Nozomi Guardian Industrial Control System Security Demo

Bookmark

4 Launches

Solution Overview

Nozomi Guardian™ protects control networks from cyberattacks and operational disruptions by providing complete ICS visibility and security in a single solution.

Its advanced technology automatically maps and visualizes your entire industrial network, including assets, connections and protocols. Guardian monitors network communications and behavior for risks that threaten the reliability of your systems, and provides the information you need to respond quickly.

Available as a passive monitoring solution, or low-impact active solution with the Smart Polling™ add-on, Guardian allows you to choose the asset discovery approach that best fits your organization.

Goals & Objectives

This lab in its first module is designed to serve as a preconfigured environment for users to explore the Nozomi Guardian interface and operations at their own direction. WWT can provide a guided demo of the solution as well as coordinate a deep dive session with Nozomi Networks upon email request to the listed lab owners and contributors for this deployment.

Nozomi Guardian monitors span port traffic to monitor the ICS network. The network has no security controls. All traffic generated in the network is monitored and analyzed by Guardian. Guardian provides insight into the hosts in the network, their roles, and their communications. Once traffic is baselined, new hosts or traffic baseline deviations will generate an alert.

This lab demonstrates the following Nozomi Guardian features:

Discover and identify ICS assets
Map ICS network
Baseline ICS traffic
Generate alerts related to ICS assets/traffic
Become acquainted with Dashboard and Reporting capabilities

Hardware & Software

WebUI/Sensor and monitored processes hosted on virtual ATC infrastructure.

Contributors

Enrique Martinez

WWT

Technical Solutions Architect

John Stillwell

WWT