Mitsubishi Electric to Acquire Nozomi Networks
Read the News
Academia
Laboratórios
Carreiras
Login de parceiro
Suporte
NOZOMI ARC™

Security and Network Monitoring for OT Endpoints – Now with Threat Prevention

Solicitar uma demonstraçãoAssista a uma demonstração

Reduce MTTR with Safe, Automated Endpoint Threat Prevention

Fueled by our OT‑specific threat intelligence enriched with the Threat Intelligence Expansion Pack from Mandiant, Nozomi Arc delivers automated cyber threat prevention without disrupting OT operations.

It keeps processes running safely while giving asset owners complete control via flexible threat response modes suited to diverse risk environments.

Detection Mode
Provides threat visibility without intervention
Quarantine Mode
Blocks the execution of malicious files and safely contains them for forensic analysis
Delete Mode
Immediately removes malicious files, stopping threats before they can cause harm

Segurança de endpoint

Nozomi Arc is a host-based security sensor that detects and defends against malicious or compromised endpoints. It sends collected data to Nozomi Guardian or Nozomi Vantage for further analysis and correlation.

USB monitoring

Detect the use of USB devices and malicious HIDs

Correlação da atividade do usuário

Correlate events with user’s behavior

Local behavior analysis (Sigma)

Monitor local events for signs of suspicious activity

NEW
Threat Prevention (YARA & STIX)

Detect, quarantine or delete malware and malicious software

Continuous asset monitoring and VA

Collect endpoint inventory, security and performance data

Network Sensor

Arc also turns any endpoint into a lightweight network sensor by discovering nearby devices on the host’s subnet, tracking their behavior and detecting threats – without deploying Guardian sensors.

Continuous traffic monitoring

Passive analysis

Descoberta

Discover neighboring devices

Smart Polling

Enrich asset data with  active queries

Arc Beginning Arc Middle Arc End

Endpoint Security and Network Monitoring in One Solution

Segurança de endpoint

Nozomi Arc is a host-based security sensor that detects and defends against malicious or compromised endpoints and sends collected data to Nozomi Guardian or Nozomi Vantage for further analysis and correlation.

Endpoint
Security

Segurança de endpoint

Nozomi Arc is a host-based security sensor that detects and defends against malicious or compromised endpoints and sends collected data to Nozomi Guardian or Nozomi Vantage for further analysis and correlation.

Malware DetectionUSB/HID MonitoringAnomaly DetectionUser Activity CorrelationVulnerability AssessmentOffline Device Monitoring
Endpoint
Security
SVG Scroll Animation

Endpoint Security and Network Monitoring in One Solution

Segurança de endpoint

Nozomi Arc is a host-based security sensor that detects and defends against malicious or compromised endpoints and sends collected data to Nozomi Guardian or Nozomi Vantage for further analysis and correlation.

Endpoint Security and Network Monitoring in One Solution

Network Sensor

It also turns any endpoint into a lightweight network sensor by discovering nearby devices on the host’s subnet, tracking their behavior and detecting threats — without deploying Guardian sensors.

Endpoint Security and Network Monitoring in One Solution

Nozomi Arc

Together, these capabilities make Arc Endpoint Sensor a powerful tool—protecting each device it runs on while also providing visibility into the local network. By combining host-based detection and threat prevention with lightweight network sensing, Arc extends security coverage even in places where traditional sensors can’t reach.

Ponto final Security Behavioral Analysis and Threat Prevention Analyzes event logs to detect malware and other suspicious behavior Anomaly Detection Analyzes event logs to identify suspicious behavior and detects, quarantines, or deletes malicious files based on STIX and YARA rules delivered through Threat Intelligence. Vulnerability Assessment Monitors endpoints to assess security posture, including vulnerabilities USB/HID Monitoring Detects unauthorized USB plug-ins and activity such as a BadUSB attack User Activity Correlation Correlates user activity with endpoints to capture who did what, when, on which machine Offline Device Monitoring Collects field or mobile worker data when the host device isn't sending or receiving Network Sensor Local Subnet Visibility Passively discovers and monitors local traffic from host’s perspective Lateral Movement Detection Detects threats moving within a subnet such as unauthorized access between peers Segmented Zone Security Collects data in tightly segmented networks, including air-gapped segments Smart Polling Actively queries nearby devices to obtain relevant information

Top Use Cases for Host-based Sensors

By combining host-based detection and threat prevention with lightweight network sensing, Nozomi Arc extends coverage to protect assets where Nozomi Guardian and Guardian Air sensors can’t reach.

