If you’re building a city-wide or utility-wide smart network based on IP, you’re building an Internet of Things. And if you’re concerned about the security of the data being transported around that cloud, then you need to think very carefully about how to make it safe.
There will likely be very many endpoints in that network, and the networking infrastructure and protocols you use in the wide area and in the data center may be more susceptible to attack than the dedicated, hardened versions you might have used in the days of bespoke networking.
Even in the broader Internet of Things (IoT), the consequences of security breaches could be more directly serious than simply loss of data. Imagine your connected car is the victim of a hacking attack. Or your home’s garage door has been opened remotely by someone standing outside who has just penetrated your home network because there was no WiFi encryption on the connected kitchen appliance you bought last week.
It’s not surprising that IoT security is rising up the agenda of the big network equipment vendors. In March 2015, Ericsson launched a new suite of data-centric security offers in partnership with Guardtime, specifically aimed at industrial and other critical infrastructure applications.
Virtualization is significant here. IoT requires consideration of which functions are best carried out on distributed devices, versus those that are executed centrally in the cloud using virtualized resources. And security appliances are becoming virtualized.
Cisco has virtualized its Adaptive Security Appliance so that it can be deployed on standard hardware or on its routers. And there are very many vendors of security devices that have been there before Cisco, producing virtualized firewalls and other security systems -- for example, intrusion prevention systems and advanced threat detection -- for deployment in the data center or on distributed infrastructure. Cisco’s ASR 9000 series routers are hardware on which virtualized security products from Arbor Networks can be deployed.
Security is a multifaceted topic, and security experts talk in terms of validating and improving overall security continuously with a recursive approach. Security must be addressed at many levels simultaneously. At the moment, the appropriate security architecture for the IoT is not known. But there is acceptance that security must be addressed through application-data integrity and traffic monitoring, robust interfaces and protocols, and hardened hypervisors and chip microarchitectures.
The new Heavy Reading report "Security in a Virtualized Network Environment" considers how virtualization changes the state of security in telecom, both from the perspective of carriers' own network security and the opportunities that arise to deliver managed security services to business customers.
The report digs into the challenges of securing virtualized and hybrid network environments, as well as the approaches, solutions and products that are being suggested and deployed. It reviews the supply-side landscape for relevant products and profiles 14 leading suppliers, ranging from large network equipment providers to smaller specialists.
— Danny Dicks, Contributing Analyst, Heavy Reading