SlideShare une entreprise Scribd logo

WIRELESS DEFENSE STRATEGIES IN THE IOT ERA

A
Aharon Aharon
1  sur  13
Télécharger pour lire hors ligne
WIRELESS DEFENSE STRATEGIES IN THE IoT ERA
INTRODUCTION 1 SECTION 1: ACCESS LAYER SECURITY NEEDS A SECOND LOOK 2 SECTION 2: NEW ACCESS LAYER DEFENSE STRATEGIES 5 SECTION 3: HOW TO SELECT A SECURE WLAN SOLUTION 8 CONCLUSION 10 CONTENTS
Non-stop mobility, instantaneous network access, and a flood of new wireless devices are the new norm for enterprise wireless LANs (WLANs). Employees are no longer tethered to their desks, and they expect pervasive mobile application access. IT organizations are faced with constant technology transformations such as the Internet of Things (IoT), anything-as-a- service (XaaS), and artificial intelligence. Securing enterprise wireless LANs from unauthorized access and cybersecurity attacks are top of mind for enterprise IT decision-makers worldwide. These trends have significant implications for the planning, deploying, and securing of WLANs. Enterprises must plan with a “mobile-first” mentality. This is strategic. It presents a growing need for a robust end-to-end security architecture within the enterprise. Strategic changes are required to effectively secure wired and wireless LANs while supporting business applications of every type. Here we’ll discuss access layer protection in enterprise WLANs and why deploying ad hoc security is no longer enough to protect against threats. This eBook explains how a secure access architecture gives enterprise networks the end-to-end protection required now and into the future. INTRODUCTION 1 INTRODUCTION
The growth in number and types of Wi-Fi devices is still going strong. The Synergy Group has reported that WLAN is the fastest-growing technology in enterprise IT infrastructure1 . The Wi-Fi Alliance® predicts that the number of connected consumer and business devices will reach 38.5 billion in 20202 . Across almost every industry, people are using multiple personal and work-supplied devices to access mission-critical applications. The BYOD experience is no longer a revolution—it’s the new norm. In a recent survey conducted by Lightspeed GMI for Fortinet, 56% of IT decision-makers worldwide indicated that BYOD access is supported. In North America alone, the number is 76%. In addition, these IT organizations are expected to have complete control of all devices. 01ACCESS LAYER SECURITY NEEDS A SECOND LOOK 2 ACCESS LAYER SECURITY NEEDS A SECOND LOOK
IoT has become mission critical in the enterprise, introducing new security challenges. Emerging IoT applications are bringing new unsecured wireless devices to vertical markets everywhere. From the factory floor to the hospital recovery room, IoT devices range from industrial robotics to advanced medical sensors. They are being deployed in huge numbers for a wide range of innovative and game-changing applications. This exponential increase in a multitude of unsecured device types presents new vulnerabilities and threats. IoT is a new entry point for attack and as such presents new security challenges. Typically appliances and sensors are used for data collection and transfer. Most of these devices are open and unable to support common client-based security solutions. This puts the burden on the network to keep these devices secure. 3 ACCESS LAYER SECURITY NEEDS A SECOND LOOK
The healthcare/pharmaceutical industry is a great example. Compared to traditional IT systems, incidents involving IoT, such as a hacked MRI machine, can carry consequences, such as policy and financial impacts. Virtually all software, applications, systems, and devices are now connected to the Internet. This is a reality that cybercriminals recognize and are actively exploiting. Some 94% of medical institutions said their organizations have been victims of a cyberattack3 . Cybercriminals are constantly devising new ways of leveraging IoT and expanding the attack surface to carry out advanced persistent threats. Banks and other financial institutions consider IoT- enabled ATMs, information kiosks, and credit/debit cards with sensing technology as revenue growth opportunities. As these organizations are already experiencing a huge number of cyberattacks, they face even greater risks with IoT-based services. Rightfully so, IT decision-makers are worried about the challenges of securing IoT devices and are including them as a major component of their overall security strategy. 1 Synergy Research Group, January 2016 press release 2 Wi-Fi Alliance® 6 for ’16 Wi-Fi® predictions, January 2016 3 SANS Institute Health Care Cyberthreat Report 2014 4 ACCESS LAYER SECURITY NEEDS A SECOND LOOK
Enterprise organizations need a security fabric that provides flexible end-to-end protection across their entire IT environments. With these high-profile attacks on major organizations, cybersecurity and the protection of critical company and customer data are top concerns. However, in many cases, IT organizations have yet to include key security measures such as intrusion prevention or application control, which add critically needed protections. In Section 1, we discussed the drivers that demand a more unified access layer strategy to protect against these sophisticated attacks to assure secure communications, data, transactions, and mobile devices. This strategy includes: §§ Ensuring consistent application and device policies across both wired and wireless environments, and across multiple devices per user. §§ Adding multiple layers of defense, including explicit internal network segmentation, to break or mitigate the chain of infection. §§ Continuous scanning for malware to prevent access to malicious websites, end-point integrity checking, and controlling application usage. 02NEW ACCESS LAYER DEFENSE STRATEGIES 5 NEW ACCESS LAYER DEFENSE STRATEGIES
