Mitsubishi Electric to Acquire Nozomi Networks
Read the News
Académie
Laboratoires
Carrières
Connexion des partenaires
Soutien
NOZOMI ARC™

Security and Network Monitoring for OT Endpoints – Now with Threat Prevention

Demander une démonstrationRegarder une démo

Reduce MTTR with Safe, Automated Endpoint Threat Prevention

Fueled by our OT‑specific threat intelligence enriched with the Threat Intelligence Expansion Pack from Mandiant, Nozomi Arc delivers automated cyber threat prevention without disrupting OT operations.

It keeps processes running safely while giving asset owners complete control via flexible threat response modes suited to diverse risk environments.

Detection Mode
Provides threat visibility without intervention
Quarantine Mode
Blocks the execution of malicious files and safely contains them for forensic analysis
Delete Mode
Immediately removes malicious files, stopping threats before they can cause harm

Sécurité des Endpoint

Nozomi Arc is a host-based security sensor that detects and defends against malicious or compromised endpoints. It sends collected data to Nozomi Guardian or Nozomi Vantage for further analysis and correlation.

USB Monitoring

Detect the use of USB devices and malicious HIDs

User Activity Correlation

Correlate events with user’s behavior

Local Behavior Analysis (Sigma)

Monitor local events for signs of suspicious activity

NEW
Threat Prevention (YARA & STIX)

Detect, quarantine or delete malware and malicious software

Continuous Asset Monitoring and VA

Collect endpoint inventory, security and performance data

Network Sensor

Arc also turns any endpoint into a lightweight network sensor by discovering nearby devices on the host’s subnet, tracking their behavior and detecting threats – without deploying Guardian sensors.

Continuous Traffic Monitoring

Passive analysis

Découverte

Discover neighboring devices

Smart Polling

Enrich asset data with  active queries

Arc Beginning Arc Middle Arc End

Endpoint Security and Network Monitoring in One Solution

Sécurité des Endpoint

Nozomi Arc is a host-based security sensor that detects and defends against malicious or compromised endpoints and sends collected data to Nozomi Guardian or Nozomi Vantage for further analysis and correlation.

Endpoint
Security

Sécurité des Endpoint

Nozomi Arc is a host-based security sensor that detects and defends against malicious or compromised endpoints and sends collected data to Nozomi Guardian or Nozomi Vantage for further analysis and correlation.

Malware DetectionUSB/HID MonitoringAnomaly DetectionUser Activity CorrelationVulnerability AssessmentOffline Device Monitoring
Endpoint
Security
SVG Scroll Animation

Endpoint Security and Network Monitoring in One Solution

Sécurité des Endpoint

Nozomi Arc is a host-based security sensor that detects and defends against malicious or compromised endpoints and sends collected data to Nozomi Guardian or Nozomi Vantage for further analysis and correlation.

Endpoint Security and Network Monitoring in One Solution

Network Sensor

It also turns any endpoint into a lightweight network sensor by discovering nearby devices on the host’s subnet, tracking their behavior and detecting threats — without deploying Guardian sensors.

Endpoint Security and Network Monitoring in One Solution

Nozomi Arc

Together, these capabilities make Arc Endpoint Sensor a powerful tool—protecting each device it runs on while also providing visibility into the local network. By combining host-based detection and threat prevention with lightweight network sensing, Arc extends security coverage even in places where traditional sensors can’t reach.

Endpoint Security Behavioral Analysis and Threat Prevention Analyzes event logs to detect malware and other suspicious behavior Anomaly Detection Analyzes event logs to identify suspicious behavior and detects, quarantines, or deletes malicious files based on STIX and YARA rules delivered through Threat Intelligence. Vulnerability Assessment Monitors endpoints to assess security posture, including vulnerabilities USB/HID Monitoring Detects unauthorized USB plug-ins and activity such as a BadUSB attack User Activity Correlation Correlates user activity with endpoints to capture who did what, when, on which machine Offline Device Monitoring Collects field or mobile worker data when the host device isn't sending or receiving Network Sensor Local Subnet Visibility Passively discovers and monitors local traffic from host’s perspective Lateral Movement Detection Detects threats moving within a subnet such as unauthorized access between peers Segmented Zone Security Collects data in tightly segmented networks, including air-gapped segments Smart Polling Actively queries nearby devices to obtain relevant information

Top Use Cases for Host-based Sensors

By combining host-based detection and threat prevention with lightweight network sensing, Nozomi Arc extends coverage to protect assets where Nozomi Guardian and Guardian Air sensors can’t reach.

