Nozomi Networks

Technical Enablement
Q1 2022
What is needed to
perform effective
operational and risk
analysis
OT systems can be large

© 2021 Nozomi Networks. All rights reserved. | www.nozominetworks.com

OT Process Control System

© 2021 Nozomi Networks. All rights reserved. | www.nozominetworks.com

OT control room

© 2021 Nozomi Networks. All rights reserved. | www.nozominetworks.com

OT system components SCADA Systems
Telemetry Systems
Domain Controller Manufacturing Execution Historian Distributed Control System (DCS)
System
PURDUE LEVEL 3

Substation Control System (SCS)

Ethernet

Operator Workstation Engineering Workstation OT

(HMI – Human Machine Interface) Server
PURDUE LEVEL 2

Ethernet
PURDUE LEVEL 1

Programmable Logic Controllers (PLC)

Remote Telemetry Unit (RTU)
Controller Controller Intelligent Electrical Device (IED)
Controller

© 2021 Nozomi Networks. All rights reserved. | www.nozominetworks.com

OT Operational and Security Requirements

Safety and Reliability of Heterogeneous/Legacy Systems

critical systems that operate Industrial networks include diverse
24/7/365 and involve processes assets, and often consist of
with significant safety risks. multiple connected architectures.

Industrial Protocols Volume of IoT/OT Devices

are often unknown in the IT will grow to billions
7
worldwide
world, and that are inherently vs millions in IT.
insecure.
© 2021 Nozo

Effective Monitoring and Detection

Granular Visibility
All assets and behaviors on your OT/IoT
environments

Advanced Risk Detection

Cyber threats, vulnerabilities, risks and
anomalies using ML and AI

Operationally Scalable
Security, visibility and monitoring across
all your assets that SCALES

8
© 2021 Nozomi Networks Inc.

Nozomi Networks Solution Portfolio

Core Solutions
Success Offerings

Central Management
Vantage Guardian
Console Certified Engineer
Training
SaaS Mgmt On-premise Sensor
Self deployed Mgmt

Extended Functionality Professional

Services

Remote 9
Smart Asset Threat
Polling Intelligence Intelligence Collectors Customer
Support
Active data Asset behavior Known threats Light weight
collection database database sensors

Reduce FP/ FN
Traffic Monitoring (TAP, SPAN, PCAP Upload Zero Risk)

Aggregated
Traffic TAP
Aggregating Technologies
Network TAP Device One-Way Connection

SPAN Continuous
PCAP Snapshot
SPAN upload , Spot
Assessment
• Wireshark
• TCP Dump

© 2021 Nozomi Networks. All rights reserved. | www.nozominetworks.com 10

© 2021 Nozomi Networks Inc.

Sample Architecture
Vantage
Security Operation
SIEM
LEVEL 5 Corporate Corporate Center
Enterprise IT Networks Firewall
Workstations Servers
and Data Centers

LEVEL 4 DNS, AV, DC, Historian, Patch Local

Site IT Site IT
Site IT Remote Access Servers Nozomi
CMC Servers Workstations
Networks
(Optional)

LEVEL 3 and LEVEL 3.5 Firewall Site Production

DMZ Switches
Site Operations Control and Control Systems
Core
ICS-Demilitarized Zone (DMZ) Guardian Switches

LEVEL 2 Line Operator Line Operator

/Engineering Supervisory
Area Supervisory Control /Engineering
Workstations
Workstations Workstations

Line Line Line

Switche Switche Switche
Guardian s Remote s Guardian s
Collector
LEVEL 1 PLCs / PLCs / Building
Control Network DCSs RTUs Controllers
/
NVRs
LEVEL 0 Sensors / Sensors /
Field Network Actuators Actuators IoT
Devices
Line #1 Remote Line #2 Security Network

11
Data Insights for OT, IoT, and IT

12
Actionable Data for OT, IoT, and IT

13
Visualization for OT, IoT, and IT

14
 Virtualization
On-premise
SaaS
Remote Site
Private/Public Cloud
Ruggedized
Can it deploy in My Networks?

16
Platforms Small Sites + Duplicated IPs

Physical
Guardian
Remote Collector
Appliances Commercial Grade Appliances Rugged Appliances (15Mbps)
1,000 – 500,000 Nodes 500 – 1,000 Nodes
(250Mbps – 6Gbps) (100Mbps – 250Mbps)

Virtual
1,000 – 40,000 nodes
Guardian (1Gbps)
Appliances
Central Management Console Container
Virtual CMC ( Unlimited number of Sensor - based on Infrastructure)

Cloud CMC
Guardians = Full Stack (H/W+OS+S/W)
• One Support Contract
• Lower Cost of Ownership
Vantage Multi-Tenanted SaaS • Faster Installation
Multiple Companies Serving Multiple Organisations

© 2021 Nozomi Networks. All rights reserved. | www.nozominetworks.com

© 2021 Nozomi Networks Inc.

