Home
Arc
Introduction
An overview of Arc.
Security measures
A description of the security measures that Arc uses.

Arc
- Introduction
  An overview of Arc.
  - Arc overview
    Arc™ is a host-based sensor that detects and defends against malicious or compromised endpoints, and insider attacks. You can use Arc sensors to aggregate data for analysis and reports, either on-premises, or in the Vantage cloud.
  - Arc Embedded
    This version of Arc can be embedded directly on programmable logic controllers (PLCs).
  - Architecture
    It is important to understand the different architecture possibilities that are available with Arc.
  - Arc in Guardian
    The Arc button in the Guardian Web UI lets you access the different pages for Arc.
  - Arc in CMC
    The Arc button in the Central Management Console (CMC) Web UI lets you access the different pages for Arc.
  - Deployment
    The Deployment page shows a table of all the devices available for Arc deployment.
  - Deployment settings
    The Deployment settings page lets you configure the settings for your Arc deployment.
  - Node points
    The Node points page shows data points that are collected over time, and represent the state of the target machine.
  - Dependencies
    The Dependencies page shows the status of the dependencies. When a dependency is missing, you can use the upload icon in the Actions column to upload it.
  - Arc in Vantage
    The Sensors page shows all the Arc sensors in the network. It also lets you connect an Arc sensor.
  - Viewing data from Arc
    The data Arc acquires can be viewed in different places, and in different formats.
  - Commands syntax
    The example commands given in this documentation are for Microsoft Windows. Some of these commands are the same in other operating systems (OS), but when a procedure is specific to a different OS, the correct syntax for that OS is used.
  - Security measures
    A description of the security measures that Arc uses.
  - Detection information
    The information that Arc detects, listed for each operating system (OS). The table shows two types of Category: network and asset. When the Category is listed as network, it means that the detection is based on information that has been extracted from the network. When the Category is listed as asset, it means that the detection is based on information that has been extracted from the asset.
- Requirements
  The machine and network requirements necessary to use Arc.
- Preparation
  Information on how to import Arc packages, and install a license.
- Configuration
  Details on how to configure Arc.
- Deployment
  Information on how to deploy Arc. This includes details for manual and automatic deployments, and deployment through a mobile device management (MDM) system.
- Execution
  Information on the different modes that you can use with Arc.
- Troubleshooting
  Troubleshooting procedures to help you solve problems that might occur when you use Arc.
- Print format documentation
  A list of all the print-format documentation that is available for Arc.

Security measures

A description of the security measures that Arc uses.

Management

Admin/root users should manage Arc and should do the:

Install
Uninstall
Execution

Digital signature

Nozomi Networks signs all delivered executable files for Windows and macOS.

Obfuscation

Executable files are subject to obfuscation.

Unidirectional communication

It is not possible for an external host to establish communication to Arc to use it as an attack vector to the machine hosting it.

Communication

Arc uses transport layer security (TLS) 1.2/1.3 communication to the upstream machine.

Data availability

If the communication link between Arc and Vantage/Guardian becomes unavailable, Arc keeps the collected information locally. Once the communication link is available again, the information will be sent. The maximum amount of collected information depends on the resource usage limits that have been set.