Santa Clara, CA – September 21, 2022 – Ordr, the leader in connected device security, today announced new capabilities and enhancements to its AI-powered platform to help organizations discover, gain essential context, and secure their connected devices everywhere.
New integrations expand the more than 80 integrations within the Ordr Data Lake, to empower organizations with a single source of truth about connected devices and assets in their on-prem, remote, data center, private, public, and hybrid cloud environments. In addition, enhancements have been made to Ordr’s automated segmentation capabilities that help organizations accelerate and scale adoption of a true Zero Trust security posture to protect every connected device.
“Gaining visibility and control across an organization’s entire attack surface of connected assets, is one of the most fundamentally important – yet challenging – tasks facing IT and security teams today,” said Pandian Gnanaprakasam, Chief Product Officer and co-founder of Ordr. “The latest additions to our industry-leading platform will deliver complete ground to cloud visibility – from assets in remote sites, and campus devices, all the way to assets in the cloud. This “whole hospital” or “whole enterprise” approach to security, ensures that no device or connection remains unknown. We’ve also added the ability to more efficiently define and enforce segmentation to accelerate Zero Trust initiatives.”
New Ordr Ecosystem Integrations and Partnerships
The increasing growth of cloud adoption adds a visibility black hole, making it difficult to fully understand how devices are connecting – and what those devices are actually communicating with in the cloud. This increases the risk factors of connected devices exponentially. Ordr 8.1 gives organizations comprehensive visibility into their entire attack surface, from ground to cloud.
“Ordr’s coverage from day one has been excellent, being able to see all connected devices with their whole enterprise and whole hospital approach. Cloud coverage adds a critical new layer of visibility and protection for all organizations,” said Michael Grall, president and CEO, Talus Solutions. “Ordr works closely with its customers, who are some of the largest enterprises and healthcare providers in the country, so you know this solves a real problem. The new integrations are a good leading indicator of challenges organizations face, and Ordr is defining how connected device security needs to continue to evolve.”
Ordr now supports more than 80 integrations. New partnerships and technology integrations announced in Ordr 8.1 enable the following:
- Asset discovery and visibility in public and private clouds – Completely understand how on premise devices are communicating with assets in cloud environments.
- AWS – Workloads running in Amazon Web Services (AWS) environments are now visible to organizations using Ordr. Ordr AMI sensor support is also available as part of this release to provide additional insights into AWS workloads.
- VMware – Extend visibility to VMware workloads running in public, private, and hybrid cloud environments.
- Network discovery – Automatically discover, classify, and gain context for every connected device on the network. Granular device insights are combined with network details to ensure every discovered device is accurately identified, mapped to its current location, and properly secured.
- Arista – Collect connectivity data from Arista devices, adding to an already broad portfolio of network infrastructure integrations.
- Cisco Prime – Expand Cisco Prime integration with multi-instance support to gain connected device details such as physical location, device name, and network.
- ERSPAN – Extend and optimize Ordr to discover and secure devices in remote sites.
- Ordr Data Lake enrichment – Integrate with more than 80 tools across the IT infrastructure to gather and enrich connected device details, establishing a single source of truth. Gain a much more complete picture of networks, devices, and the context required to identify risk, quickly respond to threats, and stop attacks. Ordr 8.1 integrations include:
- BigFix – Improve device insights with additional context such as location, users, vulnerabilities, and the patch state of endpoints.
- Microsoft DHCP/DNS – Track DHCP assignments to devices for an accurate view of IP address bindings, increasing the fidelity and accuracy of Ordr insights.
- Osquery – Enable organizations adopting open-source Osquery endpoint agents to collect details from Linux, Windows, and macOS devices using custom query packs.
- CrowdStrike – See every managed connected device, identify unmanaged devices, and know more about device vulnerabilities and risk combining Ordr insights with CrowdStrike security data.
- Service integration page – Manage all Ordr integrations from a new simplified and informative central page in the Ordr Dashboard.
Other recently announced capabilities that enrich the Ordr Data Lake includes Ordr’s own Software Inventory Collector, that simplifies device context collection, particularly installed software and patch data.
“Software Inventory Collector gives us a view of devices and potential threats that has been nearly impossible to keep current,” said Christina Cucchetti, IS&P Operations Specialist from Nexteer Automotive. “We now have a centralized, real-time view of risk for devices across all our sites, while team members that previously spent hours manually collecting device details can focus on patching critical vulnerabilities and protecting our operations.”
Enhanced Automated Segmentation Capabilities
Organizations have struggled to achieve a true Zero Trust security posture because they lack insights needed to understand their connected devices and create appropriate security policies. Many connected devices are unmanaged or un-agentable, and have unique communication requirements. To truly achieve Zero Trust, organizations need deep visibility into connected devices – to understand how and what they’re communicating with – in order to to define, manage, and enforce segmentation.
Ordr collects and learns details needed to provide insights and automate policy creation in support of Zero Trust efforts. This includes discovering and automatically classifying each connected device – and analyzing device communications to establish a baseline for normal activity. With these insights, Ordr automatically creates reactive policies to stop attacks – as well as proactive segmentation policies to improve security.
“Ordr provides the visibility and context into all connected devices to advance our segmentation journey with Cisco ISE,” said Shawn Fletcher, Senior Systems Administrator, St. Joseph’s Healthcare Hamilton. “Ordr greatly simplifies policy administration by providing accurate device baselines that can be generated, tuned, and enforced on groups or individual devices. Ordr responded to our compliance needs with the enhanced Policy Editor and new capabilities such as the Ordr Policy Optimizer which are making it easier to automate and expand Zero Trust across our environment.”
“The power of the Ordr platform has always been its ability to automate device classification and behavioral modeling using AI. This is foundational to our Zero Trust and segmentation strategy. The feature enhancements in Ordr 8.1 will further simplify and optimize how we create and enforce segmentation policies for every connected device,” said Larry Smith, Manager, Cybersecurity Architecture and Engineering, El Camino Health.
Key segmentation features of Ordr 8.1 include:
- Automated policy creation and customization – Some device communications are infrequent, such as those related to backups or disaster recovery, and need to be accounted for when defining policies – or risk being blocked outright. Additionally, administrative requirements, common services, and other allowed activity must be taken into consideration when creating policies. With new tools such as Ordr Policy Editor, Ordr automated policies can be customized to meet business needs or account for unique requirements.
- Segmentation policy optimization – Segmentation policies must be reviewed and adjusted to ensure they provide the intended result in an optimized way and can be adapted to new requirements as needed. At the same time, overly complex policies can impact resources such as enforcement and management. New features such as the Ordr Policy Optimizer automatically compress policies, reducing policy size and complexity and making it easier to create, maintain, and enforce.
- Enforcement scaling – Enforcement points have finite resources – and must process every line of a policy – impacting performance and restricting the number of rules that can be supported. In addition, in large, complex environments, it can be challenging to support enforcement points from different vendors. With Ordr Policy Sharding, policies are automatically separated based on where enforcement or segmentation occurs, making them easier to manage and deploy. With support for enforcement point APIs or other enforcement point mechanisms, Ordr simplifies the distribution and enforcement of policies optimized for your infrastructure.
For more information about how Ordr can help security and IT teams deliver visibility and security for their connected devices, from ground to cloud, please visit www.ordr.net. Sign for the Ordr Masterclass on September 29th at 10 am PT for a technical deep dive on 8.1 security and segmentation features.