Crown Jewels

Protect critical assets where network monitoring would by be overkill

Remote Substations

Avoid limited maintenance windows to deploy and other network hassles

Low Bandwidth, High Latency

Ideal for cargo ships, mining sites and other networks where cabling is impractical

Insider Threats

Accelerate forensics by correlating suspicious user activity with specific devices

Contract Technicians

Monitor a single active session on the host device while they’re connected

Why Traditional Endpoint Security Agents Aren’t Suited for OT

Heavyweight & Disruptive

OT devices and controllers have limited computing power and memory to perform specific tasks.

Detect the Wrong Threats

Traditional agents are trained on IT environments. They don’t understand OT protocols or recognize OT baselines.

Kernel-Level Access

Unlike traditional EPP and EDR tools, Arc doesn’t operate at the kernel level and is light on system resources
ARC EmbeddedTM

Visibility All the Way Down to the Factory Floor

Arc Embedded is the first security sensor developed with OEMs to run inside industrial controllers, delivering unprecedented visibility and threat detection at Purdue levels 0-1. It monitors east-west communications, process variable readings and controller logic changes to detect threats and anomalies.

ARC EMBEDDED
Alterações no software, firmware, status do hardware, lógica do programa, utilização de recursos e estado operacional
Acesso físico, incluindo dados de login do usuário, uso de periféricos USB, arquivos transferidos, etc.
Visibilidade de nível 0-1 do modelo Purdue. Inteligência comportamental em um nível de sensor, monitorando dispositivos como válvulas, sensores, bombas e relés.

Prêmios e reconhecimentos

Recursos relacionados

POSTAGEM NO BLOG

Ameaças internas em OT/ICS exigem sensores de endpoint e análise comportamental

Ler
POSTAGEM NO BLOG

A importância da detecção de endpoints de acesso físico em OT e IoT

Ler
POSTAGEM NO BLOG

OT A segurança está se deslocando para o endpoint, onde os seres humanos interagem

Ler
VÍDEO

Turn Any Endpoint into a Security Sensor

Assista

Dê o próximo passo.

Descubra como é fácil identificar e responder a ameaças cibernéticas automatizando a descoberta, o inventário e o gerenciamento de ativos OT e IoT .

Solicite uma demonstraçãoAssista à demonstração

Assine

LinkedIn

Demonstração

PLATAFORMA

Visão geral da plataformaVantageCentral Management ConsoleGuardianGuardian AirArcAsset IntelligenceThreat IntelligenceSmart PollingIntegraçõesPSIRT

Serviços profissionais

Serviços profissionaisEngenheiro designadoServiços Fast TrackServiço de verificação de saúdeServiço de otimização

Soluções: Necessidades comerciais

Detecção e resposta a ameaçasMonitoramento contínuo da redeGerenciamento de inventário de ativosGerenciamento de riscos e vulnerabilidadesIoT SegurançaSegurança cibernética do data center

Soluções: Conformidade

NERC CIPDiretiva NIS2Diretrizes de segurança da TSA

Soluções: Setor

AeroportosServiços de eletricidadeAssistência médicaGoverno FederalFabricaçãoMarítimoMineraçãoPetróleo e gásFarmacêuticoTrilhoVarejoCidades inteligentesÁgua e esgoto

Aprender

AcademiaCarreirasEmpresaHistórias de clientesEntre em contato conoscoParceirosRecursosLaboratóriosLegalCentro de Confiança
Logotipo do LinkedIn
© 2025 Nozomi Networks Inc. Todos os direitos reservados. Política de privacidade e certificações. Status do sistema.