Deployment of Ivanti Policy Secure with Nozomi Networks SCADAguardian

This section describes the integration of Ivanti Policy Secure with Nozomi Networks. Ivanti Policy Secure receives the threat alert information from Nozomi networks solution and takes an action at the endpoint based on the admission control policies.

CS security vendors such as Nozomi Networks are deployed to passively analyse industrial protocol communication for automatic assert discovery and threat detection.

1. The device connects to Ivanti Policy Secure through Switch.

2. The device session is created on the Ivanti Policy Secure.

3. The device access details are pushed to Switch using ACL.

4. The Nozomi Networks SCADAguardian monitors the device traffic.

5. The Nozomi Networks SCADAguardian generates the syslog messages for the device.

6. The syslog message is sent to Ivanti Policy Secure if any suspicious traffic or activity is detected from the device.

7. Ivanti Policy Secure(Ivanti Policy Secure) processes the received syslog message and actions are taken based on the configured policies.

8. New/Updated ACL details are pushed to Switch for updating the enforcement of the device.