Unified Access Typical Wi-Fi strategy implementations do not cater to these strategic requirements. For example, many campus networks have become flat, creating a wide- open environment. This means that any person or device—whether legitimate or not—has unchecked access to the entire network and associated IT resources. Regardless of sophistication, cyberattacks can wreak havoc on a flat network very quickly. Multiple layers of defense are essential to protect against attacks that are getting past border defenses. Explicit internal segmentation, with firewall policies between users and resources, limits traffic, provides logs, and helps break the infection chain. WIPs Implementing wireless intrusion protection (WIP) systems enables the detection of and safeguard against rogue devices, unauthorized access, and ad hoc networks. For automatic prevention, WIPs must accurately detect and classify all threats. However, the deployment of WIPs in an ad hoc network architecture is a big challenge to optimally configure and maintain. 6 NEW ACCESS LAYER DEFENSE STRATEGIES
NGFW Because threats are constantly changing and mutating, there is a strong trend towards implementing next-generation firewalls (NGFW). Now more than ever they need to be part of any security system in order to effectively fight advanced threats and respond to new cybercriminal tactics. NGFW systems enhance existing security methods by extending the capabilities of traditional firewalls. This includes intrusion prevention, SSL/SSH, deep-packet inspections, malware detection and application awareness. NGFWs bring additional context and the ability to understand the details of web application traffic passing through the network, while taking action to block traffic that might exploit vulnerabilities. Visibility and Control Configuration and management is a highly critical aspect of implementing this broad range of security measures. Even as enterprise organizations deploy new security capabilities, breaches can still occur as a result of ineffective configuration and management. Deploying and managing disparate security systems for access control, WIPs and firewalls is resource intensive and open to error. These challenges can be addressed by deploying an integrated, end-to-end security strategy. 7 NEW ACCESS LAYER DEFENSE STRATEGIES
Multiple layers of defense are the best way to protect against highly sophisticated attacks that are getting past border defenses. Explicit internal segmentation, with firewall policies between users and resources, limits traffic and can break an infection chain. In addition, security mechanisms must be integrated into the network in order to protect access from unsecure IoT and BYO devices. Any WLAN security strategies should include an integrated wireless solution where control and security are combined in a single portfolio. Optimal security should be comprised of all network components including wireless, switching, and security. In addition, embedding security intelligence into WLAN appliances and APs, regardless of architecture, reduces total cost of ownership (TCO). 03HOW TO SELECT A SECURE WLAN SOLUTION 8 HOW TO SELECT A SECURE WLAN SOLUTION
Look for the most flexible WLAN options to mix and match deployment models for different use cases, locations and IT resources. WLAN premise- or cloud- managed, controller or controllerless solutions should best suit your network and organizational structure— without giving up critical security protection. Integrated, end-to-end protection enables an overall secure, scalable and cost-effective solution. Deployment and management of enterprise networks, applications and devices must be simplified. Even with a broad range of security measures in place, IT administrators may be uncertain about optimal configurations. Network and security implementation needs a “single-pane-of glass” view. One consistent user interface into the wired and wireless network, enabling end-to-end configuration, monitoring and management, is clearly the way to go. 9 HOW TO SELECT A SECURE WLAN SOLUTION
The access landscape is evolving with the unrelenting increase in the number and types of networked devices. IoT applications and the continued growth of user devices bring new and ever-changing cybersecurity threats. Enterprise-wide network access control is an integral part of any IT strategy and implementation. Growing requirements to support new devices and device types necessitate an end-to-end wireless, wired, and security system—a solution that minimizes device, deployment interoperability issues, simplifies manageability of network devices and supports mobile applications. A flexible, secure access architecture brings the maximum protection that every enterprise must have. CONCLUSION 10 CONCLUSION
Copyright © 2016 Fortinet, Inc. All rights reserved. Compare Fortinet’s Secure Access Architecture Solution www.fortinet.com/secureaccess

