An island itself has no platform. Customer-ready solutions and the ability to address real use cases depend on successful partner integration that brings multiple technologies to address real-world problems.
Nozomi Networks has assembled one of the strongest technical alliance ecosystems in the OT/ICS security industry based on the unique value we bring, as well as the flexibility and ease of integration of our platform. In this post, we’ll summarize some of our latest alliance updates that cover new platforms or new features through integration.
Before we dive in, it might be good to summarize how we focus and prioritize our technology alliances so that it’s a win-win for both parties. As you probably know, Nozomi Networks delivers passive asset intelligence, vulnerability management and threat analysis solutions. It was created using OT/ICS and now with IoT environments in mind. Proactive security policy enforcement can disrupt these critical processes and is not a specific focus of our platform. But that’s a great opportunity for us to partner for those environments that need to enforce policies, and, in fact, can update behavior based on the security intelligence that Nozomi Networks provides. Devices such as firewalls are a prime example of this integration into implementation solutions, and we maintain a strong suite of firewall, network access control (NAC), remote access, et al. integrations.
Some of our technology partners offer comparable security services to Nozomi Networks in terms of visibility for either assets or network traffic and anomalies, but they do not focus on specific systems industrial, processes and protocols needed for full analysis and actionable intelligence. So, partnering with Nozomi Networks makes a lot of sense to include a common, security operations center (SOC)-level view of all IT and OT assets and networks.
Other partners may perform data collection and analysis of network environments and traffic, but not from a cybersecurity perspective. They can offer complementary insights or analytics that make sense for industrial systems, while Nozomi Networks provides the cybersecurity visibility they need. In that context, let’s look at some updates on our tech alliances:
CloudGen Firewall by Barracuda Networks
As mentioned above, when a Nozomi Networks Guardian device detects abnormal behavior, it can prevent communications by proactively updating firewall rules and configurations, if necessary. This can prevent new, unknown, compromised or malicious devices from attacking the wider network.
Nozomi Networks recently added Barracuda Networks CloudGen Firewall to its cadre of firewall partners based on customer needs in our shared markets. Barracuda CloudGen Firewall offers a comprehensive set of next-generation firewall technologies to ensure real-time network protection against a wide range of network threats, vulnerabilities, and exploits, including SQL injections, cross-site scripting, denial of service attacks, trojans, viruses. , worms, spyware, and more. CloudGen’s lineup includes models for nearly every size and need from appliances with 1.2 Gbps throughput, up to 52 Gbps.
Two of the main use cases between Nozomi Networks and Barracuda are node blocking and link blocking. When Guardian generates alerts and incidents, the alert information contains the information of the node involved in the alert. When the node blocking capability is enabled, a node is blocked if it is not learned. When Guardian generates alerts and incidents, the alert information may contain the link information involved in the alert. When the link blocking capability is enabled, a link is blocked if it has not been learned, and the nodes connected by the node have not been blocked.