Andrea Carcano, Co-founder and Chief Product Officer
The Cosmopolitan Hotel of Las Vegas came alive on February 26, 2018, when it became the center stage for Accelerate 18, Fortinet’s premier, global user and partner conference. The year’s meeting saw keynotes by Fortinet executives and top guest speakers and more than 60 breakout sessions on a variety of contemporary topics. The world also witnessed Andrea Carcano, Nozomi Networks Co-founder and Chief Product Officer, leading a special breakout session to demonstrate how Fortinet and Nozomi Networks are working together to address the need for an innovative approach to OT/IT cybersecurity.
Nozomi Networks Inc. is a leader in real-time cybersecurity and operational visibility for industrial control systems (ICS). Fortinet and Nozomi Networks have collaborated to provide ICS environments with a holistic and comprehensive security platform. Working with Fortinet, Nozomi Networks extends the reach of Fortinet’s Security Fabric by providing detailed threat intelligence and visibility of ICS devices, networks and protocols. This synergetic relationship between Fortinet and the Nozomi Networks solution is effectively and seamlessly bridging the IT/OT security gap for customers around the world.
Adding Value with the Nozomi Network Solution
Nozomi Networks SCADAguardian’s non-intrusive ICS protocol monitoring capabilities profile the behavior of industrial devices and networks using artificial intelligence (A.I.) techniques to detect anomalies in the ICS network in real-time. By developing an operational baseline, SCADAguardian is able to rapidly identify cyber and operational anomalies and provide incident alerts in various ways. When integrated into Fortinet’s Security Fabric, FortiGate and FortiSIEM for example, Nozomi Networks and Fortinet work in tandem to not only identfy cyberthreats, but to implement policies that remediate them.
Designed to minimize system downtime and limit data loss, the Fortinet-Nozomi Networks solution optimizes productivity and business continuity in industries reliant on ICS networks. By deploying a Nozomi Networks SCADAguardian appliance within the OT networks, Fortinet and Nozomi Networks solutions join forces to passively monitor all network traffic communications and create a detailed map of the network, its nodes, and the behavior of each device in the network.If an anomaly or suspicious behavior is detected, an alarm is generated and sent to security operators and network administrators. At the same time, SCADAguardian is capable of automatically modifying the right policy in FortiGate to block the suspicious traffic.
The Most Comprehensive Security Solution Available
As industrial networks begin to connect and automate their systems, they need to be weary of adopting standard IP networking doctrines that favor open network segmentation between workgroups and applications. A lack of segmentation between OT applications and IT control will, expose ICS networks to a higher degree of risk that might outweigh gains in process efficiency and centralized control. If malware is able to enter the ICS domain, it often goes undetected and can move at will. Additionally, traditional IT-based attacks, such as DDoS, are now able to move beyond IT and attack operational networks.
Nozomi Networks and Fortinet work in tandem to not only identfy cyberthreats, but to implement policies that remediate them
IT networks address these issues by deploying protective cybersecurity measures like firewalls to segment their internal networks and mitigate the damage and limit data exposure. However, in the case of critical infrastructure and ICS, protective measures to cybersecurity cannot be the last and only line of defense. ICS require both protective and threat intelligence appraches so that cybersecurity security stakeholders can engage in proactive, reactive, and preseciptive cybersecurity practices against ICS cyber threats.
With the FortiGate/SCADAguardian solution, cybersecurity stakeholders can view deeper into the ICS networks than ever before, identifying and thwarting cyberthreats as they materialize in their infancy. Additionally, the FortiGate/ SCADAguardian solution is meant to scale for enterprise-grade deployments, providing granularity of detail with mult-tenant oversight.
Thanks to the Security Fabric, SCADAguardian can leverage an uparrelleled tight integration with Fortinet’s extensive portfolio to bridge the gap between IT and OT domains. For facilities like manufacturing plants that have numerous end devices and require real time information, a FortiHypervisor could be incorporated with the FortiSIEM and SCADAguardian to meet this real-time information requirement. In short, the active integration between SCADAguardian and Fortinet Security Fabric products provide ICS networks with the most comprehensive security solution available and enables optimum efficiency within, and beyond, the Industrial network.
Looking at The Future
Increased connectivity and the digitalization of ICS and OT have introduced new cyber threats that must be addressed. The good news is solutions are available to answer the need for better security, reliability and safety. Nozomi Networks is the leader of industrial cybersecurity, delivering real-time visibility to manage cyber risk and improve industrial operations resiliency. Customers gain advanced cybersecurity, improved operational reliability and easy IT/OT integration.