Listing Thumbnail

    Nozomi Networks Vantage OT & IoT Security Solution

     Info
    Deployed on AWS
    SaaS-Powered Security and Visibility of OT and IoT Networks
    4.3

    Overview

    Nozomi Networks Vantage leverages the power and simplicity of Software as a Service (SaaS) to deliver unmatched security and visibility across your OT, IoT, and IT networks. Vantage delivers the immediate awareness of cyber threats, risks, and anomalies you need to detect and respond quickly and ensure cyber resilience.

    Vantage accelerates digital transformation for the largest and most complex distributed networks, helping customers protect any number of OT, IoT, and IT edge and cloud assets, anywhere. Its scalable SaaS platform enables consolidation of the customer's OT and IoT security management into a single application, even as their networks quickly evolve.

    Vantage IQ, an AI/ML-based security engine, extends Vantage capabilities for deeper analytics and more automation, harnessing the scaleable computing of AWS. Built specifically for OT environments, Vantage IQ delivers AI-powered cybersecurity analysis and response to security teams. Available as an add-on to Nozomi Vantage, it replicates the domain expertise of seasoned security analysts to minimize risk and maximize resilience for large, complex operational networks at a fraction of the cost.

    Highlights

    • Identify: Automatically track OT and IoT assets with up to date, real-time asset inventory. Identify communicating assets and risks through network visualization.
    • Detect & Assess: Superior OT and IoT threat detection through anomaly detection, threat intelligence, and OT/IoT asset and process analysis. Rapidly identify vulnerabilities through automated vulnerabilities assessments. Continuously monitor and analyze network traffic via built-in support for OT and IoT protocols.
    • Act: Receive detailed, clear explanations of incidents and events as they occur. Leverage playbooks and integrations with leading security tools, including the AWS IoT Security Hub, to respond to incidents.

    Details

    Delivery method

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Buyer guide

    Gain valuable insights from real users who purchased this product, powered by PeerSpot.
    Buyer guide

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Nozomi Networks Vantage OT & IoT Security Solution

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    12-month contract (1)

     Info
    Dimension
    Description
    Cost/12 months
    Vantage Bundle T5K
    Vantage bundle - 5000 assets
    $218,880.00

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    50
    In Device Security
    Top
    50
    In Device Management, Device Security
    Top
    10
    In Healthcare & Life Sciences

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    4 reviews
    Insufficient data
    Insufficient data
    16 reviews
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Real-time Asset Inventory and Network Visualization
    Automatically tracks OT and IoT assets with up to date inventory and identifies communicating assets and risks through network visualization.
    Anomaly Detection and Threat Intelligence
    Delivers superior OT and IoT threat detection through anomaly detection, threat intelligence, and OT/IoT asset and process analysis.
    OT and IoT Protocol Support
    Continuously monitors and analyzes network traffic with built-in support for OT and IoT protocols.
    AI/ML-Based Security Analytics
    Vantage IQ leverages artificial intelligence and machine learning for deeper analytics, automated security analysis, and response capabilities built specifically for OT environments.
    Incident Response and Security Tool Integration
    Provides detailed incident and event explanations with playbook support and integrations with leading security tools including AWS IoT Security Hub for incident response.
    AI-Driven Asset Intelligence Engine
    Real-time visibility and management of billions of assets across IT, IoT, cloud, virtual, managed and unmanaged environments with high accuracy threat detection and risk assessment.
    OT/IoT and Medical Device Security
    Specialized protection for operational technology, industrial control systems, IoT networks, medical devices, and clinical assets with comprehensive ecosystem visibility.
    Vulnerability Prioritization and Remediation
    Consolidation and prioritization of vulnerabilities based on business risk with automatic remediation and ticketing workflow integration for improved mean time to resolution.
    AI-Powered Threat Intelligence
    Early warning system utilizing dark web monitoring, dynamic honeypots, attack surface modeling, and human intelligence to anticipate and preemptively neutralize threats.
    Cloud-Based SaaS Platform
    Seamless, frictionless cloud-native deployment providing continuous 24/7 protection across multiple verticals including manufacturing, healthcare, financial services, telecommunications, and government sectors.
    Threat Detection and Response
    Automatic threat detection and neutralization with 99.98% threat interception rate, supported by 24/7 managed detection and response service with threat hunting and neutralization experts
    Cloud Security Posture Management
    Continuous scanning of cloud environments to identify assets, assess security and compliance settings, detect malicious activity, and identify misconfigurations with agentless malware scanning for S3 storage and integration with AWS GuardDuty and SecurityHub
    Endpoint and Workload Protection
    Agent-based protection for Windows and Linux hosts against modern threats including ransomware, fileless attacks, and advanced malware
    Network and Firewall Protection
    Cloud-native, virtual, and physical firewall appliances providing network visibility, protection, and response across public, private, and hybrid cloud environments
    Unified Management and Orchestration
    Cloud-based centralized management platform enabling configuration, reporting, and real-time threat information sharing across endpoint, firewall, network, email, cloud, and identity solutions with automatic response actions

