Extreme Networks Extends Cybersecurity Reach to IoT Endpoints
Extreme Networks has made generally available a device the size of a pack of playing cards that organizations can drop on to their networks to secure Internet of Things (IoT) endpoints.
Abby Strong, vice president of product marketing for Extreme Networks, said Defender for IoT learns the typical traffic patterns of devices attached to the network. It then dynamically generates a security policy that locks down how the device is allowed to communicate. Once initial device profiles have been generated, non-technical staff can easily place the adapter between the device and the network and apply the appropriate security policy using a drop-down menu, she said.
That latter capability is critical because it means IoT devices can be secured without having to dispatch cybersecurity staff to each IoT endpoint, Strong said.
List priced at $500, each instance of Defender for IoT essentially creates a network overlay that allows IoT devices to be centrally managed using a secure tunnel. That approach enables groups of IoT devices to also be segmented into multiple, isolated secure zones. Administrators can then also centrally monitor and track device usage and location across an extended IoT environment, said Strong.
Defender for IoT is designed to be compatible with any IP network, providing in-line protection of IoT devices and segmentation through IPSec tunnels without requiring any changes to the underlying network. IT organizations can also connect Defender for IoT integrates to Extreme Fabric Connect, a network automation platform that Extreme Networks gained from Avaya.
Securing IoT environments is challenging mainly because of two core issues. In the first case, many existing embedded systems are now being connected to the internet without enough regard for securing those connections. The second is that in many cases the systems and devices being connected to the internet don’t have enough excess compute resources to run security software locally. Defender for IoT solves that problem by deploying cybersecurity software between the IoT endpoint and the network.
That approach also makes it easier for cybersecurity professionals to navigate any potential turf wars between internal IT teams that control the enterprise network and operations technology (OT) staffs that are typically responsible for the IoT endpoint. All that is required is for someone to connect Defender for IoT to two Ethernet ports to connect an embedded system back to a centrally managed IT platform running on-premises or in the cloud.
It remains to be seen, however, just how far in front of IoT deployments a cybersecurity team can get. There’s a general recognition that IoT cybersecurity is a major concern. But many teams building and deploying IoT platforms don’t know all the potential cybersecurity pitfalls. There’s an expectation that cybersecurity teams eventually will come around to resolve any potential issue. What most of those deployment teams often fail to appreciate is most cybersecurity teams are overwhelmed trying to defend the existing environment. They don’t have the resources required to defend an attack surface that will grow larger with each IoT device added to the network. Ultimately, what will be required is a more turnkey approach that lifts more of the onus for securing IoT off the shoulders of an internal cybersecurity team.
