Goals & Objectives
This lab in its first module is designed to serve as a preconfigured environment for users to explore the Nozomi Guardian interface and operations at their own direction. WWT can provide a guided demo of the solution as well as coordinate a deep dive session with Nozomi Networks upon email request to the listed lab owners and contributors for this deployment.
Nozomi Guardian monitors span port traffic to monitor the ICS network. The network has no security controls. All traffic generated in the network is monitored and analyzed by Guardian. Guardian provides insight into the hosts in the network, their roles, and their communications. Once traffic is baselined, new hosts or traffic baseline deviations will generate an alert.
This lab demonstrates the following Nozomi Guardian features:
- Discover and identify ICS assets
- Map ICS network
- Baseline ICS traffic
- Generate alerts related to ICS assets/traffic
- Become acquainted with Dashboard and Reporting capabilities
Hardware & Software
WebUI/Sensor and monitored processes hosted on virtual ATC infrastructure.