New Solution Secures Connections for IoT Devices that Lack Embedded Security
Cybersecurity issues for Internet of Things (IoT) connected devices are known and understood. Newer devices are coming with in-built security. Older devices often have no security and are used by organizations with limited security resources — and are frequent targets for cybercriminals. Last year Symantec reported a 600% increase in IoT attacks.
“Businesses are extracting so much value from the IoT revolution,” comments Mike Leibovitz, senior director of product management and strategy at Extreme Networks, “that it’s easy to see why deployments are happening fast, and security should not be viewed as an impediment to that.”
Extreme Networks believes it has the solution, with the general availability announced of its Defender for IoT (part of Extreme’s Smart OmniEdge line) — an adapter that simply plugs into any Ethernet port on any network. Users run an associated application, and the product ‘learns’ the normal behavior of the IoT devices. With those typical traffic patterns, it dynamically generates a security policy that locks down what a device communicates with and how it can communicate.
Since the insecurity of IoT devices comes from their communications, inbound and outbound, it no longer matters if they have any built-in security, whether its operating system is out of date or if it has hardcoded passwords. Once the device profile has been learnt, an adapter is placed between it and the network and the appropriate profile applied from a drop-down menu.
This then allows groups of IoT devices to be segmented into multiple, isolated secure zones, further reducing the network attack surface. It can be done on any vendor’s IP network, providing segmentation and protection via IPSec tunnels with no change to the network.
Extreme believes it is so easy to install and use that it can be deployed on any network and be used by non-technical staff at hospitals, schools, retailers and hospitality venues to isolate and protect both wired and wireless IoT devices from cyberattacks.
Christopher Frenz, AVP of information security and infrastructure at the Interfaith Medical Center, commented, “It is no longer sufficient to have a security strategy that relies solely on reactively blocking known bad behavior as the best reactive security can do is provide protection today against yesterdayís threats. Instead, organizations need to establish a strategy that focuses on allowing only known good behavior. Taking a zero-trust approach to network security is a critical part of such a strategy and zero trust strategies need to encompass IoT devices as well.”
“When plugged into our Smart OmniEdge visibility and analytics applications,” added Leibovitz, “users can easily control IoT device communication, ensure devices can only communicate with the appropriate resocurces, and then leverage analytics to prove and measure the outcome. We are the only vendor,” he”
Related: New ‘PyRoMineIoT’ Malware Spreads via NSA-Linked Exploit
Related: ‘DoubleDoor’ IoT Botnet Uses Two Backdoor Exploits
Related: Botnet’s Huawei Router Exploit Code Now Public
Related: Mirai, Gafgyt IoT Botnet Attacks Intensify
Related: Mirai Variants Continue to Spawn in Vulnerable IoT Ecosystem
Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.
Tags: 
