Device Fingerprinting Enables Certificate-based IoT Device Security
Ruckus Wireless, a part of Brocade, have announced version 5.1 of its Cloudpath ES security and policy management software. The latest software release enables organisations to automatically and securely connect Internet of Things (IoT) devices using certificates—the gold standard of device security—allowing IT to establish policies governing the behaviour of those devices. In conjunction with the Cloudpath software certificate authority (CA) and supported standards-based protocols, the new capabilities allow organisations and IoT device manufacturers to easily and automatically secure a wide range of connected IoT devices without changing existing security infrastructure.
Gartner reports that IoT endpoints will reach an installed base of 20.4 billion units by 2020. In addition, AT&T’s Cybersecurity Insights Report, which surveyed more than 5,000 enterprises around the world, found that 85% of enterprises are in the process of or intend to deploy IoT devices. Yet, according to the report, a mere 10% of those surveyed feel confident that they could secure those devices against hackers.
“The use of IoT-connected devices is now poised to grow exponentially, with IoT technology investments expected to reach $1.29 trillion by the year 2020 across multiple vertical segments and industries,” said Rohit Mehra, vice president, network infrastructure, IDC.
“As with other aspects of IT infrastructure and applications, security risks and vulnerabilities associated with IoT are now a key area of focus for enterprise IT and LoB managers on an ongoing basis. These enterprises, along with their technology solution providers, need to find reliable, cost-effective ways to better secure their connected IoT applications and infrastructure, a challenge that Ruckus seeks to address with these new capabilities.”
Cloudpath ES 5.1 software introduces device fingerprinting, a technique that allows IT to automatically identify IoT device types by comparing the device profile to a device fingerprint database. Together with other Cloudpath software features, the new release delivers the following benefits:
- IT can automatically secure, using certificates, fingerprint-identified IoT devices.If the device is unable to use a certificate, a Ruckus Dynamic Pre-Shared Key™ can be used to secure it. Both approaches enable IT to establish IoT device-specific policies. For example, IoT devices may be authorised to connect only to the cloud service with which they’re associated.
- IT can continue to use existing RADIUS and CAs to secure non-IoT devices. By using Cloudpath software and its dedicated CA to secure IoT devices, organisations avoid reconfiguring their current AAA and CA security implementation or, worse, creating custom middleware to secure devices using an existing CA.
- Manufacturers can improve the security readiness of their IoT devices. They can leverage standards-based certificate retrieval protocolssuch as SCEP and EST, which are native to the Cloudpath CA.
- Managed service providers (MSPs) can add new tenants at will. MSPs can utilise the multitenant capabilities in the Cloudpath virtual deployment implementation, thereby reducing deployment costs and management overhead compared to deploying a separate instance of security and policy management software for each end customer.
“Traditionally, configuring IoT devices has been a huge headache for IT. These devices not only expose organisations to new security threats, but often require manual onboarding, assuming they can be onboarded at all,” said Kevin Koster, chief Cloudpath architect, Ruckus Wireless Business Unit, Brocade. “Cloudpath helps IT departments ensure their IoT devices don’t put their network and their users at risk, while enabling IoT device manufacturers to meet their own customers’ need for IoT device security.”
The latest release of Cloudpath ES software will be generally available in the second quarter of 2017.
About the Ruckus Wireless Business Unit
The Ruckus Wireless Business Unit of Brocade delivers simply better wireless networking—and now wired switching as well—for enterprise, service provider, government, and small business customers worldwide. Ruckus is focused on technology innovation, partner ecosystems, and customer service—yielding the best possible wireless or wired experience for the most challenging indoor and outdoor environments.
Brocade networking solutions help the world’s leading organisations turn their networks into platforms for business innovation. With solutions spanning public and private data centers to the network edge, Brocade is leading the industry in its transition to the New IP network infrastructures required for today’s era of digital business.