Recommandé

Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Samir Kotarwar
 
An Internet of Things Reference Architecture
An Internet of Things Reference Architecture An Internet of Things Reference Architecture
An Internet of Things Reference Architecture Symantec
 
Solution Guide Secure Access Architecture
Solution Guide Secure Access ArchitectureSolution Guide Secure Access Architecture
Solution Guide Secure Access ArchitectureExclusive Networks ME
 
Top firewall companies 2020 converted
Top firewall companies 2020 convertedTop firewall companies 2020 converted
Top firewall companies 2020 convertedemmaelice
 
The new era of Cyber Security IEC62443
The new era of Cyber Security IEC62443The new era of Cyber Security IEC62443
The new era of Cyber Security IEC62443WoMaster
 
Sb fortinet-nozomi
Sb fortinet-nozomiSb fortinet-nozomi
Sb fortinet-nozomiIvan Carmona
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)Ivan Carmona
 
Information Security Business Middle East 2011
Information Security Business Middle East 2011Information Security Business Middle East 2011
Information Security Business Middle East 2011Arjun V
 

Recommandé

Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Samir Kotarwar
 
An Internet of Things Reference Architecture
An Internet of Things Reference Architecture An Internet of Things Reference Architecture
An Internet of Things Reference Architecture Symantec
 
Solution Guide Secure Access Architecture
Solution Guide Secure Access ArchitectureSolution Guide Secure Access Architecture
Solution Guide Secure Access ArchitectureExclusive Networks ME
 
Top firewall companies 2020 converted
Top firewall companies 2020 convertedTop firewall companies 2020 converted
Top firewall companies 2020 convertedemmaelice
 
The new era of Cyber Security IEC62443
The new era of Cyber Security IEC62443The new era of Cyber Security IEC62443
The new era of Cyber Security IEC62443WoMaster
 
Sb fortinet-nozomi
Sb fortinet-nozomiSb fortinet-nozomi
Sb fortinet-nozomiIvan Carmona
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)Ivan Carmona
 
Information Security Business Middle East 2011
Information Security Business Middle East 2011Information Security Business Middle East 2011
Information Security Business Middle East 2011Arjun V
 
Aca presentation arm_
Aca presentation arm_Aca presentation arm_
Aca presentation arm_Mudassar Mehmud
 
Bolstering the security of iiot applications – how to go about it
Bolstering the security of iiot applications – how to go about it Bolstering the security of iiot applications – how to go about it
Bolstering the security of iiot applications – how to go about it Moon Technolabs Pvt. Ltd.
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?GENIANS, INC.
 
ICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceAustin Eppstein
 
Midokura for Industry 4.0
Midokura for Industry 4.0Midokura for Industry 4.0
Midokura for Industry 4.0Susan Wu
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security ChallengesForest Interactive
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceCigdem Sengul
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecurityCigniti Technologies Ltd
 
Genesys-2-Brochure-Web
Genesys-2-Brochure-WebGenesys-2-Brochure-Web
Genesys-2-Brochure-WebGiovanni Maree
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoTAmy Daly
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceIcomm Technologies
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)Andris Soroka
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseAirTight Networks
 
IoT security fresh thinking 2017 sep 9
IoT security fresh thinking 2017 sep 9IoT security fresh thinking 2017 sep 9
IoT security fresh thinking 2017 sep 9Arvind Tiwary
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
 
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET Journal
 
Securing Smart Cities
Securing Smart CitiesSecuring Smart Cities
Securing Smart CitiesJames '​-- Mckinlay
 
Internet of Things and its applications
Internet of Things and its applicationsInternet of Things and its applications
Internet of Things and its applicationsPasquale Puzio
 
Rfid
Rfid Rfid
Rfid durrmuhammad
 

Contenu connexe

Tendances

Bolstering the security of iiot applications – how to go about it
Bolstering the security of iiot applications – how to go about it Bolstering the security of iiot applications – how to go about it
Bolstering the security of iiot applications – how to go about it Moon Technolabs Pvt. Ltd.
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?GENIANS, INC.
 
ICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceAustin Eppstein
 
Midokura for Industry 4.0
Midokura for Industry 4.0Midokura for Industry 4.0
Midokura for Industry 4.0Susan Wu
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceCigdem Sengul
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecurityCigniti Technologies Ltd
 
Genesys-2-Brochure-Web
Genesys-2-Brochure-WebGenesys-2-Brochure-Web
Genesys-2-Brochure-WebGiovanni Maree
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoTAmy Daly
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceIcomm Technologies
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)Andris Soroka
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseAirTight Networks
 
IoT security fresh thinking 2017 sep 9
IoT security fresh thinking 2017 sep 9IoT security fresh thinking 2017 sep 9
IoT security fresh thinking 2017 sep 9Arvind Tiwary
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
 
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET Journal
 

Tendances (20)

Aca presentation arm_
Aca presentation arm_Aca presentation arm_
Aca presentation arm_
 
Bolstering the security of iiot applications – how to go about it
Bolstering the security of iiot applications – how to go about it Bolstering the security of iiot applications – how to go about it
Bolstering the security of iiot applications – how to go about it
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?
 
ICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceICS_WhitePaper_Darktrace
ICS_WhitePaper_Darktrace
 
Midokura for Industry 4.0
Midokura for Industry 4.0Midokura for Industry 4.0
Midokura for Industry 4.0
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security Challenges
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List Conference
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application Security
 
Genesys-2-Brochure-Web
Genesys-2-Brochure-WebGenesys-2-Brochure-Web
Genesys-2-Brochure-Web
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoT
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work force
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your Enterprise
 
IoT security fresh thinking 2017 sep 9
IoT security fresh thinking 2017 sep 9IoT security fresh thinking 2017 sep 9
IoT security fresh thinking 2017 sep 9
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space Age
 
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
 
Securing Smart Cities
Securing Smart CitiesSecuring Smart Cities
Securing Smart Cities
 

En vedette

Internet of Things and its applications
Internet of Things and its applicationsInternet of Things and its applications
Internet of Things and its applicationsPasquale Puzio
 
Foreign Military Sales (FMS) DCSA Presentations 2012
Foreign Military Sales (FMS) DCSA Presentations 2012 Foreign Military Sales (FMS) DCSA Presentations 2012
Foreign Military Sales (FMS) DCSA Presentations 2012 Tom "Blad" Lindblad
 
Web Services Composition
Web Services CompositionWeb Services Composition
Web Services Compositioneldorina
 
Digital Image Morphing through Field Morphing
Digital Image Morphing through Field MorphingDigital Image Morphing through Field Morphing
Digital Image Morphing through Field MorphingAnkur Sakhuja
 
s1140177ChiemiHanyu_Thesis
s1140177ChiemiHanyu_Thesiss1140177ChiemiHanyu_Thesis
s1140177ChiemiHanyu_Thesischiemihanyu
 
Li Fi and Iot for Vehicular Safety
Li Fi and Iot for Vehicular SafetyLi Fi and Iot for Vehicular Safety
Li Fi and Iot for Vehicular SafetyKrishnan Subramanian
 
Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses Atanas Gergiminov
 
Digital Manufacturing and The Next Industrial Revolution
Digital Manufacturing and The Next Industrial RevolutionDigital Manufacturing and The Next Industrial Revolution
Digital Manufacturing and The Next Industrial RevolutionRising Media, Inc.
 