    Contract

     Info
    Standard contract
    No
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    4.3
    23 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    57%
    43%
    0%
    0%
    0%
    4 AWS reviews
    |
    19 external reviews
    External reviews are from G2  and PeerSpot .
    Tumi Masobe

    Unified teams have gained real-time visibility into IoT leaks and now plan maintenance proactively

    Reviewed on Jul 02, 2026
    Review provided by PeerSpot

    What is our primary use case?

    Nozomi Networks  serves a critical function for water systems here in South Africa. For example, a government utility called Rand Water uses IoT sensors to detect leaks on water supply systems. However, two divisions in their IT department had been operating in silos: the networking side and the IoT side. The IoT side lacked comprehensive security measures and only ran a firewall, which is not true IoT security. Their approach was reactive rather than proactive when solving problems. Nozomi Networks  came into the picture and provided them with visualization of their IoT network, which they had never had before.

    This solution helped them become aware of where everything is located, where all the sensors are, how they are interconnected, which ones are working properly, and which ones are not. Initially, they had to log into each device individually just to find out if it was still working or if it had detected any issues. They were not proactive at all; they were reactive when it came to managing their infrastructure.

    What is most valuable?

    The best features Nozomi Networks offers include the ability to drill into every IoT device and get detailed information on make, model, performance, and what type of errors the sensor has picked up. This provides useful information on the entire IoT network versus individual sensors scattered throughout the network that they had to manually check to try and find problems. Now they receive real-time alerts on any issues.

    Getting real-time alerts and detailed information impacts my team and clients because they can respond quickly and are more organized now. They are no longer chasing their tails. Now they can plan properly for the day and plan ahead on what needs to be resolved. This made them aware of where everything is, where all the sensors are, and how they are interconnected, which ones are working properly, and which ones are not.

    Initially, they could not do any reporting or planning because they did not have real-time data. Now they do. Now they can do all those things because they have gained visibility and information on their inventory. They are also able to do capacity planning, which is something they could not do before.

    What needs improvement?

    Nozomi Networks can be improved by integrating with other technologies so that teams look at a single dashboard when it comes to security issues. Instead of looking at two different dashboards, integration would create a single dashboard that shows where the IoT meets the network. This way, if they need to isolate any threats, those threats can be isolated on the networking side as well.

    I would give Nozomi Networks an eight because there is still room for improvement. The key issues involve reporting that needs to be integrated with networking reporting, and real-time alerts that need to be integrated into a single dashboard with other technologies. Integration is the most important part for future development.

    For how long have I used the solution?

    I have been using Nozomi Networks since five years ago, around 2021.

    What do I think about the stability of the solution?

    Nozomi Networks is very stable.

    What do I think about the scalability of the solution?

    Nozomi Networks's scalability is very impressive. I can support a huge number of IoT devices. One of the key benefits is that we do not have to use multiple tools. Nozomi Networks covers the entire infrastructure when it comes to IoT.

    How are customer service and support?

    Customer support in terms of sales and technical assistance is very good.

    Which solution did I use previously and why did I switch?

    Previously, there was no solution. That is why they relied on the network and network security to protect IoT, which was not really ideal.

