Armis Strengthens Partnership with Fortinet

Bringing Comprehensive Visibility and Enforcement from IT to OT

The expansion of our digital footprint across the globe continues to increase at a faster pace, meaning 55.7 billion connected IoT devices will be generating 80B zettabytes (ZB) of data by 2025^[1]. Driven by the desire to innovate, streamline operations and become ever more efficient, this trend is wreaking havoc on both our traditional IT and cybersecurity operations, as these systems were never designed to cope with the amount of connected assets, the diversity of devices, nor the amount of information and noise emanating from what we can term the new endpoint. In fact, the vast majority of enterprises have no idea how many and what connected devices are in their environment.

This lack of visibility is dramatically weakening our ability to enable the right cyber security prevention systems, access policies, network segmentation controls, business continuity plans and incident response capabilities.

In 2023, it is now well understood that all sectors of business must modernize IT and cybersecurity operations to meet this tidal wave of these new assets. To move forward, we must go back to the fundamentals of cybersecurity hygiene by building a comprehensive, unified, and accurate map of every asset, removing our blind spots and bringing visibility back to operations on a continuous basis.

However, visibility is not enough. The intelligence and data gathered from the assets must be federated to other IT and cyber systems so we can ultimately enhance asset management, Security Information and Event Systems (SIEMs), workflow and incident response tools and very importantly, cyber security prevention systems that manage the security controls and buy down risk.

For this reason, Armis and Fortinet are further deepening our partnership to help our clients  continuously and dynamically assess, manage and reduce the attack surface.

With the release of v23.0 of the Armis Unified Asset Intelligence Platform, we are delivering on the vision to modernize cybersecurity, bringing comprehensive visibility and enforcement to all industries.

The collaboration between Armis and Fortinet now delivers:

Comprehensive Attack Surface Assessment Across Any Environment

• Armis and Fortinet provide highly complementary asset visibility and security control for managed and unmanaged devices, whether IT, IoT, IoMT, OT or ICS. Armis utilizes existing management platforms and passive traffic monitoring to discover and identify every device in any environment.
• Combining the Armis Collective Asset Intelligence Engine with Fortinet’s Security Fabric reduces the exposure to the risks of unmanaged and unknown devices and provides security teams with deeper device insights—all done without disrupting critical business operations.

Rapid Asset Discovery

• Armis integrates with Fortinet’s Fortigate Next Generation Firewall, allowing the Armis platform to ingest network traffic for analysis directly.
• Armis can leverage the existing Fortigate infrastructure to gather information about devices in remote locations and is especially effective in environments with distributed internet connectivity and SD-WAN.

Tighten Security Controls with Dynamic Policies

• Armis communicates with FortiManager to both receive policy information as well as modify FortiGate policies in real-time based on configurable rules. As Armis discovers and identifies devices and their associated risks and behaviors, Armis can inform FortiManager to alter policies in response.

• Source conditions can be dynamically added and changed in real-time, allowing the administrator to automatically change traffic parameters. Use cases include applying additional logging or IDS and AV policies to high-risk devices, and even enforcing and blocking devices from accessing critical resources or the network altogether.

• In addition, Armis provides visibility into traffic and protocol patterns in the context of device types. Administrators can utilize this knowledge to create more concise network policy rules and reduce the attack surface in critical networks, such as OT/ICS networks and data centers.

Extended Detection and Response (XDR)

• Armis uses continuous device analysis to detect threats and vulnerabilities associated with managed, unmanaged and IoT, IoMT, OT and ICS devices (i.e., CVEs, unsupported operating systems, etc.). This analysis is based on information from the Armis Collective Asset Intelligence Engine and from premium, globally shared threat intelligence feeds.

• When Armis identifies a vulnerable or malicious device, it can now automatically inform the FortiSIEM and provide contextual details to enhance its behavior analytics capabilities. Armis’ visibility extends deep into all segments of the network, even where security devices or intrusion detection systems may not reach.

^[1] Source: IDC, Future of Industry Ecosystems: Shared Data and Insights