What’s hiding on Your Network?

What’s hiding on Your Network?

Let me start off by telling you a true short story. Once upon a time, there was a beautiful fish tank with a sensor pack that monitored the tank’s environmental conditions. That beautiful fish tank was in a very prominent location of a fine casino establishment located in North America. The sensor pack was wireless and the rest is history.

Why is IoT a Big Security Risk?

Internet of Things (IoT) devices has created security concerns since their inception. Since the beginning of IoT, these devices have neglected to support higher levels of authentication and encryption, such as WPA2-Enterprise, which creates opportunities for malicious actors to infiltrate our networks. However, that is only one issue with these devices.

A bigger issue is that due to the wireless chipsets incorporated into the devices, trying to fingerprint these devices is extremely challenging. As it has been stated many times, knowing what is on your network is critically important to design a security architecture that can prevent attacks and data leakage.

Along the lines of device identification, Aruba is continuing the push towards providing administrators piece of mind in that they can be assured they know just what devices are using their network.

Continuous Insight into All Devices

The Aruba device identification effort is centered on cloud-based resources with the announcement of Clear Pass Device Insight at the annual Atmosphere conference. This new software is delivered as-a-service (SaaS) and utilizes on-site collectors, either virtual or physical appliances, to gather metadata from your network devices and pass it up to the cloud where analysis is performed. Utilizing crowdsourced data from other Clear Pass Device Insight customers, along with custom device fingerprinting, the accuracy of device identification increases dramatically over traditional fingerprinting/identification methods used today.

Clear Pass Device Insight utilizes AL and MI throughout the lifecycle of the device’s connection to the network and constantly evaluates the device for anomalous behavioral patterns and triggers alerts or role changes to devices that are deemed to be a risk via Clear Pass Policy Manager. The continuous evaluation of devices on the network is a departure from the existing Clear Pass profiler that acts one time, upon the initial connection of the device to the network.

Leveraging AI for Faster Value

Many of you may be asking the question, “How is this different from Aruba Introspect User Entity Behavioral Analytic and Network Traffic Analysis?” The short answer is that Clear Pass Device Insight is built around evaluating the device itself, whereas Introspect is more about building a profile of the user AND the devices used.

The ability of the Clear Pass Device Insight software to recognize patterns is based on data science techniques that utilize complex algorithms during the evaluation process that, according to Aruba, result in over 90 percent accuracy. Ninety percent accuracy is pretty spectacular in my opinion, considering the myriad of devices that exist today.

The best part of Clear Pass Device Insight is that it doesn’t take days or weeks to provide a lot of value to the organization. The product team at Aruba says that in a matter of hours (assuming the devices are actively transmitting on the network), Clear Pass Device Insight can identify and build a profile of the network, allowing administrators greater visibility than ever before into what is actually on the network.

Don’t Be a Fish Story

The moral of this story is that the scalability and resources present within the cloud is vital to increasing the security of our networks. Without those resources, many organizations simply can’t afford the hardware and expertise needed to build out these complex identification systems on-premises. With the help of crowdsourced information, we have the ability to more quickly identify and plug those security holes in our networks, before we become a news story. A news story with very negative optics just as the casino had when the story of the breached fish tank made the news.

Leave a Reply

Related Posts

Enter your keyword