Image Morphing: A Literature Study
Image Morphing: A Literature StudyImage Morphing: A Literature Study
Image Morphing: A Literature StudyEditor IJCATR
 
Presentation IOT Robot
Presentation IOT RobotPresentation IOT Robot
Presentation IOT RobotVatsal N Shah
 
IoT Solution To Regulate Vehicular Traffic
IoT Solution To Regulate Vehicular TrafficIoT Solution To Regulate Vehicular Traffic
IoT Solution To Regulate Vehicular TrafficMphasis
 
Automated traffic control system
Automated traffic control systemAutomated traffic control system
Automated traffic control systemLikithe
 
Iot Toolkit and the Smart Object API - Architecture for Interoperability
Iot Toolkit and the Smart Object API - Architecture for InteroperabilityIot Toolkit and the Smart Object API - Architecture for Interoperability
Iot Toolkit and the Smart Object API - Architecture for InteroperabilityMichael Koster
 

En vedette (20)

Internet of Things and its applications
Internet of Things and its applicationsInternet of Things and its applications
Internet of Things and its applications
 
Rfid
Rfid Rfid
Rfid
 
Foreign Military Sales (FMS) DCSA Presentations 2012
Foreign Military Sales (FMS) DCSA Presentations 2012 Foreign Military Sales (FMS) DCSA Presentations 2012
Foreign Military Sales (FMS) DCSA Presentations 2012
 
Web Services Composition
Web Services CompositionWeb Services Composition
Web Services Composition
 
Digital Image Morphing through Field Morphing
Digital Image Morphing through Field MorphingDigital Image Morphing through Field Morphing
Digital Image Morphing through Field Morphing
 
s1140177ChiemiHanyu_Thesis
s1140177ChiemiHanyu_Thesiss1140177ChiemiHanyu_Thesis
s1140177ChiemiHanyu_Thesis
 
Morphing Image
Morphing Image Morphing Image
Morphing Image
 
Li Fi and Iot for Vehicular Safety
Li Fi and Iot for Vehicular SafetyLi Fi and Iot for Vehicular Safety
Li Fi and Iot for Vehicular Safety
 
Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses
 
Digital Manufacturing and The Next Industrial Revolution
Digital Manufacturing and The Next Industrial RevolutionDigital Manufacturing and The Next Industrial Revolution
Digital Manufacturing and The Next Industrial Revolution
 
Image Morphing: A Literature Study
Image Morphing: A Literature StudyImage Morphing: A Literature Study
Image Morphing: A Literature Study
 
Cisco CMX - Presentación - Raytel
Cisco CMX - Presentación - RaytelCisco CMX - Presentación - Raytel
Cisco CMX - Presentación - Raytel
 
New Cisco Access Points
New Cisco Access PointsNew Cisco Access Points
New Cisco Access Points
 
Face morphing
Face morphingFace morphing
Face morphing
 
Presentation IOT Robot
Presentation IOT RobotPresentation IOT Robot
Presentation IOT Robot
 
IoT Solution To Regulate Vehicular Traffic
IoT Solution To Regulate Vehicular TrafficIoT Solution To Regulate Vehicular Traffic
IoT Solution To Regulate Vehicular Traffic
 
IoT for Smarter Health Care
IoT for Smarter Health CareIoT for Smarter Health Care
IoT for Smarter Health Care
 
Automated traffic control system
Automated traffic control systemAutomated traffic control system
Automated traffic control system
 
