Guardian sensors

Guardian sensors are passive network monitoring devices that provide asset visibility, detect threats, and support secure deployments across operational (OT) and Internet of Things (IoT) environments.

Overview

Guardian sensors are hardware appliances for passively monitoring network traffic in operational technology (OT) and Internet of Things (IoT) environments. They connect to mirrored ports or taps and operate without interrupting operations. Guardian sensors:

  • Identify devices
  • Map network layouts
  • Detect vulnerabilities, and
  • Report suspicious activity

All models integrate with Nozomi Networks platforms for centralized visibility.

Models

The Guardian portfolio includes models for a range of deployment needs:

High-performance models: are rack-mounted (1U) systems for large networks. Organizations typically install them at central locations. These are the high-performance models:

  • NSG-HS 3500
  • NSG-HS 3000
  • NSG-H 2500
  • NSG-H 2000

Mid-range models: are compact rack-mounted (1U) appliances for mid-sized facilities. They support deployment across individual network segments or sites. These are the mid-range models:

  • NSG-M 1000
  • NSG-M 750
  • NS20 1000
  • NS20 750
  • NS1 250
  • NS1 100

Ruggedized models: are hardened for use in harsh or remote environments. They are suitable for small facilities or constrained spaces. These are the ruggedized models:

  • NG-500R: A 3U device
  • NS1R: DIN mountable

Portable model: The P550 is a desktop sensor for temporary use, such as audits or lab testing. It’s lightweight and easy to move between locations.

Use cases

Common scenarios for Guardian deployment include:

  • Detect threats and anomalies in OT and IoT networks
  • Identify assets and visualize network topology
  • Meet compliance and internal security requirements
  • Gain visibility into remote or hard-to-access sites
  • Perform short-term assessments and investigations

Integration and scalability

All Guardian models perform deep packet inspection and send telemetry, such as asset data and alerts, to Nozomi Networks management tools.

Use the Vantage cloud service or an on-premises Central Management Console (CMC) to manage deployments. Guardian also integrates with information technology (IT) systems and forwards events to security information and event management (SIEM) platforms.

Guardian software is also available as a virtual machine, container, or embedded image for supported third-party platforms. These options provide flexible deployment across OT and IT environments.