Nozomi Networks Inc. released new features to its portfolio of industrial security products.
“After more than 1,000 installations, it’s clear that IT/OT collaboration is the norm. CISOs are now looking for mature solutions and continued innovation,” said Dr. Andrea Carcano, Nozomi Networks co-founder and chief product officer.
With this update, Nozomi released:
• A safe active choice for precise ICS network visibility
• A threat feed service to support advanced threat monitoring
• A visual GUI for improved usability and alerting
• More SCADAguardian deployment options – with the addition of containers
The convergence of IT/OT has advanced the need for new security capabilities and integrations. Gartner found “by 2022, 30 percent of asset-centric enterprises will adopt a hybrid model to secure OT environments, with traditional security deployed alongside specialist OT security technology, up from 10 percent in 2018.”
The research firm recommended “security and risk management leaders focused on industrial Internet of Things and OT security should identify key OT assets and systems, as well as potential vulnerabilities, and prioritize security processes and controls, based on recognized threats to OT and IT systems.”
In response to these evolving market demands, the latest enhancements in the Nozomi Networks 18.5 release include:
SCADAguardian Advanced (SGA) is a separate and distinct product. It leverages Nozomi Networks’ passive-only discovery and analysis, and safely incorporates active capabilities, giving operators the option to discover and monitor a specific and more complete set of ICS data. SGA includes Smart Polling, a technique that uses low volume, very precise communications to actively identify and describe assets, vulnerabilities, and threats where users can:
• Safely discover firmware, patch level and other device details
• Confirm vulnerabilities for faster, more efficient response
• Monitor a complete set of ICS data, improving threat and process anomaly detection
• Choose easy-to-use default configurations, or manually apply Smart Polling to query specific devices or selected areas of the network
Nozomi Networks OT ThreatFeed makes it easier for IT and OT teams to quickly find, understand and respond to anomalies and threats. With this service Nozomi Networks OT security experts curate, test and enhance ICS threat and vulnerability information gathered from their own research and that of the ICS security community. The OT ThreatFeed arms SCADAguardian customers against emerging OT threats with precise automated threat alerts and recommendations for remediation. Enhanced updates delivered through the Nozomi Networks OT ThreatFeed include:
• Identified threat signatures, indicators of compromise and Zero Days discovered by Nozomi Networks
• Curated malware indicators from the ICS community, with enhanced Yara Rules & Packet Rules
• Enriched updates from the U.S. Government’s National Vulnerability Database (NVD)
With this latest release, SCADAguardian can deploy via a container embedded into select switches and routers as well as within the security infrastructure of Nozomi Networks partners. Nozomi Networks’ new container-based option allows operators to manage fewer devices and deploy across a wide variety of embedded network devices and security architectures. As a result they gain improved resource efficiencies, simplified implementation, and reduced overall total cost of ownership (TCO).
The 18.5 release delivers new dashboards and alerts, as well as an enhanced visual interface, improve network monitoring, threat detection and productivity across OT and IT environments.