Homepage/ Guardian

Nozomi Networks Guardian™ delivers visibility, security and monitoring of your OT, IoT, IT, edge and cloud assets.

Guardian sensors send data to Vantage for consolidated security management anywhere, anytime from the cloud. They can also send data to the Central Management Console for aggregated data analysis at the edge or in the public cloud.

The world’s top companies rely on Guardian to protect their critical infrastructure, energy, manufacturing, mining, transportation, building automation and other sites around the world.


Asset Discovery and Network Visualization

Automatically Track Your OT and IoT Assets

Up-to-Date Asset Inventory

Enhances cyber resilience and saves time with automated asset inventory

Identifies all communicating assets

Provides extensive node information including name, type, serial number, firmware version and components

Presents risk information including security and reliability alerts, missing patches and vulnerabilities

Smart Polling / Asset Intelligence


Smart Polling

Expands Guardian’s built-in passive asset discovery with low-volume active polling


Asset Intelligence

Accelerates the asset learning process and keeps asset profiles and behavior data up-to-date

Immediately Visualize Your Networks

Reduced Risk Through Network Visualization

Provides instant awareness of your OT/IoT network and its activity patterns

Presents key data such as traffic throughput, TCP connections, and protocols

Improves your understanding of ‘normal’ operations

Intuitive Dashboards and Reports

Explore macro views as well as detailed information on endpoints and connections

Filter by subnets, type, role, zone and topologies

Group assets visually, in lists and detailed single asset views

Singe Asset View with extensive information.

Portion of interactive Network Visualization Graph.


Vulnerability Assessment and Risk Monitoring

Rapidly Identify Your Vulnerability Risks

Automated Vulnerability Assessment

Identifies which vendors’ devices are vulnerable

Utilizes the U.S. government’s National Vulnerability Database (NVD) for standardized naming, description and scoring

Efficient Prioritization and Remediation

Speeds response with vulnerability dashboards, drilldowns and reports

Answers questions like:

  • “Are my assets running vulnerable firmware?”
  • “Are assets from Vendor X vulnerable?”

Continuously Monitor Your Network and Automation Systems

Continuous Monitoring

Continuous monitoring of all supported protocols: OT, IoT and IT

No critical blind spots in protection caused by limited monitoring or inadequate protocol support

Monitors assets from all vendors and all network communications

Easy Access to OT/IoT Risk Data

Summarizes OT and IoT risk information for customizable date and time ranges

Highlights indicators of reliability issues, such as unusual process values

Queries any aspect of your network or control system performance, reducing data collection and spreadsheet work

 List showing the vulnerabilities for a facility’s assets.

Portion of customizable Guardian Dashboard.


Advanced Anomaly and Threat Detection

Quickly Detect and Disrupt Threats and Anomalous Behavior

Up-to-the-Minute Threat Detection

Identifies cybersecurity and process reliability threats

Detects early stage and late stage advanced threats and cyber risks

Blocks attacks when integrated with compatible firewalls and endpoint security products

Superior OT and IoT Threat Detection

Combines behavior-based anomaly detection with signature-based threat detection for comprehensive risk monitoring

Provides detailed threat information as Yara rules, packet rules, STIX indicators, threat definitions, a threat knowledgebase and vulnerability signatures

Effectively Monitor Mixed Environments

Threat Intelligence


Ensures up-to-date threat detection and vulnerability identification using indicators created and curated by Nozomi Networks Labs

Delivers ongoing OT, IoT and IT threat and vulnerability intelligence

Asset Intelligence


Powers breakthrough anomaly detection accuracy for OT and IoT devices, accelerating incident response

Delivers ongoing OT and IoT asset profile and behavior data

Smart Incident showing related alerts and security context.

The Asset Intelligence service powers breakthrough anomaly detection for OT and IoT.


Time-Saving Dashboards and Forensic Tools

Significantly Improve OT and IoT Risk Management

Dashboards and Customizable Reports Highlight Risks

Focuses attention on key concerns by summarizing risks and threats

Built-in reports are customizable. You can select from predefined widgets to add exactly the information you need.

Detailed Alerts Provide Key Information

Generates detailed, accurate alerts

Identifies security and reliability risks

Groups alerts into incidents, providing security and operations staff with a simple, clear, consolidated view of what’s happening on their network

Greatly Reduce Troubleshooting and Forensic Efforts

Accelerated Incident Response

Combines Guardian’s breakthrough anomaly detection for OT and IoT with the Asset Intelligence™ service for focused, actionable alerts

Understands normal behavior for assets with frequent behavior changes, eliminating alerts for benign anomalies

Improves response time and productivity with precise alerts that are easy to prioritize

Fast Forensic Analysis

Focuses effort with Smart Incidents™ that

  • Correlate and consolidate alerts
  • Provide operational and security context
  • Supply automatic packet captures

Decodes incidents with Time Machine™ before and after system snapshots

Provides answers fast with a powerful ad hoc query tool

Customizable reports summarize risks, assets and alerts.

Smart Incident showing related alerts and security context.


Unified Security for All of Your Sites with the Power of SaaS

Readily Scale with Optimal Performance

Exceptional Global Visibility

Processes data for up to 500,000 assets in real-time

Generates network visualizations, dashboards and reports quickly

Speeds up threat detection and response with local processing of threat and asset intelligence

Consolidated Monitoring of All Facilities

Aggregates data from multiple sites when used with Central Management Console

Enables centralized security risk management for all sites

Provides visibility into all OT/ IoT environments


Easily Integrate with SOC/IT Environments

Integrated Security Infrastructure

Streamlines security processes across IT/OT

Makes it easy to harmonize security data for cohesive response

Includes built-in integrations for asset, ticket and identity management systems, as well as SIEMs

Broad Protocol Support

Supports hundreds of OT, IoT and IT protocols

Utilizes Nozomi Networks’ deep expertise in OT protocols for accurate analysis

Includes Protocol SDK and on-demand engineering services for new protocol support

Sample deployment map showing Vantage managing any number of Guardian sensors and sites

Built-in integrations make it easy to streamline security processes.

OT and IoT Security and Visibility

You can protect a wide variety of mixed environments with rapid asset discovery, network visualization and accelerated security.

Every Vantage license includes an unlimited number of Guardian virtual sensor licenses, enabling you to deploy Guardian sensors wherever you want to increase your visibility and security.

You can tailor the Nozomi Networks solution to meet your needs by utilizing its flexible architecture and integrations with other systems

Protocols and Integrations