# What is Guardian Medcrypt's Guardian Platform provides PKI-based cryptographic security for medical devices, ensuring device authentication, secure communication, and regulatory compliance without disrupting performance. [Learn more about PKI and why it matters for medical devices](/overview/what-is-public-key-infrastructure-pki.md). ## **Guardian components** Guardian consists of two main components: * **Guardian Library**: Guardian Library runs on your devices to parse configuration profiles, request certificates from Guardian Cloud, and enable cryptographic functions like signing and encryption. Available for C++, C, Java, and more. * **Guardian Cloud**: Cloud-based platform that processes certificate requests, enrolls devices into trust hierarchies, and generates certificates. This is the part of the Guardian platform formerly known as Overwatch. ## **Guardian core principles** * All connections between devices should be secured * Keys generated on the device never leave the device (including protection against data exfiltration methods) * Keys should be rotatable as frequently as needed * Key usage should be specific and isolated to particular operational contexts * Security policy should be codified in signed configuration that drives operational usage ## **What Guardian provides:** * Rapid deployment and seamless integration into new and existing systems * Self-serve management through an intuitive web interface * Device cryptographic identities with certificate-based authentication and automated lifecycle management * Automated compliance reporting for FDA and other regulatory requirements * Support for diverse hardware platforms, operating systems, and cryptographic libraries ## **What Guardian does:** * Automated cryptographic key generation and management with unique keys for each device. Keys are FIPS 140-2 and FIPS 140-3 Level 3 compliant. * Secure device-to-device communication (East-West protection) * Secure device-to-cloud communication (North-South protection) * Provisioning lifecycle management * Support for memory-constrained and connectivity-limited devices * Zero-trust security architecture implementation * Legacy system protection without code modification * Certificate lifecycle management (coming soon!) * PKI operations ## **Common use cases:** * Create segmented security zones across multi-device ecosystems * Protect sensitive assets throughout the manufacturing process * Establish trusted connections to cloud services * Meet FDA cybersecurity requirements * Implement zero-trust security architectures * Manage cryptographic keys throughout device lifecycle * Provide legacy system security without code modification --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.medcrypt.com/overview/what-is-guardian.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.