Integrating Guardian and CMC with Vantage

Vantage
1. Guardian Sensors Send Data
to Vantage
• Optional Remote Collectors send
data to a Guardian
Central
Management
Console

2. Guardian Sensors Send Data Guardian

to CMC, Which Sends it to

Vantage
Remote Guardian Guardian
Collectors

18
© 2021 Nozomi Networks Inc.

Customer: Electric Utility - IoT Smart Meters

Company Profile Company Vision Business Challenges

Industry Employees • Monitor country-wide smart meter • Challenging expectations (time frame,
deployment technology, budget, partners)
Electric Utilities 30K
• Detect any manipulation and anomalies in • Phase 1: Unlikely joint proposal with
Region Revenue traffic patterns and smart meter behavior Cisco
EMEA (Saudi Arabia) $10B • Operational visibility at HQ & DR SOC • Phase 2: Highly complex joint proposal
with Palo Alto, Trend Micro, HP-Aruba
and Forescout

Our Solution Customer Value Deployment

26 NSG-H3500 (Failover) • High scalability & purpose made HW

sensor options Go live: Q4 2020
10 CMCs in HA
• Local support and expertise
Threat Intelligence & Smart Polling HQ & DR deployment
• Multi-vendor comprehensive integration
Pricing Model: A-La-Carte and support 10 control centers (OT SOCs) in Q1-
≈ 13.2M IoT smart meters monitored 2021
• Executive, technical & delivery
Evaluating Vantage commitment NN-WW-EMEA-Utility-C-002

19
© 2021 Nozomi Networks Inc.

Customer: Healthcare - Medical Technology & Digital Solutions

Company Profile Company Vision Business Challenges

Industry Employees • Mature security posture • Inconsistent visibility into global

manufacturing processes
Healthcare 54K+ • Robust defense against cyberattacks
• Protecting production lines against
• High availability & reliability of
Region Revenue downtime
manufacturing processes
Global (HQ USA) $20B • Containing/minimizing impact of potential
• Corporate Security Center of Excellence
security incidents

Our Solution Customer Value Deployment

102+ Guardian Sensors (NSM 750/1000s) • Enterprise-wide scalability

17 sensors in Phase 1
3 Central Management Consoles (CMCs) • Extensive protocol support, integrations
Vantage for Global SOC 35 sensors in Phase 2
• Immediate value from a mature
Smart Polling, Threat Intelligence security solution 50+ deployed in 2021
Maintenance & Professional Services • Exceptional customer service and support Global: Ireland, Germany, Mexico, USA,
Certified Engineer Training etc. NN-WW-NA-HEALTH-A-003

20
Integrations
© 2021 Nozomi Networks Inc.

Technology Alliance Ecosystem

Integrations and Interoperability with Controls, Security, Network & Cloud Architectures

SIEM, SOAR and OT / ICS Other Network / IT and Cloud Services

Data Integrations Interoperability Security Technologies Platforms

Our solution provides extensive support for OT/IoT and IT protocols and is frequently updated. See the latest Protocol List.

22
Integrations are Essential for Success

© 2021 Nozomi Networks. All rights reserved. | www.nozominetworks.com 23

World-Class Go-To-Market Ecosystem
Optimizing OT and IoT with IT Security Solutions

Global Network of SI, VAR and

Distribution Partners 1,000+ Trained and Certified
Professionals

24
Securing the World’s Largest Organizations

9 of Top 20 Chemicals Building Automation

Oil & Gas

7 of Top 10 Manufacturing Food & Retail

Pharma
Automotive Logistics
5 of Top 10
Mining
Airports Smart Cities
5 of Top 10
Utilities Water Transportation

© 2021 Nozomi Networks. All rights reserved. | www.nozominetworks.com 26

Global Leadership Footprint

Global Customer Base

2.5K Installations

17.0M Devices Monitored

Across Converged OT/IoT

Scalable Deployments
Across 6 Continents

Global Expertise
Worldwide Network of Partners
and 1,000+ Certified Professionals

© 2021 Nozomi Networks. All rights reserved. | www.nozominetworks.com 27

© 2021 Nozomi Networks Inc.

Five Star Customer Reviews

100% ★★★★★ ★★★★★ ★★★★★

Customer “The Guardian appliance Is
powerful, their team is skilled,
“Innovative, easy to
implement and even
“Once you try Nozomi and its
rich feature set you cannot
Retention they solved our problem.” easier to maintain.” imagine operating without it!”
Senior Program Manager Systems Specialist Security Analyst
Manufacturing Industry Services Industry Manufacturing Industry

★★★★★ ★★★★★ ★★★★★

“We wanted the most “This product “Exceeded expectations.
advanced technology keeps Deeper visibility
available.” its promises.” than expected.”
Manager, Cyber Security System Administrator Senior Industrial Security Manager
Oil & Gas Industry Energy and Utilities Industry Manufacturing Industry

28