Iottoolkit wot
Iottoolkit wotIottoolkit wot
Iottoolkit wot
 
Iot Toolkit and the Smart Object API - Architecture for Interoperability
Iot Toolkit and the Smart Object API - Architecture for InteroperabilityIot Toolkit and the Smart Object API - Architecture for Interoperability
Iot Toolkit and the Smart Object API - Architecture for Interoperability
 

Similaire à WIRELESS DEFENSE STRATEGIES IN THE IOT ERA

Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems Zoe Gilbert
 
Cybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdfCybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdfRahimMakhani2
 
Unlocking the Potential: A Comprehensive Guide to Understanding and Securing ...
Unlocking the Potential: A Comprehensive Guide to Understanding and Securing ...Unlocking the Potential: A Comprehensive Guide to Understanding and Securing ...
Unlocking the Potential: A Comprehensive Guide to Understanding and Securing ...cyberprosocial
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsFrederic Roy-Gobeil, CPA, CGA, M.Tax.
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxcuddietheresa
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxsalmonpybus
 
assignment help experts
assignment help expertsassignment help experts
assignment help experts#essaywriting
 
IoT and security
IoT and securityIoT and security
IoT and securityIET India
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Unisys Corporation
 
Privacy-aware secured discrete framework in wireless sensor network
Privacy-aware secured discrete framework in wireless sensor networkPrivacy-aware secured discrete framework in wireless sensor network
Privacy-aware secured discrete framework in wireless sensor networkIJECEIAES
 
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati
 
AGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White PaperAGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White PaperMestizo Enterprises
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 

Similaire à WIRELESS DEFENSE STRATEGIES IN THE IOT ERA (20)

Cybersecurity in the Age of IoT - Skillmine
Cybersecurity in the Age of IoT - SkillmineCybersecurity in the Age of IoT - Skillmine
Cybersecurity in the Age of IoT - Skillmine
 
Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems
 
Cybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdfCybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdf
 
Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)
 
Unlocking the Potential: A Comprehensive Guide to Understanding and Securing ...
Unlocking the Potential: A Comprehensive Guide to Understanding and Securing ...Unlocking the Potential: A Comprehensive Guide to Understanding and Securing ...
Unlocking the Potential: A Comprehensive Guide to Understanding and Securing ...
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of Things
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
 
assignment help experts
assignment help expertsassignment help experts
assignment help experts
 
IoT and security
IoT and securityIoT and security
IoT and security
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile security
 
sample assignment
sample assignmentsample assignment
sample assignment
 
Protecting Americas Next Generation Networks
Protecting Americas Next Generation NetworksProtecting Americas Next Generation Networks
Protecting Americas Next Generation Networks
 
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
 
Privacy-aware secured discrete framework in wireless sensor network
Privacy-aware secured discrete framework in wireless sensor networkPrivacy-aware secured discrete framework in wireless sensor network
Privacy-aware secured discrete framework in wireless sensor network
 
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
 
AGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White PaperAGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White Paper
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 

