why legacy security architectures are inadequate in a ...€¦ · network . visibility . reduce the...
TRANSCRIPT
1
Why Legacy Security Architectures are Inadequate in a Multi-Cloud World Nick Ng Security Solution Manager HONG KONG | MACAU | MONGOLIA
2
IoT 101 : Headless IoT Device
• Hardware based • Has an IP address and Mac Address • No UI on the device itself (relies on a smartphone or
website) • No user login attached to it • A device that doesn’t have an authentication
mechanism • Cannot install security on it • Machine-to-Machine communication
3
What’s happening now …
Growth in
Devices (IoT)
Gartner Says 9.1 Billion connected business "Things” in 2021. 1
Mostly headless and non-secure devices
0.0
1.0
2.0
3.0
4.0
5.0
6.0
7.0
8.0
9.0
10.0
Business IoT Devices
2016 2017 2018 2019 2020 2021
Gartner IoT Forecast (Billions)
Gartner: Forecast: Internet of Things — Endpoints and Associated Services, Worldwide, 2017
IoT Growth Drivers › Key Driver - Digital Transformation › Cost of Internet-connected sensors is dropping › Increasing Investment in IoT solutions and systems by large enterprise › Expanding Internet connectivity due to greater WiFi coverage and other wireless technologies
Smart Vending Machine (with camera)
4
IoT becomes a part of the life ?
Ralph Lauren Shirt Mimo Monitor
Smart Thermostats Smart Watch Smart TV
Medical Monitoring Smart Metering Power Plants Connected Car
HVAC Systems
The Daily Stuff
The Serious Stuff
5
How many IoT device at your home ?
IP Cam x4
Smart TV x2
MultiMedia Device x4
Game Console x3
Drone x1
Smart Watch x2
Network Printer x1
Smart Home x3
Access Point x2
24+
6
IoT Implication for Enterprise
• Roaming IoT device always stay with multi-cloud
• Data & applications now roam to IoT device & cloud
• Enterprise IT infrastructure not IoT/ Cloud Aware
• Increased Cybersecurity risk
• Increased Connectivity & Processing Needs
Improve Network Visibility
Reduce the risks with non-
compliant devices and open access to enterprise
network facilities
Regulatory Compliance
CISO’s need proof that the enterprise is controlling & monitoring its network &
managing the introduction of rogue devices to meet
regulations
7
HOW TO ⁞CLOSING THE IOT SECURITY GAP
NO USER CANNOT AUTHENTICTAE
THE DEVICE
8
9
Game Console • Always-on connects to network
An Example of IoT Device Risks
10
An Example of IoT Device Risks Connected Copier • At least one in every organization • Always-on connects to network • Without updated firmware • No security protection • Private documents leakage ?
11
An Example of IoT Device Risks
12
Mirai Botnet
13
FreeRTOS Bugs Allow Compromise of IoT Devices
https://threatpost.com/aws-freertos-bugs-allow-compromise-of-iot-devices/138455/
FreeRTOS provides an OS for microcontrollers, which vendors can bundle together with other components in IoT devices and solutions – including the TCP/IP stack, connectivity modules, and over the air (OTA) updates. And have been used in a wide variety of industries: IoT, Aerospace, Medical, Automotive, and more.
14
Learn - IoT Manage - IoT
Headless Device Auto Detection 20+ categories and 40+ devices type
classified
Trusted or Not Trusted
Segmentation Policy
Applied Protections
online Android Android/OS 7.0 “Nougat” Untrusted
online Apple TV Apple TV/iOS modified (Model 10.0) Untrusted
offline Siemens PLC Siemens PLC/S7 Trusted
online Qardio Qardio/OS Version 01.4.2 Trusted
WE deliver the Learn and Manage IoT Capabilities in FortiGate
TWO years ago …
15
Visibility
Machines on-premise
Showing VPN connections
Machines on Alibaba Cloud
Drill-down detailed info
8
Now …
16
Fortinet Security Fabric
Open Ecosystem
Network Security
Network Security
Device, Access, and Application Security
Multi-Cloud Security
Network Operations
Security Operations
Q1FY19 v1.4.4
Multi-Cloud Security
Endpoint/Device Protection
Secure Access
Application Security
Fabric APIs
Fabric Connectors
Security Operations
INTEGRATED AI-driven breach prevention across devices, networks, and applications
AUTOMATED Operations, orchestration, and response
BROAD Visibility of the entire digital attack surface
17
FortiNAC is acquired and it delivers comprehensive IoT Security solution
Completed integration now…
FortiNAC Network Access Control
Watching Every Node on the Network
Visibility Control Automated Response
18
Visibility : Identify Devices
• Discover all endpoint, IoT devices, user and applications
• Identify more than 1,500 device type
• Identify and profile every devices • enables policy rules created by granular device-type
• Multi-vendor wired & wireless connectivity • Self-registration
19
FortiNAC
Agentless Data Collection
Switch Firewall Access Point
Router SIEM IDS/IPS
Protocols: SNMP CLI Radius Syslog API
Continue to gather the device information from multiple sources
20
Device Profiling - IoT & Headless
21
Device Profiling & Network Access
1. A new Printer connected to network
2. MAC notification trap triggers
FortiNAC
3. FortiNAC Profiles device as
printer
4. FortiNAC Informs Fabric to allow
Printer-type access to network
5. FortiGate Allow to access
in OA zone
A new IoT device (Printer) added to network
22
• Drill down for details • Quarantine Host for a
period of time
Automation
Auto identify identication of compromise
23
• Increase number of connectors to public clouds and SDN components
• Multiple fabric connectors of any type to can be defined
• Cloud Connectors will be able to query filters automatically
• Log Changes to Dynamic Address Objects
Fabric Connectors Cloud and SDN Connectors
24
FortiGate FortiMail FortiSandBox FortiWeb FortiClient BROAD PROTECTION
APPLICATION SECURITY
NETWORK SEGMENTATION SECURE CONNECTIVITY
Fortinet 3 Pillar Cloud Security Strategy
API
Fabric Connectors Automation Stitches NATIVE INTEGRATION
CLOUD SERVICE INTEGRATION
CLOUD RESOURCE ABSTRACTION FORM FACTOR OPTIMIZATION
FortiAnalyzer FortiCASB FortiManager
MANAGEMENT & AUTOMATION POLICY
CONTROL VISIBILITY
25
Fabric Connectors for SDN in Private Cloud VMware NSX / Cisco ACI / Nuage VSP / OpenStack
dvSwitch
FortiGate-VMX Service Manager
FGT-VMX FGT-VMX
FortiManager
FortiGate
Dynamic Address Groups
Policy Policy
NSX Objects
Application Policy Infrastructure
Controller
L4-7 Security Devices
ACI Fabric
Manager
Policy
POLICY
POLICY POLICY
POLICY
FortiManager
Hypervisor
FortiGate
Policy POLICY
FortiGate Policies and Services
SDN Controller (Flow tables)
Control Plane Management Plane
IP Fabric
HYPERVISOR
HYPERVISOR
HYPERVISOR
VSP Policy POLICY
26
Fortinet helps on IoT + Multi-cloud Security
Fortinet Multi-cloud 3 key pillars
BROAD VISIBITY
ACCESS CONTROL VIA MULTI-VENDORS 150+
INTEGRATION
AUTOMATED RESPONSE
FortiNAC solution benefit
MORE VISIBILITY TO ALL DEVICES
CONTINUE TO MONITOR & CONTROL THE DEVICES
ACCELERATE THREAT REMEDIATION
CUSTOMER CHALLENGES