Device Visibility and Network Security in the IoT

The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. A well-entrenched and mature market for decades, it has been buffeted by change during the BYOD and cloud emergence. The market weathered the “end of perimeter security” claims and transformed itself into a more flexible and dynamic discipline, reaching beyond traditional PCs and servers to new mobile and external endpoints. Those network security vendors that adapted are now poised to take full advantage of the IoT and the billions of connected devices set to revolutionize the enterprise. 

One of the most difficult issues with the IoT for enterprises is gaining visibility of new and unknown devices appearing on their networks. This is the first hurdle. Next, is determining what the devices are and being able to establish an identity. These steps are the precursors to then being able to apply the relevant security policies, authentication mechanisms, and access controls appropriate to that enterprise. Despite the growing proliferation of IoT devices, most enterprises are still at the first obstacle, trying to discover these new devices. Often, not all of their traditional network security appliances are able to identify all new IoT device connections, and visibility into the enterprise network is consequently greatly reduced. This is problematic as such unknown devices can easily become attack vectors, raising the risk profile significantly.

The IoT has considerably expanded the pool of connected devices that can now be found on a network, from employee wearables to building automation systems. The devices in play are not limited anymore to the PCs, servers, and smartphones that the IT staff is familiar with; they now need to know about air-conditioning units and lighting sensors, fitness bands and fire alarm panels. And, they need to craft new policies suited to those devices, and perhaps employ new tools as well. The Target breach is an excellent, if unfortunate, case study of what happens when these new IoT endpoints are not properly controlled. A number of companies are making headway in adapting traditional network security to the IoT. US-based ForeScout is one of those.

ForeScout has been a player in the network access control market since 2000. The firm has been highly successful in adapting its technology to the IoT in the enterprise space. The CounterACT appliance is its flagship product, and is able not only to identify new devices on a network, but also to evaluate and monitor them. The appliance can determine quite a number of elements including user, owner, operating system, device configuration, software, services, patch state, and the presence of security agents. But what really sets ForeScout ahead are simplicity and orchestration. The solution is agentless, and numerous appliances can be managed by its Enterprise Manager solution. Security orchestration is enhanced by the open interoperability of the platform and integration with many popular IT and security management products through various extended modules, all tied in under its ControlFabric Ecosystem.

Embracing the IoT space has been a successful bid for ForeScout. The firm raised US$76 million (series G) in January 2016 with Wellington Management, at a valuation of US$1 billion. The continued expansion of IoT in enterprise will likely continue to be beneficial for the firm. But, it is not the only one that has caught attention in the space. Bastille has already made a name for itself in the same space, and Tufin and Tripwire, from the orchestration side of IT, are working hard to bridge that OT gap.  

Identification and localization of specific nodes will become a fundamental issue with the billions of IoT devices envisioned in the near future. Those security vendors that are able to help enterprises overcome the first hurdle will also need to figure out how they can provide security and control features as well, or at the very least, integrate with those that can. The IoT is a complex space, and any tool that can simplify management and control of IoT devices will be highly valuable.