    How was the initial setup?

    Deployment is quick and very easy to hand over to the customer team because it is not complicated. It works from day one.

    What about the implementation team?

    Our relationship with this vendor is structured as a reseller relationship.

    What was our ROI?

    I would say the ROI is significant in terms of time saved and resources. The IT team and the IoT team managed to combine into a single team that can handle both IoT and networking troubleshooting because of the information they receive from Nozomi Networks.

    What's my experience with pricing, setup cost, and licensing?

    My experience with pricing, setup cost, and licensing has been very seamless. The Nozomi Networks team was very helpful throughout the process.

    Which other solutions did I evaluate?

    We looked at various other technologies that were primarily open source, but nothing was examined in terms of doing a proof of concept with those technologies. We primarily focused on what information we could get from our chosen tool and what other functionality it provides.

    What other advice do I have?

    The features are great and very easy to use. The ability to navigate the platform and get useful information and reporting is much easier now. Before, it was a manual exercise where they had to try to put everything into spreadsheets and create diagrams manually to report.

    Nozomi Networks has impacted our organization positively as we have gained trust from customers in terms of the technology results and everything that the technology brings. We presented and managed to demonstrate the value for money.

    Solving incidents has improved drastically. The team is now able to plan properly. They do not spend over budget or under budget because they know exactly what needs to be resolved due to the information and visibility they have. The IoT team and the network team managed to integrate into a single team because they no longer operate as silos but as a single team that can resolve both IoT and networking security issues together.

    The security of Nozomi Networks is great. The governance complies with government security laws.

    Nozomi Networks is a very good tool, which is why we recommend it before any other product. I would give this product a rating of eight out of ten.

    reviewer2867280

    Comprehensive monitoring has strengthened fragile OT networks and improved threat detection

    Reviewed on Jul 01, 2026
    Review from a verified AWS customer

    What is our primary use case?

    My main use case for Nozomi Networks  is as an IDS, so we are selling our cybersecurity services and SOC that is primarily based on Nozomi Networks  portfolio. We place them at the user's location and send the logs to the SOC, and then we do the triage, escalations, and related tasks.

    In my day-to-day work, I use Nozomi Networks for monitoring and cybersecurity. Since OT networks are very fragile, you cannot install regular SIEM  agents. You have to do passive network traffic analysis instead.

    How has it helped my organization?

    Nozomi Networks has impacted my organization positively because we have experience with a few other vendors, and their configuration, reliability, and even threat identification are significantly lower than Nozomi Networks capabilities.

    I can tell you about specific outcomes I've seen with Nozomi Networks. For example, it definitely improved visibility because most of the clients don't know what they have in their networks. That is the first benefit. The second benefit is the fact that even though you make site visits, site surveys, and acquire asset information, there are still some remote devices that you cannot see or the customer doesn't know about. You only discover them in Nozomi Networks. The alerting options are also definitely a benefit because even though there are false positives and a required learning time, we haven't had any real incidents, but the mere fact that you are alerted for strange or unusual behaviors in the network is more than enough for us. As far as the client goes, they are also happy because we noticed the addition of new nodes to their network. They are always surprised when we alert them to these discoveries.

    What is most valuable?

    The best features Nozomi Networks offers include reliability and ease of implementation because the platform is excellently made. Many other competitors use Docker  instances. The configuration of the devices itself is straightforward. The documentation could be better, but overall, it is a great platform and we are satisfied with it.

    What makes the implementation process of Nozomi Networks stand out for me is that you only need to place network parameters such as IP address. You can use DHCP for acquiring those. There is no extra configuration step regarding SPAN ports. You just need to make mirror ports on the switches that you want to sniff traffic from, and the connectivity to either central management or Vantage  is almost 100 percent.

    What needs improvement?

    Regarding improvements for Nozomi Networks, it is hard to provide recommendations because they are already among the best vendors in the market. They are a Swiss firm that was acquired by Mitsubishi. They have grown their portfolio from an NIDS over VMs to even embedded solutions that you can put on switches, routers, or PLCs themselves. I do not see much room for improvement beyond what they currently offer. They also have wireless solutions. In the few years after I started working with them, they introduced Arcs, which are host-based sensors similar to SIEM  agents. I believe they have covered everything.