WIRELESS DEFENSE STRATEGIES IN THE IOT ERA

  • 2. INTRODUCTION 1 SECTION 1: ACCESS LAYER SECURITY NEEDS A SECOND LOOK 2 SECTION 2: NEW ACCESS LAYER DEFENSE STRATEGIES 5 SECTION 3: HOW TO SELECT A SECURE WLAN SOLUTION 8 CONCLUSION 10 CONTENTS
  • 3. Non-stop mobility, instantaneous network access, and a flood of new wireless devices are the new norm for enterprise wireless LANs (WLANs). Employees are no longer tethered to their desks, and they expect pervasive mobile application access. IT organizations are faced with constant technology transformations such as the Internet of Things (IoT), anything-as-a- service (XaaS), and artificial intelligence. Securing enterprise wireless LANs from unauthorized access and cybersecurity attacks are top of mind for enterprise IT decision-makers worldwide. These trends have significant implications for the planning, deploying, and securing of WLANs. Enterprises must plan with a “mobile-first” mentality. This is strategic. It presents a growing need for a robust end-to-end security architecture within the enterprise. Strategic changes are required to effectively secure wired and wireless LANs while supporting business applications of every type. Here we’ll discuss access layer protection in enterprise WLANs and why deploying ad hoc security is no longer enough to protect against threats. This eBook explains how a secure access architecture gives enterprise networks the end-to-end protection required now and into the future. INTRODUCTION 1 INTRODUCTION
  • 4. The growth in number and types of Wi-Fi devices is still going strong. The Synergy Group has reported that WLAN is the fastest-growing technology in enterprise IT infrastructure1 . The Wi-Fi Alliance® predicts that the number of connected consumer and business devices will reach 38.5 billion in 20202 . Across almost every industry, people are using multiple personal and work-supplied devices to access mission-critical applications. The BYOD experience is no longer a revolution—it’s the new norm. In a recent survey conducted by Lightspeed GMI for Fortinet, 56% of IT decision-makers worldwide indicated that BYOD access is supported. In North America alone, the number is 76%. In addition, these IT organizations are expected to have complete control of all devices. 01ACCESS LAYER SECURITY NEEDS A SECOND LOOK 2 ACCESS LAYER SECURITY NEEDS A SECOND LOOK
  • 5. IoT has become mission critical in the enterprise, introducing new security challenges. Emerging IoT applications are bringing new unsecured wireless devices to vertical markets everywhere. From the factory floor to the hospital recovery room, IoT devices range from industrial robotics to advanced medical sensors. They are being deployed in huge numbers for a wide range of innovative and game-changing applications. This exponential increase in a multitude of unsecured device types presents new vulnerabilities and threats. IoT is a new entry point for attack and as such presents new security challenges. Typically appliances and sensors are used for data collection and transfer. Most of these devices are open and unable to support common client-based security solutions. This puts the burden on the network to keep these devices secure. 3 ACCESS LAYER SECURITY NEEDS A SECOND LOOK
  • 6. The healthcare/pharmaceutical industry is a great example. Compared to traditional IT systems, incidents involving IoT, such as a hacked MRI machine, can carry consequences, such as policy and financial impacts. Virtually all software, applications, systems, and devices are now connected to the Internet. This is a reality that cybercriminals recognize and are actively exploiting. Some 94% of medical institutions said their organizations have been victims of a cyberattack3 . Cybercriminals are constantly devising new ways of leveraging IoT and expanding the attack surface to carry out advanced persistent threats. Banks and other financial institutions consider IoT- enabled ATMs, information kiosks, and credit/debit cards with sensing technology as revenue growth opportunities. As these organizations are already experiencing a huge number of cyberattacks, they face even greater risks with IoT-based services. Rightfully so, IT decision-makers are worried about the challenges of securing IoT devices and are including them as a major component of their overall security strategy. 1 Synergy Research Group, January 2016 press release 2 Wi-Fi Alliance® 6 for ’16 Wi-Fi® predictions, January 2016 3 SANS Institute Health Care Cyberthreat Report 2014 4 ACCESS LAYER SECURITY NEEDS A SECOND LOOK
  • 7. Enterprise organizations need a security fabric that provides flexible end-to-end protection across their entire IT environments. With these high-profile attacks on major organizations, cybersecurity and the protection of critical company and customer data are top concerns. However, in many cases, IT organizations have yet to include key security measures such as intrusion prevention or application control, which add critically needed protections. In Section 1, we discussed the drivers that demand a more unified access layer strategy to protect against these sophisticated attacks to assure secure communications, data, transactions, and mobile devices. This strategy includes: §§ Ensuring consistent application and device policies across both wired and wireless environments, and across multiple devices per user. §§ Adding multiple layers of defense, including explicit internal network segmentation, to break or mitigate the chain of infection. §§ Continuous scanning for malware to prevent access to malicious websites, end-point integrity checking, and controlling application usage. 02NEW ACCESS LAYER DEFENSE STRATEGIES 5 NEW ACCESS LAYER DEFENSE STRATEGIES
