Armis and Fortinet Better Together Blog, Post Preview, 2026

Better Together: How Armis From ServiceNow and Fortinet Are Strengthening Critical Infrastructure Security For State and Local Governments

By Kam Chumley-Soltani |

July 17, 2026

State and Local Government agencies manage some of the Public Sector’s most complex and consequential technology environments. Transportation systems, utilities, public safety networks and smart city infrastructure are increasingly interconnected, expanding the attack surface faster than many teams can track. For agencies responsible for systems citizens depend on daily, the greatest exposure often sits between knowing a risk exists and being able to act on it.

The integrated Armis from ServiceNow and Fortinet solution helps close that gap by combining deep asset visibility with consistent policy enforcement, creating a security posture that is proactive and operationally sustainable.

A Quickly Evolving Threat Environment

Three converging forces are accelerating the challenge for State and Local Government security teams. First, artificial intelligence (AI) is lowering the barrier for adversaries. Attack campaigns that once required significant technical sophistication, including convincing phishing and automated reconnaissance, are now accessible to less experienced threat actors. Armis from ServiceNow and Fortinet have invested heavily in AI-driven detection, but defenders and attackers are gaining capability simultaneously.

Second, regulatory accountability is increasing. Frameworks and directives from the Transportation Security Administration (TSA), the Environmental Protection Agency (EPA) and the North American Electric Reliability Corporation (NERC) are establishing baseline requirements many agencies are still working to meet. For smaller organizations with constrained staff, the burden can be significant. A platform that consolidates visibility and enforcement into a coordinated program helps agencies demonstrate compliance without multiplying operational overhead.

Third, data sovereignty concerns are growing as citizen-facing systems become more connected. Utilities, building management systems and public-facing applications all carry sensitive data, and every integration expands the attack surface. Nation-state actors increasingly target smaller utilities, not necessarily for immediate impact, but to pre-position inside environments and test attack methods before scaling them elsewhere. Agencies that would not consider themselves high-value targets now operate in a different threat landscape.

Understanding Every Asset Across IT/OT Environments

At the foundation of the Armis from ServiceNow and Fortinet integration is a shared recognition that agencies cannot secure what they cannot see. Armis from ServiceNow addresses this challenge by leveraging network telemetry, extensive integrations and industry-leading asset intelligence to deliver complete asset visibility across Information Technology (IT), Operational Technology (OT) and Internet of Things (IoT) environments. This gives organizations a detailed, contextual view of every network device within a single platform.

The visibility goes beyond device enumeration. Armis from ServiceNow profiles device behavior, communication patterns, firmware versions, vulnerabilities and operational context, assigning each asset a unique risk score. It identifies anomalies, flags deviations from baseline behavior and surfaces threats that traditional security tools may overlook, especially in OT environments that operate on industrial protocols and different communication norms than enterprise networks.

For State and Local agencies managing both office networks and control systems for physical infrastructure, this contextual awareness is foundational. Understanding which devices are present, what they are doing and whether that behavior is normal helps security teams prioritize response rather than chasing alerts.

Connecting Asset Intelligence to Security Enforcement

Armis and Fortinet Better Together Blog, Embedded Image, 2026

Visibility alone does not reduce risk. The Armis from ServiceNow and Fortinet integration is built on the principle that context plus control enables action. Armis from ServiceNow provides asset intelligence and detects cyber exposure risks, while Fortinet leverages that enriched data to strengthen security operations and consistently enforce network policies.

Through this bi-directional integration, FortiNAC, Fortinet’s Network Access Control platform, receives higher-quality, more detailed asset information than it would alone. This supports more informed access decisions, more precise segmentation and lower risk of disrupting operations through enforcement actions applied without full environmental awareness. Attempting to segment a network without understanding dependencies can cause unintended outages, particularly in OT environments with communication patterns that may not be obvious.

FortiManager extends this capability by helping agencies manage enforcement policies at scale across multiple devices. FortiAnalyzer supports alert correlation and incident workflows that surface the highest-priority issues instead of generating undifferentiated noise. Together, the integration reduces alert volume by improving signal quality, allowing small teams to focus on meaningful threats.

Addressing the Realities of IT/OT Convergence

The interconnection of enterprise networks with OT systems, building management infrastructure, transportation networks and public safety platforms in State and Local Government has introduced dependencies many agencies are still mapping. In these environments, risk does not stay where it starts.

Attackers move across IT and OT environments without regard for organizational boundaries—coordinated defenses are built to do the same. That coordination requires a shared visibility layer both teams can reference and a security strategy that accounts for the protocols, behaviors and operational requirements of both environments. Armis from ServiceNow supports protocol-aware OT monitoring, including the ability to detect unauthorized commands, mode changes and logic alterations on programmable logic controllers. Fortinet extends that intelligence into enforceable policy at the network boundary.

For agencies early in this journey, the integration supports a crawl-walk-run approach. Organizations can build asset clarity first, establish a realistic baseline and then implement segmentation strategies without prematurely disrupting operations.

People and Processes Before Technology

Many critical infrastructure risks are not caused by sophisticated attacks, but by inherited trust, shared access and limited segmentation. Vendors arriving for maintenance, legacy systems with unclear network dependencies and dual-homed assets that bridge OT and IT environments can create exposure that existing tools may not surface.

Addressing these challenges requires more than technology. Security programs that skip stakeholder alignment and staff enablement are unlikely to sustain long-term funding or operational value. The most common failure pattern is sequence, specifically, organizations attempting to enforce controls before establishing asset clarity or trying to secure everything at once without prioritizing the most important systems. Both can lead to budget overruns, coverage gaps and underutilized tools.

The recommended approach starts by bringing the right people together. IT, operations, facilities management and agency leadership often operate in separate lanes, and in many organizations those groups have never formally met. A shared understanding of dependencies, mission priorities and risk tolerance is the foundation for effective policy and enforcement. From there, an agile framework supports a continuous cycle of identifying risk, establishing policy, enforcing controls and refining based on what the environment reveals, allowing agencies to build on momentum without overextending resources.

A Stronger Integration

One development shaping the Armis and Fortinet integration is ServiceNow’s acquisition of Armis. The Fortinet partnership remains strong and is expected to grow, with ServiceNow’s workflow and orchestration capabilities creating new pathways to operationalize OT detections and coordinate automated response across the environment.

For State and Local Governments navigating a rapidly evolving threat environment with constrained resources, that expanding capability represents an opportunity to improve security posture without expanding team size.

Watch the full webinar, “Blind Spots to Enforced Control: Armis & Fortinet for SLG,” to learn how integrated visibility and enforcement can protect your agency’s critical infrastructure.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Armis from ServiceNow and Fortinet, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders


Related Articles