    I would add that the documentation is lacking some information, so you need to ask customer support for it, but you cannot have everything. Their customer support is excellent. They are answering tickets in an hour or two, with a maximum of a day.

    For how long have I used the solution?

    I have been working in OT cybersecurity for four years.

    What do I think about the stability of the solution?

    Nozomi Networks is stable in my experience.

    What do I think about the scalability of the solution?

    The scalability of Nozomi Networks is excellent. They have many different options so you can choose the one based on requirements and tailor it to the needs of the customer. We are primarily using Guardian , which I believe is the 100 series. It is more than enough for most of our clients. We also use Remote  Collectors in some places and Arc sensors. We also have one Guardian  Air which is currently unused because the customer doesn't know their OT networks and since it is gathering all the Wi-Fi, there are a lot of noise from IT, so we turned that off.

    How are customer service and support?

    Customer support is excellent. They give concise answers in a short time, around one or two hours. We have never waited more than a day for customer support.

    Which solution did I use previously and why did I switch?

    We have started with Nozomi Networks and we are still using it. I doubt that we will stop using it in the near future because of its reliability.

    What about the implementation team?

    We contacted Nozomi Networks directly. We are a big company and we are not using smaller distributors.

    What's my experience with pricing, setup cost, and licensing?

    I am not familiar with the pricing, setup cost, and licensing since I am in an engineering department. I just received the device and went to the customer location. I am not involved in billing and administrative matters.

    Which other solutions did I evaluate?

    Before choosing Nozomi Networks, I believe that Dragos  was one of the options, but since we started using Nozomi Networks during the Corona pandemic and customs and tax import output were favored on the side of Nozomi Networks, we proceeded with that solution.

    What other advice do I have?

    Regarding Nozomi Networks AI capabilities, IQ is a nice add-on feature because it can give you guidance and direction without reading the documentation because it works for you. It can also give you many ideas regarding playbook creation, alert triage, query generation, and assertions. I believe it is pretty useful, but it is entirely dedicated to Nozomi Networks. It doesn't know anything beyond that.

    Regarding Nozomi Networks accuracy and reliability of output, I would rate it about 70-30 because every once in a while I catch it in some inaccuracies, and then when I ask it again, it corrects itself. I believe it is a good starting place and as with any AI, you need to know about the subject matter that you are asking about. You cannot entirely rely on it blindly.

    My advice to others looking into using Nozomi Networks is that they should definitely start by making a proof of concept. The people responsible for Nozomi Networks should at least have their Nozomi certified engineer and troubleshooting certification, and the people working with the security side should have their security analyst certifications. I would rate this product a 10 out of 10.

    reviewer2867253

    Gained deep OT network visibility and now seek stronger integrations and localized reporting

    Reviewed on Jun 30, 2026
    Review provided by PeerSpot

    What is our primary use case?

    My main use case for Nozomi Networks  is to find possible vulnerabilities and threats and create a network map in operational technology networks (OT networks). I mainly accomplish this by showing customers the OT network map along with the possible threats and vulnerabilities within these networks.

    For example, in an industrial company in Peru, a customer tried to find some vulnerabilities in the OT networks. They connected the Nozomi Networks  appliance to the OT network to display a map of the devices within the network and highlight the possible vulnerabilities present.

    In end customer use cases, the main use remains the same, but another use has been to try to integrate this solution with security devices, such as firewalls, to generate policies that either block or allow certain traffic, whether it is allowed traffic or potentially threatening traffic.

    How has it helped my organization?

    Nozomi Networks has positively impacted our organization as we can visualize the traffic within the OT networks and identify the potential threats or vulnerabilities. We can generate reports for analyzing possible countermeasures and determine what improvements are needed in the future to protect the traffic and the company from such vulnerabilities.

    Concrete outcomes include generating reports on the types of traffic in the OT networks, improving our decision-making regarding security incident countermeasures, and reducing response times to incidents in the OT network because, prior to Nozomi Networks, we did not have another viable solution.