  • 8. Unified Access Typical Wi-Fi strategy implementations do not cater to these strategic requirements. For example, many campus networks have become flat, creating a wide- open environment. This means that any person or device—whether legitimate or not—has unchecked access to the entire network and associated IT resources. Regardless of sophistication, cyberattacks can wreak havoc on a flat network very quickly. Multiple layers of defense are essential to protect against attacks that are getting past border defenses. Explicit internal segmentation, with firewall policies between users and resources, limits traffic, provides logs, and helps break the infection chain. WIPs Implementing wireless intrusion protection (WIP) systems enables the detection of and safeguard against rogue devices, unauthorized access, and ad hoc networks. For automatic prevention, WIPs must accurately detect and classify all threats. However, the deployment of WIPs in an ad hoc network architecture is a big challenge to optimally configure and maintain. 6 NEW ACCESS LAYER DEFENSE STRATEGIES
  • 9. NGFW Because threats are constantly changing and mutating, there is a strong trend towards implementing next-generation firewalls (NGFW). Now more than ever they need to be part of any security system in order to effectively fight advanced threats and respond to new cybercriminal tactics. NGFW systems enhance existing security methods by extending the capabilities of traditional firewalls. This includes intrusion prevention, SSL/SSH, deep-packet inspections, malware detection and application awareness. NGFWs bring additional context and the ability to understand the details of web application traffic passing through the network, while taking action to block traffic that might exploit vulnerabilities. Visibility and Control Configuration and management is a highly critical aspect of implementing this broad range of security measures. Even as enterprise organizations deploy new security capabilities, breaches can still occur as a result of ineffective configuration and management. Deploying and managing disparate security systems for access control, WIPs and firewalls is resource intensive and open to error. These challenges can be addressed by deploying an integrated, end-to-end security strategy. 7 NEW ACCESS LAYER DEFENSE STRATEGIES
  • 10. Multiple layers of defense are the best way to protect against highly sophisticated attacks that are getting past border defenses. Explicit internal segmentation, with firewall policies between users and resources, limits traffic and can break an infection chain. In addition, security mechanisms must be integrated into the network in order to protect access from unsecure IoT and BYO devices. Any WLAN security strategies should include an integrated wireless solution where control and security are combined in a single portfolio. Optimal security should be comprised of all network components including wireless, switching, and security. In addition, embedding security intelligence into WLAN appliances and APs, regardless of architecture, reduces total cost of ownership (TCO). 03HOW TO SELECT A SECURE WLAN SOLUTION 8 HOW TO SELECT A SECURE WLAN SOLUTION
  • 11. Look for the most flexible WLAN options to mix and match deployment models for different use cases, locations and IT resources. WLAN premise- or cloud- managed, controller or controllerless solutions should best suit your network and organizational structure— without giving up critical security protection. Integrated, end-to-end protection enables an overall secure, scalable and cost-effective solution. Deployment and management of enterprise networks, applications and devices must be simplified. Even with a broad range of security measures in place, IT administrators may be uncertain about optimal configurations. Network and security implementation needs a “single-pane-of glass” view. One consistent user interface into the wired and wireless network, enabling end-to-end configuration, monitoring and management, is clearly the way to go. 9 HOW TO SELECT A SECURE WLAN SOLUTION
  • 12. The access landscape is evolving with the unrelenting increase in the number and types of networked devices. IoT applications and the continued growth of user devices bring new and ever-changing cybersecurity threats. Enterprise-wide network access control is an integral part of any IT strategy and implementation. Growing requirements to support new devices and device types necessitate an end-to-end wireless, wired, and security system—a solution that minimizes device, deployment interoperability issues, simplifies manageability of network devices and supports mobile applications. A flexible, secure access architecture brings the maximum protection that every enterprise must have. CONCLUSION 10 CONCLUSION
  • 13. Copyright © 2016 Fortinet, Inc. All rights reserved. Compare Fortinet’s Secure Access Architecture Solution www.fortinet.com/secureaccess