Benefits

The most effective means to protect IoT and digital OT devices is through IEC microsegmentation and Zero Trust policy rules. Palo Alto Networks Next-Generation Firewalls (NGFWs) provide scalable policy enforcement and segmentation controls for the enterprise. OrdrAI Protect discovers, classifies and groups all devices and automatically maps them into their respective zones, areas, and cells using PAN-OS tags, and then dynamically generates NGFW security policy rules using these tags to deliver streamlined microsegmentation.

Download the complete solution brief for more details.

Benefits

• Automating IoT inventory discovery, classification, and categorization, and sharing detailed device context with ClearPass
• Providing rich analytics about the behavior of all devices that guides segmentation design, streamlines the segmentation implementation, and audits the result to assure accuracy and effectiveness
• Quickly contain threats and protect at-risk devices
• Accelerating ClearPass deployments with powerful yet easy-to-use tools that provide accurate device information and automate steps that are traditionally error-prone and labor intensive

Benefits

Gain complete device visibility

• See into all devices – agentless and agent-based
• Track both online and offline devices continuously
• Identify unmanaged devices without CrowdStrike agent for compliance

Minimize risk with better insights

• Improve Ordr risk score accuracy with supplemental event data from CrowdStrike

Remediate faster

• Improve threat detection and incident response time with a combination of Ordr endpoint flow & CrowdStrike process data

• Block/quarantine/segment managed endpoints in Ordr for rapid remediation via the network

Benefits

With the integration, joint customers can now: 

• Discover and inventory every connected network asset, including the massive volume of IoT and unmanaged devices, and make available across the Fortinet Security Fabric, from endpoint to edge, through FortiNAC, FortiManager, and FortiGate 
• Establish comprehensive security controls that restrict IoT devices to known-good network behaviors 
• Manage firewall and NAC policies using business-relevant context such as device type, manufacturer, location, risk, and function rather than IP addresses 
• Automate updates of firewall groups and address info to ensure consistent policy enforcement regardless of device location, VLAN, or IP assignment, thus drastically reducing operational costs and downtime 
• Protect critical devices with automated, zone-based segmentation and microsegmentation within zones 

Benefits

Gain Complete Device Visibility

• See granular details for all agentless and agent-based devices.
• Track both online and offline devices continuously.
• Identify unmanaged devices without the SentinelOne agent to meet compliance requirements.

Minimize Risk with Extended Insights

• Improve risk score accuracy with supplemental event data from SentinelOne.

Remediate Faster

• Improve threat detection and incident response with combined Ordr endpoint flow and SentinelOne process data.
• Block/quarantine/segment managed endpoints in Ordr for rapid remediation via the network.

Benefits

• Real-time asset inventory – Ordr continuously analyzes device traffic sent from Gigamon to passively discover an automatically classify every device connected to the network to help you maintain an up-to-date and accurate inventory.
• Connected device risk – using the traffic captured and optimized by Gigamon Hawk, Ordr calculates device risk scores and uncovers connected devices with risk such as outdated operating systems, unpatched software, weak passwords, and manufacturer recalls. Ordr also maps and baselines device communications to identify risk and stop attacks.
• Accelerate Zero Trust – working together, Gigamon and Ordr can map and baseline all IT, IoT and other device communications. Ordr can then dynamically create Zero Trust policies to simplify and accelerate NAC and segmentation projects. These policies can be enforced with popular security and network devices to integrate with existing infrastructure tools.

Benefits

• Comprehensive Coverage – Ordr’s identification and classification of lightweight, agentless devices allows administrators to quickly exclude specific IoT devices or categories from active Rapid7 scans, opening network segments to vulnerability scanning that had previously been excluded.
• Optimized Scanning – Using Ordr’s detailed insight into device types, scan sensitivity, and their critical role within the organization, Rapid7 scans can be tailored to each device.
• Proactive Protection – Rather than blocking or quarantining critical IoT devices after infection, Ordr’s segmentation policies create barriers that protect vulnerable devices while still enabling essential services.
• Smart Scheduling – Ordr tracks utilization patterns for critical devices, allowing administrators to schedule vulnerability scans for times when devices are not in use, minimizing disruption and operational risk.