    What is most valuable?

    The best features Nozomi Networks offers include the capability to show the network map while operating in remote or sniffer mode, which is a good feature. Another feature is its ability to display vulnerabilities in OT networks, as very few solutions in the market can accurately operate within these networks to reveal potential vulnerabilities and threats. Additionally, it allows for integration with additional security devices and provides reports about this feature.

    What needs improvement?

    Integrating with other security devices is a little difficult because this process is not currently automated. I potentially need future integrations via APIs; however, at the moment there is limited integration with firewalls, such as Fortinet, but they require more development to properly integrate and generate policies in the correct order based on specific traffic, destinations, and services. Overall, while this could be a challenging integration with other security devices, it is a significant advancement compared to alternatives, but it does need further development in the future.

    Improvements for Nozomi Networks should focus on integrating with other security devices. Since Nozomi Networks operates in OT networks, I need to connect this solution with others such as SIEM , XDR , and firewalls. Additionally, the reporting system currently displays in English, but I need to enhance these reports to be in native Spanish, not merely translated, and aim for those reports to be aligned with ISO, NIST, or other frameworks to generate a greater impact within the company.

    I would also like to highlight the need for better support because when we attempt to deploy this solution with partners, the solution remains within the company but requires ongoing support for its deployment across OT networks.

    For how long have I used the solution?

    I have been using Nozomi Networks for demos and proof of concepts to review the technology and the solution, and how this solution could provide insights into threats and vulnerabilities in the network. I have been engaging in tests with end customers for around six months to one year.

    What do I think about the stability of the solution?

    At the moment I believe the features are acceptable.

    What do I think about the scalability of the solution?

    Nozomi Networks can handle growth in my organization easily. In the on-premise solution, there are various options to scale, such as considering hybrid or public cloud models, but at the moment, the company is not evaluating scaling.

    How are customer service and support?

    I have had one experience with customer support at Nozomi Networks, and it was great.

    Which solution did I use previously and why did I switch?

    I have not used a different solution before Nozomi Networks. This is my first experience with such a solution.

    Which other solutions did I evaluate?

    I evaluated other options before choosing Nozomi Networks, including options to create similar functions with firewalls using OT signatures and Nessus software. However, the final decision was to select Nozomi Networks.

    What other advice do I have?

    My advice for others looking to use Nozomi Networks is that if you are searching for a solution that provides network visibility, AI capabilities, and easy integration and deployment, then Nozomi Networks is a viable option. I would rate this product a seven out of ten.

    Pasanj Pasanj

    Network visibility has improved and monitoring of iot devices and vulnerabilities is stronger

    Reviewed on Jun 30, 2026
    Review provided by PeerSpot

    What is our primary use case?

    My main use case for Nozomi Networks  is to detect devices in the environment, especially IoT devices, or any kind of devices that connect to the network, and we need to detect them. We normally check through our console for any kind of device. For example, if a user tries to connect any device to the network or any unrecognized device is available, we monitor it. Beyond that, we check vulnerabilities of our IoT devices, mainly. We monitor any kind of abnormal traffic or any kind of abnormality on those devices, and we get a report if we want to do any patching for devices.

    What is most valuable?

    The best features Nozomi Networks  offers are device detection and vulnerability checking, including CVEs, and reports. In my scenario, for some of the devices, we cannot always know the location or whether we have missed any vulnerabilities. There is a large-scale variety of devices, so we cannot go through each device one-by-one and check if any CVEs were detected recently or are up to date. In that case, Nozomi Networks portal is good for us. For now, we use it for device detection and vulnerabilities only, and I am satisfied with the current functionality.

    Nozomi Networks has impacted my organization positively because our technical staff changes. In those cases, we sometimes do not know about certain devices. For example, it can be difficult with some devices, and they operate in unknown locations, such as webcams or IoT devices located in different areas. In that case, we can get an idea about what devices are in our network and any abnormal traffic or any kind of abnormality on our network. Nozomi Networks could be a positive impact for the organization because if any staff, such as a network engineer or other technical engineers, changes, the next new engineer can still move forward with this portal.

