guardian to capture data from remote and offsite locations.

Click to enlarge

 Helpful Resources

Solution Brief

Nozomi Networks

Data Sheet


Data Sheet

Central Management Console


Smart Polling

Data Sheet

OT ThreatFeed


Want to Know More?