Nozomi Networks SCADAguardian - Data-Sheet
ā¢
2 likesā¢1,661 views
Learn what makes SCADAguardian (the Nozomi Networks flagship technology) so unique and powerful. From enterprise IT, to OT, we enable scalable security strategies for ICS.
Report
Share
More Related Content
What's hot
What's hot (20)
Similar to Nozomi Networks SCADAguardian - Data-Sheet
Similar to Nozomi Networks SCADAguardian - Data-Sheet (20)
Recently uploaded
Recently uploaded (20)
Nozomi Networks SCADAguardian - Data-Sheet
- 1. Protect your control networks from cyberattacks and operational disruptions with SCADAguardian. It rapidly detects cyber threats and process anomalies, providing unprecedented operational visibility. SCADAguardian automatically discovers the industrial network including its components, connections and topology. It develops security and process profiles and monitors the system in real- time for any changes. SCADAguardian uniquely provides: ā¢ Comprehensive, hybrid ICS threat detection that combines behavior-based, rules, signatures and artificial intelligence analysis ā¢ Superior incident capture and forensic tools ā¢ Easy integration and sharing of ICS and cybersecurity information with IT/OT environments ā¢ Enterprise-class scalability when deployed with the related Central Management Console Find out how major customers have improved reliability, safety, cybersecurity and operational efficiency with SCADAguardian. Contact us today at nozominetworks.com/contact Real-time Cybersecurity and Visibility for Industrial Control Networks Data Sheet SCADAguardianā¢ ā¢ Behavior-based cyber threat and process anomaly detection ā¢ Rules and signature-based threat detection ā¢ Fast and accurate analysis powered by artificial intelligence Hybrid ICS Threat Detection ā¢ Dynamic learning minimizes false alerts ā¢ Smart grouping of alerts into incidents ā¢ Automatic packet capture ā¢ TimeMachineā¢ system snapshots ā¢ Real-time ad hoc query tool ā¢ Major installations at critical infrastructure, process control and manufacturing organizations Superior Incident and Forensic Tools Industries Operational ICS Visibility ā¢ Automated asset inventory ā¢ Intuitive network visualization ā¢ Real-time network monitoring Rapidly Detect Cyber Threats/Risks and Process Anomalies Significantly Reduce Troubleshooting and Forensic Efforts Easily Integrate and Share ICS Information with IT/OT Environments Automatically Track Industrial Assets and Know Their Cybersecurity Risks Quickly Monitor ICS Networks and Processes with Real-time Insight Readily Implement a Tailored Solution Using Multiple Appliance Models
- 2. Sample Deployment Architecture Five Modules Deliver ICS Cybersecurity and Operational Visibility Network Visualization and Modeling ICS Threat and Anomaly Detection Asset Inventory Vulnerability Assessment Dashboards and Reporting ā¢ Improve system and process awareness with a visualization interface that shows all assets and links ā¢ Rapidly detect cybersecurity threats, risks and process anomalies ā¢ Hybrid threat detection combines best-in-class behavior-based anomaly detection with rules-based threat detection (YaraRules, Packet Rules and Assertions) and artificial intelligence analysis ā¢ Detect intrusions: Scanning and MITM attacks Ā· Complex or zero-day attacks Ā· Known malware files or packets and more ā¢ Detect unauthorized behavior: Remote access Ā· Configurations Ā· Downloads Ā· Controller logic changes Ā· Edits to PLC projects and more ā¢ Detect states of concern: Misconfigurations Ā· Weak passwords Ā· Missing updates Ā· Open ports Ā· Communication failures Ā· Malfunctions and more ā¢ Auto-discovery of assets saves time and is always up-to-date ā¢ Asset views make it easy to visualize, find and drill down on asset information ā¢ Automated identification of device vulnerabilities saves time and improves cyber resiliency ā¢ Custom dashboards, detailed reports and ad hoc querying provide real-time visibility that improves both cybersecurity and operational efficiency
- 3. Value Delivered to Multinational Operators A powerful appliance for very large, demanding scenarios A rack-mounted appliance for medium scenarios A rack-mounted appliance for large scenarios A rack-mounted appliance for small scenarios 1 Rack Unit 1 Rack Unit1 Rack Unit PHYSICAL APPLIANCES 1 Rack Unit 8 54 5 Description Form Factor Monitoring Ports Multiple SCADAguardianā¢ Appliance Formats to Meet Your Needs Automated ICS Modeling Easy Integration with IT/OT Environments Fast ROI Dynamic Learning Operational Visibility ā¢ Includes built-in integration with: Ā·Ā· SIEMs: HPE ArcSight, IBM QRadar, Splunk, etc. Ā·Ā· Firewalls: Check Point, Fortinet, Palo Alto Networks, etc. Ā·Ā· User Authentication: Active Directory, LDAP, etc. ā¢ Exchanges data with other IT/ICS applications via an Open API ā¢ Includes built-in support for dozens of protocols, extends to others via the Protocol SDK ā¢ Exports data for