    Nozomi Networks has led to specific outcomes or measurable improvements for my team, including faster response times. We can say there is a faster response time because, for example, if any kind of IoT device failure occurs, we can detect it from here. Also, we can identify any kind of vulnerability impact or any incidents that happen on those devices because of vulnerabilities. We can do incident investigation through this portal as well, so it is good for the company's security posture.

    What needs improvement?

    I feel Nozomi Networks can be improved by integrating SIEM  features on this portal. If we integrate both features, such as SIEM  on top of Nozomi Networks, then the analysis part would be much easier for the users, and we can improve the company's security posture. In that case, sometimes we could avoid using so many tools, such as Nozomi Networks for device detection and a SIEM for different checks. If we use one tool for all of them, that would be beneficial for the company. I did not feel any kind of issue up to now, and I am not sure about the future.

    For how long have I used the solution?

    I have been using Nozomi Networks for around one year.

    What do I think about the scalability of the solution?

    I have not felt anything about Nozomi Networks' scalability in this scenario since it is already deployed.

    How are customer service and support?

    The customer support was good as one time I contacted support, and I got a good reply from them. It was quite an effective response at that time.

    Which solution did I use previously and why did I switch?

    I do not have any idea about a different solution used before Nozomi Networks. When I joined this company, it was already deployed.

    What other advice do I have?

    My advice to others looking into using Nozomi Networks is that if any organization has large-scale OT devices or does not have a clear picture of their network diagrams or has a messy network, it is better to deploy a tool such as Nozomi Networks to keep track of the devices. Then the security posture can be improved with this portal. It is better to deploy this product. Even if a company changes their technical staff, the other team members can function well with this tool. I would rate this product an eight out of ten.

    Edwin Kamunde

    Improved OT visibility has protected geothermal operations and now secures critical power assets

    Reviewed on Jun 30, 2026
    Review provided by PeerSpot

    What is our primary use case?

    For the utility company named KenGen, Nozomi Networks  is used for their OT security. They monitor their power infrastructure within the power stations located in Olkaria. We are currently connected to about four different power stations and all interconnected to the head office within the same area.

    Right now they use it to monitor all their IoT and OT networks within the power grid. For example, they have most of their IoT sensors which are used to monitor the geothermal power plant where they have steam wells which have been dug in different areas and they use IoT connectivity which is connected via 4G network and LTE. Before Nozomi Networks , they had no visibility of all these remote sites. With Nozomi Networks, they have been able to monitor and see every single packet that passes through all these IoT networks and it is all consolidated at the head office and now they have full visibility of these wells, which had been a challenge for quite some time. This particular use case has benefited them greatly.

    For now, we are in discussions with the only oil and gas company in Kenya. They deliver oil and petroleum products all the way from the Mombasa port into Kenya, all the way to Uganda, which is a neighboring country and beyond. They are seeing the value of also monitoring and securing their SCADA networks which is also one of the use cases that Nozomi Networks shines a lot in delivering value for all the other oil and gas companies they have worked with. From my perspective, that could be a great next use case that we are really pursuing and hoping to bring extensive value into their organization.

    What is most valuable?

    The best features for Nozomi Networks include the fact that Nozomi Networks is able to offer more visibility on particular protocols that using current IT-focused security solutions, they are not able to monitor. The fact that it is able to integrate the IT and OT side of customer networks brings a lot of value to them and that is one feature I would say is the best currently within this particular market.

    The one thing that we noticed with the current customer who is using the solution is that once we initially took them through the first training, they actually appreciated it very much and we did not need to keep redoing it, which shows the ease of use for the technical team as well as the way they are able to break down the reports. It is very easy to do various custom reports for the management, senior management, for the engineer levels, and for those who are actually on the ground. All this is done from a single pane of glass. It is not necessary to keep on initiating and drafting new reports. You are able to easily export and specify this is for the managerial level, they get a custom type of report. For those who are below, they are able to get different types of reports. The engineers get now more technical details about what is going on in the network.

