In addition to maintaining a leadership position in network and workload zero trust security, Guardicore is continually extending the network security fabric to devices in OT, IoT and additional environments, providing access management along with context of the device with no agent install required.

The ideal way of getting visibility and enforcing policy is to use a host-based agent to report communications for each workload. However, there are cases where an agent cannot be installed such as in OT environments, IoT devices, legacy mainframes, medical devices etc.

To address this growing need for protecting IoT and OT environments, Guardicore has extended its policy model to include enforcement for devices where agents can not be installed, by integrating with 3rd party solutions. In addition, we have extended our orchestration capabilities and integrated with specialized CMDB and device identification solutions such as Armis and ORDR. 

Guardicore’s Collector now supports NetFlow, sFlow and IPFIX to deal with devices that can not take a software agent. Network administrators can configure their switches and flow aggregators like Gigamon, IXIA and many others to share telemetry and flow data using this Collector.  Security policies can then be created and converted into ACLs that switches understand natively and easily applied to these switches.

Providing visibility and enforcement to OT & IoT environments

A successful ransomware attack can be devastating to any business. A Forrester report ‘’New Tech: Microsegmentation, Q3 2021’, published September 8 of this month, noted that “microsegmentation will slow down the propagation of future ransomware”. Several years ago, Guardicore pioneered the identity-based microsegmentation solution category and now has even more capabilities to ensure the fastest and simplest deployment of anti-ransomware strategies.

Centra’s Network Log showing a blocked DNS site by both IP and domain name

Our enhanced AI-based labeling capability provides administrators with label suggestions customized to the asset’s applications and roles. This capability is based on advanced algorithms that analyze asset traffic and meta data that is collected from the deployed applications and assign the labels that are most critical to your environment needs.

With today’s dynamic threat environment, threat hunting is becoming increasingly important for any company wishing to stay ahead of threats and swiftly respond to potential attacks. Guardicore Hunt, a new managed threat hunting service offering from Guardicore Labs, can help you detect threats that go undetected by standard defense solutions and better protect your organization.

Here’s how the Guardicore Hunt team works:

Introduced 8 months ago, Guardcore’s ransomware recovery and response templates allow users to ring-fence critical applications, backups, file servers and databases, including all the necessary labels and rules required to achieve this.

These new improvements to Guardicore Centra make it the fastest and simplest solution to protect against ransomware and meet the needs of zero trust segmentation. The addition of agentless visibility and enforcement enables businesses to progress their zero trust initiatives to assets that would otherwise be left vulnerable. The addition of DNS security means a drastic reduction in the likelihood of threat actors being able to gain an initial foothold. Leveraging AI for labeling makes for a rapid path to segmentation, the most effective way to reduce the ability of adversaries to move laterally and ransomware to propagate. Finally, with the Guardicore Hunt, businesses can close the talent gap for the overwhelming number of businesses with an immediate need of expert threat hunters to root out existing threats and reduce the likelihood of future breaches. Learn more on how Guardicore helps businesses prevent and mitigate ransomware: Akamai Guardicore Segmentation.