analysis and presentation in other applications ā¢ Adapts for each installation with many customizable components ā¢ Deploys quickly, with no network changes ā¢ Delivers value at numerous customer sites, with centralized monitoring of tens of thousands of industrial devices ā¢ Switches from learning to protection mode automatically, starting anomaly detection quickly ā¢ Provides real-time network visualization, including topology ā¢ Monitors assets, communications and processes ā¢ Presents actionable information in dashboards ā¢ Allows real-time querying of any aspect of network or ICS performance, reducing spreadsheet work ā¢ Installs passively and non-intrusively by connecting to network devices via SPAN or mirror ports ā¢ Learns and models large heterogeneous ICS ā¢ Identifies all assets and triggers alerts on changes A portable probe for temporary analysis of network trunks A ruggedized, DIN-rail mounted appliance for small scenarios Portable Form FactorDIN Mountable 54 N1000 N750 P500R50NSG-L-250 NSG-L-100NEW NEW (*) Plus other limitations 5,000 4001,000 150 43 x 426 x 356 1.7 x 16.8 x 14 44 x 438 x 300 1.7 x 17.2 x 11.8 43 x 426 x 356 1.7 x 16.8 x 14 44 x 438 x 300 1.7 x 17.2 x 11.8 1 Gbps 200 Mbps500 Mbps 100 Mbps 240 Gb 64 Gb180 Gb 64 Gb 260W 250W260W 250W 10 Kg 8 Kg10 Kg 8 Kg 110-240V AC 110-240V AC110-240V AC 110-240V AC 0 / +45Āŗ C 0 / +40Āŗ C0 / +45Āŗ C 0 / +40Āŗ C Yes YesYes Yes Max Protected Nodes HxWxL (mm/in) Max Throughput Storage Max Power Consumption Weight Power Supply Type Temperature Ranges RoHS Conformity 250 (*)200 93 x 202 x 200 3.66 x 7.95 x 7.87 80 x 130 x 146 3.15 x 5.11 x 5.74 200 Mbps50 Mbps 180 Gb64 Gb 100W60W 5 Kg3 Kg 110-240V AC12-36V DC 0 / +50Āŗ C-40 / +70Āŗ C YesYes
- 4. Broad Support for Industrial Control Systems and ICS / IT Protocols Support for additional systems and protocols is constantly being expanded. Visit nozominetworks.com for the latest technical specifications. Further protocols can be quickly added using the Protocol SDK. (*) Limitation on the Number of ports can be present due to the version of the Virtual Infrastructure Firmware V1000 V750 V250 V100 Hyper-V 2012+, KVM 1.2+, VMware ESX 5.x+, XEN 4.4+ Unlimited (*) 4 4 4 5,000 1,000 400 150 300 Mbps 300 Mbps 300 Mbps 300 Mbps 100+ Gb 100+ Gb 100+ Gb 100+ Gb Installation Specs Monitoring Ports Max Protected Nodes Max Throughput Storage VIRTUAL APPLIANCES V50 A powerful appliance for very large, demanding scenarios A virtual appliance for large scenarios A virtual appliance for medium scenarios A virtual appliance for small scenarios Description A virtual appliance for very small scenarios 4 50 300 Mbps 100+ Gb ICS Vendors IT Protocols ICS Protocols ABB, Allen-Bradley/Rockwell, Bristol Babcock, Beckhoff, Emerson, General Electric, Honeywell, IBM, Mitsubishi, Motorola, Rockwell Automation, Schneider Electric, Siemens, Yokogawa Aspentech Cim/IO, BACNet, Beckhoff ADS, BSAP IP, CEI 79-5/2-3, COTP, DNP3, Enron Modbus, EtherCAT, EtherNet/IP - CIP, Foundation Fieldbus, Generic MMS, GOOSE, Honeywell, IEC 60870-5-7 (IEC 62351-3 + IEC 62351-5), IEC 60870-5-104, IEC-61850 (MMS, GOOSE, SV), IEC DLMS/COSEM, ICCP, Modbus/TCP, MQTT, OPC, PI-Connect, Profinet/DCP, Profinet/I-O CM, Profinet/RT, Sercos III, Siemens S7, Vnet/IP ARP, BROWSER, Bittorrent, CDP, DCE-RPC, DHCP, DNS, DRDA (IBM DB2), Dropbox, eDonkey (eMule), FTP, FTPS, GVCP, HTTP, HTTPS, ICMP/PING, IGMP, IKE, IMAP, IMAPS, ISO-TSAP/COTP, Kerberos, KMS, LDAP, LDAPS, LLDP, LLMNR, MDNS, MS SQL Server, MySQL, NetBIOS, NTP, OSPF, POP3, PTPv2, RDP, STP, SSDP, RTCP, RTP, SSH, SNMP, SMB, SMTP, STP, Syslog, Telnet, VNC SCADAguardian is a physical or virtual appliance that provides real-time cybersecurity and operational visibility of industrial control networks. The Central Management Console (CMC) aggregates data from multiple sites, providing centralized and remote cybersecurity management. Together they deliver comprehensive ICS cyber resilience and reliability. Nozomi Networks Products About Nozomi Networks Ā© 2017 Nozomi Networks, Inc. All Rights Reserved. DS-SG-8.5x11-004 www.nozominetworks.com @nozominetworks Nozomi Networks is revolutionizing Industrial Control System (ICS) cybersecurity with the most comprehensive platform to deliver real-time cybersecurity and operational visibility. Since 2013 the company has innovated the use of machine learning and artificial intelligence to secure critical infrastructure operations. Amid escalating threats targeting ICS, Nozomi Networks delivers one solution with real-time ICS monitoring, hybrid threat detection, process anomaly detection, industrial network visualization, asset inventory, and vulnerability assessment. Deployed in the worldās largest industrial installations, customers benefit from advanced cybersecurity, improved operational reliability and enhanced IT/OT integration. Nozomi Networks is headquartered in San Francisco, California. Visit www.nozominetworks.com