Device Fingerprinting Enables Certificate-based IoT Device Security
SAN FRANCISCO—RSA Conference 2017, Booth N4410—Feb. 15, 2017—Ruckus Wireless™, a part of Brocade, today announced version 5.1 of its Cloudpath™ ES security and policy management software. The latest software release enables organizations to automatically and securely connect Internet of Things (IoT) devices using certificates—the gold standard of device security—allowing IT to establish policies governing the behavior of those devices. In conjunction with the Cloudpath software certificate authority (CA) and supported standards-based protocols, the new capabilities allow organizations and IoT device manufacturers to easily and automatically secure a wide range of connected IoT devices without changing existing security infrastructure.
Gartner reports that IoT endpoints will reach an installed base of 20.4 billion units by 2020. In addition, AT&T’s Cybersecurity Insights Report, which surveyed more than 5,000 enterprises around the world, found that 85 percent of enterprises are in the process of or intend to deploy IoT devices. Yet, according to the report, a mere 10 percent of those surveyed feel confident that they could secure those devices against hackers.
“The use of IoT-connected devices is now poised to grow exponentially, with IoT technology investments expected to reach $1.29 trillion by the year 2020 across multiple vertical segments and industries,” said Rohit Mehra, vice president, network infrastructure, IDC. “As with other aspects of IT infrastructure and applications, security risks and vulnerabilities associated with IoT are now a key area of focus for enterprise IT and LoB managers on an ongoing basis. These enterprises, along with their technology solution providers, need to find reliable, cost-effective ways to better secure their connected IoT applications and infrastructure, a challenge that Ruckus seeks to address with these new capabilities.”
Cloudpath ES 5.1 software introduces device fingerprinting, a technique that allows IT to automatically identify IoT device types by comparing the device profile to a device fingerprint database. Together with other Cloudpath software features, the new release delivers the following benefits:
- IT can automatically secure, using certificates, fingerprint-identified IoT devices. If the device is unable to use a certificate, a Ruckus Dynamic Pre-Shared Key™ can be used to secure it. Both approaches enable IT to establish IoT device-specific policies. For example, IoT devices may be authorized to connect only to the cloud service with which they’re associated.
- IT can continue to use existing RADIUS and CAs to secure non-IoT devices. By using Cloudpath software and its dedicated CA to secure IoT devices, organizations avoid reconfiguring their current AAA and CA security implementation or, worse, creating custom middleware to secure devices using an existing CA.
- Manufacturers can improve the security readiness of their IoT devices. They can leverage standards-based certificate retrieval protocols such as SCEP and EST, which are native to the Cloudpath CA.
- Managed service providers (MSPs) can add new tenants at will. MSPs can utilize the multitenant capabilities in the Cloudpath virtual deployment implementation, thereby reducing deployment costs and management overhead compared to deploying a separate instance of security and policy management software for each end customer.
“Traditionally, configuring IoT devices has been a huge headache for IT. These devices not only expose organizations to new security threats, but often require manual onboarding, assuming they can be onboarded at all,” said Kevin Koster, chief Cloudpath architect, Ruckus Wireless Business Unit, Brocade. “Cloudpath helps IT departments ensure their IoT devices don’t put their network and their users at risk, while enabling IoT device manufacturers to meet their own customers’ need for IoT device security.”
The latest release of Cloudpath ES software will be generally available in the second quarter of 2017. For more information, please visit the Ruckus Wireless website.
News Media Contact
© 2017 Brocade Communications Systems, Inc. All Rights Reserved.
These products and features and their availability are subject to change at the sole discretion of Brocade, and Brocade shall have no liability for delay in the delivery or failure to deliver any of the products or features described herein.
Ruckus, Ruckus Wireless, and SmartZone are trademarks of Ruckus Wireless, Inc. in the United States and other countries.
Brocade, the B-wing symbol, and MyBrocade are registered trademarks of Brocade Communications Systems, Inc., in the United States and in other countries. Other brands, product names, or service names mentioned of Brocade Communications Systems, Inc. are listed at www.brocade.com/en/legal/brocade-Legal-intellectual-property/brocade-legal-trademarks.html. Other marks may belong to third parties.