Crown Jewels

Protect critical assets where network monitoring would by be overkill

Remote Substations

Avoid limited maintenance windows to deploy and other network hassles

Low Bandwidth, High Latency

Ideal for cargo ships, mining sites and other networks where cabling is impractical

Insider Threats

Accelerate forensics by correlating suspicious user activity with specific devices

Contract Technicians

Monitor a single active session on the host device while they’re connected

Why Traditional Endpoint Security Agents Aren’t Suited for OT

Heavyweight & Disruptive

OT devices and controllers have limited computing power and memory to perform specific tasks.

Detect the Wrong Threats

Traditional agents are trained on IT environments. They don’t understand OT protocols or recognize OT baselines.

Kernel-Level Access

Unlike traditional EPP and EDR tools, Arc doesn’t operate at the kernel level and is light on system resources
ARC EmbeddedTM

Visibility All the Way Down to the Factory Floor

Arc Embedded is the first security sensor developed with OEMs to run inside industrial controllers, delivering unprecedented visibility and threat detection at Purdue levels 0-1. It monitors east-west communications, process variable readings and controller logic changes to detect threats and anomalies.

ARC EMBEDDED
Modifications du logiciel, du micrologiciel, de l'état du matériel, de la logique du programme, de l'utilisation des ressources et de l'état de fonctionnement
Accès physique, y compris les données de connexion des utilisateurs, l'utilisation de périphériques USB, les fichiers transférés, etc.
Visibilité de niveau 0-1 du modèle Purdue. Intelligence comportementale au niveau des capteurs, surveillance des dispositifs tels que les vannes, les capteurs, les pompes et les relais.

Prix et reconnaissance

Ressources connexes

BLOG POST

Menaces d'initiés sur OT/ICS Appel à Endpoint Capteurs et analyse comportementale

Lire
BLOG POST

L'importance de la détection des Endpoint physiques dans les domaines de OT et de l'IoT

Lire
BLOG POST

OT La sécurité se déplace sur le site Endpoint - là où les humains interagissent

Lire
VIDÉO

Turn Any Endpoint into a Security Sensor

Regarder

Passez à l'étape suivante.

Découvrez à quel point il est facile d'identifier les cybermenaces et d'y répondre en automatisant la découverte, l'inventaire et la gestion de vos actifs OT et IoT .

Demander une démonstrationRegarder la démo

S'abonner

LinkedIn

Démonstration

PLATEFORME

Aperçu de la plate-formeVantageCentral Management ConsoleGuardianGuardian AirArcAsset IntelligenceThreat IntelligenceSmart PollingIntégrationsPSIRT

Services professionnels

Services professionnelsIngénieur désignéServices Fast TrackService de bilan de santéService d'optimisation

Solutions : Besoins des entreprises

Détection et réponse aux menacesSurveillance continue du réseauGestion de l'inventaire des actifsGestion des risques et des vulnérabilitésIoT SécuritéCybersécurité des centres de données

Solutions : Conformité

NERC CIPDirective NIS2Directives de sécurité de la TSA

Solutions : Industrie

AéroportsServices d'électricitéSoins de santéGouvernement fédéralFabricationMaritimeExploitation minièrePétrole et gazPharmaceutiqueRailVente au détailVilles intelligentesEau et eaux usées

Apprendre

AcadémieCarrièresEntrepriseTémoignages de clientsNous contacterPartenairesRessourcesLaboratoiresJuridiqueCentre fiduciaire
Logo LinkedIn
2025 Nozomi Networks Inc. Tous droits réservés. Politique de confidentialité et certifications. État du système.