Cisco IoT Threat Defense

According to forecasts of Cisco company, by 2020 will function about 50 billion attached devices that means achievement of critical mass in implementation process of capacity of Internet of Things (Internet of Things, IoT). The solution Cisco IoT Threat Defense helps to save this potential and to minimize risks. IoT Threat Defense is the extensive architectural and service solution which provides the adapted, increased protection of the organizations on the scale of Internet of Things using segmentation of devices in network. The first direction of application IoT Threat Defense — protection of vital services in such industries as health care (rendering hi-tech medical care), development and electric power distribution, automated production.

The activation wave in the spring of 2017 of programs racketeers and other malware showed vulnerability of the organizations and confirmed an old concern that cyber attacks are capable to cause considerable damage to any business, a question only in when it occurs. Cracking affects transactions, reputation and income. It is about a non-authorized access to networks, data theft and the intellectual property, the fate of business.

For manufacturing industry these questions are imposed on the problems in the field of information and operational technologies connected with safe connection of devices, protection of production operations, preserving of functionality and minimization of idle times. Though many producers build in means of cyber security the devices now, the real embodiment can drag on for years. A logical step will segment such devices, displaying them for striking distances of attacking. Then in case of a compromise the organization will be able to prevent use of devices for an input in network and also to activate the corresponding processes for protection of business.

Segmentation removes barriers on the way to security of Internet of Things

Ensuring safety of Internet of Things, the organizations face two main obstacles. First, the majority of IoT-devices have no self-defense functions. Therefore their vulnerabilities can be used attacking for interception of device management and gaining access to network. Secondly, the situation is complicated by scale: in the closest several years of the enterprise can connect billions of devices to network.

Segmentation of network was thought up not yesterday. So, virtual local area networks (Virtual Local Area Network, VLAN) are used decades. But the scale of Internet of Things does creation of necessary number of VLAN poor-selling if not impossible.

The Cisco TrustSec technology automated, based on politicians allows to solve problems of safe segmentation on the scale of Internet of Things. TrustSec is supported on the different equipment Cisco, both normal, and the increased security, held for use in DPCs and in the industry.

In the IoT-solution separate products are integrated by the architecture of protection, best in the class, against threats Cisco IoT Threat Defense — not only the network segmentation allowing to scale safely Internet of Things. First of all, it is the first-class architecture which integrated the reliable, efficient products Cisco for information security support:

• Cisco TrustSec (segmentation of network);
• Cisco Stealthwatch (analysis of network processes);
• Cisco ISE (visualization of devices);
• Cisco AnyConnect (remote access);
• Cisco Umbrella (cloud security);
• Cisco AMP (protection against the malware);
• Cisco Firepower NGFW (firewall).

For detection of cyberthreats and the compromised nodes in this architecture visualization and the analysis of the entering and outbound traffic of IoT-devices and also entering and the outbound traffic of all enterprise is executed. The solution is capable to detect anomalies, to block threats, to identify the struck nodes, to assist in elimination of effects of the user errors. Besides, this architecture ensures safety of remote access between the websites and between the organizations.