Endpoint Segmentation Service

Easy to hack, hard to patch: Protect vulnerable endpoints plug & play.


Our solution makes it possible to secure vulnerable devices and systems (e.g. legacy/unpatchable devices or devices without embedded security), at comparatively low cost and with minimal effort. On the one hand, these devices themselves are often the target of ransomware attacks. On the other hand, they enable attackers to move easily and unnoticed within the network (lateral movement) in order to achieve their goals. Once inserted into existing network connections, our solution prevents these movements, the spread of malicious code, and the establishment of unauthorized and unwanted communication from and to such devices and systems. The solution is integrative and fits into the individual system landscape.

Research & Clinical

e.g. unpatchable medical devices, research instruments etc.

Operational Technology

e.g. protection of own network during remote maintenance

IOT & Smart Facility

e.g. intelligent door lock, elevator or display

Workplace & Home Office

e.g. ensuring network access as well as network security in the home network

Instant protection for medical devices, IoT, manufacturing etc.


Many use cases - one solution: CNC machines, production machines, research equipment, medical devices, cameras, locking systems, legacy systems (e.g. Windows 7) etc. can be protected without a complex and expensive setup. Reduce the complexity of the network to a few, standardized security profiles and a central management system.

read more

Narrowin Network Diode


Our network diode is a mini firewall that can be easily deployed between the end device and the network without extensive IT know-how. The communication connections can then be regulated via the controller. For larger network landscapes, implementation on the existing switching infrastructure (e.g. Cisco, Aruba or Cumulus) is also an option.

read more

Central management in the controller


The controller (cloud or on-premises) enables easy and efficient management of the protected endpoints via a lean and intuitive user interface. Incoming and outgoing connections can be logged and forwarded to your own log management. This gives you valuable insight into permitted and prevented communication within your network segments.

read more