Endpoint Segmentation Service

Easy to hack, hard to patch: Protect vulnerable endpoints plug & play.

Our solution makes it possible to secure vulnerable devices and systems (e.g. legacy/unpatchable devices or devices without embedded security), at comparatively low cost and with minimal effort. On the one hand, these devices themselves are often the target of ransomware attacks. On the other hand, they enable attackers to move easily and unnoticed within the network (lateral movement) in order to achieve their goals. Once inserted into existing network connections, our solution prevents these movements, the spread of malicious code, and the establishment of unauthorized and unwanted communication from and to such devices and systems. The solution is integrative and fits into the individual system landscape.

Research & Clinical

e.g. unpatchable medical devices, research instruments etc.

Operational Technology

e.g. protection of own network during remote maintenance

IOT & Smart Facility

e.g. intelligent door lock, elevator or display

Workplace & Home Office

e.g. ensuring network access as well as network security in the home network

One platform for policy setting and enforcement

Reduce the complexity of a heterogeneous network with many different devices and manufacturers to a few standardized security profiles and one central management system. This way, access to and from research devices, medical devices, sensors, legacy systems (e.g. Windows 7) etc. can be regulated without a complex and expensive firewall setup.

read more

Central management via Controller

Via an intuitive user interface, the Controller (cloud or on premises) enables simple and efficient management of protected endpoints. Incoming and outgoing connections can be logged and forwarded to your log management solution. This gives you valuable insights into allowed and denied communication within your network segments.

read more

Implementation with narrowin nodes and/or on existing switching infrastructure

The solution can be implemented immediately without extensive IT know-how using our narrowin nodes. These are inserted between the end device and the network. For larger networks the solution can be implemented on existing switching infrastructure (e.g. Cisco, Aruba or Cumulus). Both options can be configured via the same central management system and thus can be used together.

read more