PortGarrison builds the Operational Continuity Layer (OCL) — a hardware control appliance at the device network edge that keeps connected medical and operational devices secure and functional through authentication failures, network outages, and cyber incidents. No agent on the device. No firmware modification. Enforcement that continues when the controllers don't.
Hospitals now run at smart-OT-enabled staffing ratios. When connectivity fails, the labor model fails with it: monitors go dark, early-warning analytics stop, devices revert to manual operation. Clinical staff can see that something is wrong — but not what failed or where. Every alarm becomes an investigation.
IoMT-visibility platforms discover and alert at the network layer. NAC and microsegmentation can enforce policy — but at the network or segment layer, only when enforcement is actually switched on, and only while the central management plane stays reachable.
Nothing protects OT device connectivity when the enterprise network fails. Three things no incumbent delivers together: inline enforcement at the device edge for endpoints that can't run agents; enforcement that keeps running when central systems are unreachable; and graceful degradation of connectivity when the infrastructure itself fails.
Deployed inline at the network boundary in front of a single high-criticality device or a small cluster of devices — typically four to eight — to fit clinical workflows. It runs a continuous control loop from locally cached policy, independent of upstream controllers, so each device stays reachable and individually governed through disruption, and every event is recorded as active compliance evidence.
Device-perspective telemetry with six-cause failure classification.
Local cached policy; operator-defined behavior governs the controller-unavailable interval.
The appliance is the inline network endpoint for each protected device — enforcement continues through auth, certificate, and cloud failures.
Per-device arbitration across LAN, WiFi, sub-GHz mesh, and cellular.
Safe-harbor-aligned audit trail and active enforcement record — not passive documentation.
The security stack tells hospitals what is wrong. What it doesn't do is keep devices enforced and operational through disruption — when the management plane, identity, or upstream network is unavailable. PortGarrison is complementary to the existing stack, not a replacement for it.
Claroty, Armis, Cynerio, Ordr, Nozomi. Discovery and vulnerability mapping. PG extends visibility to the physical device boundary.
Cisco ISE, Aruba ClearPass, Forescout, Palo Alto, Elisity. NAC and microsegmentation. PG keeps enforcing per-device when their management plane is unavailable.
SD-WAN, Cradlepoint, cellular and satellite failover. PG adds per-device granularity below the site edge — and works through internal-infrastructure failure.
The structural gap: no vendor in any category delivers per-device inline enforcement, controller-unavailable persistence, and multi-path transport arbitration at once.
The primary drivers are clinical and financial — patient-safety exposure and the cost of operational derating when connectivity drops — with rising regulatory pressure compounding both.
Lost connectivity is a clinical event, not an IT one. Infusion pumps revert to manual programming, removing the dose-error-reduction safeguard that smart pumps were adopted to provide. In time-critical stroke and trauma cases, imaging studies that can't reach a radiologist can force diversion. Centralized tele-ICU and tele-stroke coverage can drop out from under the bedside team.
Hospitals have rebuilt staffing around smart-OT. When it degrades, the labor substitution evaporates into travel-nurse premium, lost throughput, and ER diversions — a large, largely uninsured, and structurally growing exposure.
Auto-programming, central monitoring bunkers, and AI-assisted imaging have made hospitals more dependent on device connectivity than they were five years ago — so each outage now cuts deeper, and the trend runs one direction.
FDA §524B raises the cybersecurity baseline for newly cleared devices and signals where provider-directed regulation is heading. The vast legacy fleet can't be patched to that bar — these devices need a compensating control that protects them without modification, which is exactly PortGarrison's role.
CIRCIA's healthcare incident-reporting rules land in 2026 and HIPAA Security Rule modernization is underway — moving device security from best practice into documented obligation with financial consequence.
Cyber-insurers and boards now demand device-level security evidence, and Zero-Trust (NIST SP 800-207) procurement expectations require per-device enforcement controller-based incumbents can't deliver — yet roughly half of health systems (KLAS / Censinet) can't even confirm device posture.
Operating through loss of connectivity is a core design property of the OCL — it runs from locally cached policy, independent of upstream controllers, with deterministic fallback and multi-path transport. The architecture has been designed with an eye toward the continuity-critical environments outside the hospital that share that same constraint, giving it dual-use potential.
Maintaining device function and policy through loss of upstream connectivity is designed in from the start — not a feature added for a second market.
The same disconnected-operation property is what defense-industrial-base manufacturing OT, federal health systems, and other fragmented-infrastructure settings require. PortGarrison treats these as a potential expansion path, not a current deployment.
Federal guidance increasingly calls for preparedness to operate through disconnected and degraded conditions — the exact problem the OCL is built to address.
Export posture is expected to be EAR dual-use rather than ITAR, subject to formal classification.
Years of architecture and IP work are already behind us — the kind of groundwork that de-risks the build ahead.
The full system has been designed end-to-end, with every significant design decision documented and traceable — not a concept sketch.
A substantial body of invention disclosures across the core enforcement, resilience, and device-observability methods, with the first filing underway with patent counsel.
Reviewed with current and former CISOs and clinical-informatics leaders at large U.S. health systems; design-partner conversations forming.
Prototype fabrication, design-partner engagement, 1–2 clinical pilot sites on the imaging beachhead with a cellular-failover demonstration, and first patent filing.
Healthcare HTM managed-service partnerships, clinical-documentation add-on, adjacent-vertical entry, and Series A reference deployments. Directional.
Multi-vertical rollout, federal channels (VA / DoD, post-FedRAMP), and a third-party platform API. Directional.
PortGarrison's founder spent years operating enterprise networks for large hospital systems — close enough to the architecture to see that the failure is structural: centralized network management and security inherently leave individual devices exposed the moment the center becomes unreachable. The thesis came from running the systems, not from market research.
Eric S. Enos — Founder. Seven years as a commissioned U.S. Army officer; 27 years in leadership and consulting roles with nationwide healthcare-provider IT organizations; PhD in Systems Engineering; and ten years on the technical advisory board of a national healthcare group purchasing organization (GPO). Supported by an informal advisory group spanning systems engineering / IP strategy, healthcare CISO leadership, and clinical informatics.
For investor, design-partner, and partnership inquiries.