    Since we deployed the solution almost over three years back, it has to be three years by next year. The organization has gained greatly from the particular solution that we deployed. They have mitigated quite a number of attacks and incidents and ever since we started running the solution, there have not been any OT-based security breaches. The training has helped to avoid any in-house concerns that would be resulting from internal users making mistakes. The solution has been really well absorbed and utilized well to secure their infrastructure.

    What needs improvement?

    Customer support is something I think there is a slight challenge on responses on email. But on escalating with the team in Dubai, then we get things solved. If the support could be improved on that, that would be a good thing.

    The pricing was quite high based on the end customer's perspective. They negotiated, but they would have preferred a cheaper option. Though Nozomi Networks offered all the features that they needed and they had to invest in that. So also the partners had to reduce our margins, which was quite painful for us, but we still delivered the solution. If something can be done on pricing, that can be quite good, especially for the African region.

    For how long have I used the solution?

    I have used Nozomi Networks for almost five years.

    Which solution did I use previously and why did I switch?

    We were not using any other solutions. Nozomi Networks was the first OT security solution. The customers had considered Darktrace , but they did not want any cloud offering. So we had to pitch Nozomi Networks for their on-premises offering.

    How was the initial setup?

    Running a proof of concept is always the best way to go, to enable us to clearly see the depth of the particular scope of the deployment. This way now we are able to understand how many Guardians are needed, how many remote collectors are needed, and what type of connectivity will be used and gives us more insight on the IP allocation and the likes. That would be a good place to start from my perspective.

    What was our ROI?

    Definitely there are fewer employees needed, so there is savings on that. Now that monitoring is real-time and more dispatched, the actions are such that notifications come in promptly and the engineering team is able to act on any issue that comes up faster. There is a lot of time saved in terms of incident response and also the reduced number of incidents. The efficiency of the organization, the fewer employees needed, and the time saved has greatly offered the customer a decent return on investment on this particular solution.

    Which other solutions did I evaluate?

    Darktrace  was the only other contender which was considered. We only reviewed Darktrace and Nozomi Networks, and Nozomi Networks came out the winner in this particular case.

    What other advice do I have?

    In terms of response time, it has greatly improved because they have notifications and emails which are always sent when there is any incident that has happened. The notifications are very prompt and very specific to particular staff and personnel who are able to approach and solve and deal with a particular issue immediately. The response time has increased by about 70% based on how it was. Before, it was a very manual way of doing it and until there is a breakdown or something has happened and sending an engineer to the ground, that part has been eliminated. The notifications are quite direct and straight. This has really improved their delivery. In terms of incidents, before, they were not even monitored, but now incidents have actually, in the plant, there is no security incident that has come up that has caused the plant to be maybe out of commission or any part of the network which is negatively affected. For the entire time Nozomi Networks has been running within the network, incidents have reduced by almost 50-60%.

    Nozomi Networks has really offered a stellar performance within the organization and there is not any specific part that needs improvement for now.

    The AI aspect is quite secure for now, so long as the AI is not connected to the internet, there is a lot of security because most of these customers, even in the country, these are utility, government, national infrastructure organizations. The security and connectivity out, just being on-premises and all the models are running within the network really helps to offer that additional security. In terms of the governance side, we just need more education to be done to the end customers just to make sure they align to the governance of the organization when it comes to AI.

    The accuracy of Nozomi Networks is quite standard. It is quite good. The accuracy is above 90%. I have not experienced any breakdowns or issues, so the reliability is quite good. The output is quite specific for the end customer, which is quite beneficial and I commend Nozomi Networks for delivering that.

    The scalability is quite easy. The remote collectors can be deployed across regions and also there is the vantage offering which offers for organizations distributed across different geographical regions. The scalability is quite easy and straightforward to achieve.

    So far, we may need a bit more marketing within the market, because I think of the price of the solution, we have a very limited range of customers to offer the solution to due to the cost implication. If there is an option which is a cheaper option for Nozomi Networks that could come up with to offer the enterprise market within Kenya and the East African region, that would be a better way now of getting the solution into enterprise-level organizations like the banks and maybe hospitals and the like. I would rate this review overall as a 9.

    View all reviews