Extreme Networks Looks to Protect Enterprises From IoT Security Risks

Protecting against potentially malicious activity by internet of things devices is a challenge that Extreme Networks wants to help solve with its Defender for IoT technology.

Extreme Networks Defender for IoT

Extreme Networks announced its Defender for IoT technology on Feb. 4, providing enterprises with a network-level platform for IoT security.

Defending against risks from rogue or unmanaged internet of things (IoT) devices that might be present on an enterprise network is no trivial task. The Extreme Networks Defender for IoT can plug into an existing network and is able to learn and monitor device behavior and then automatically generate security policy to defend against malicious activities.

"Defender enables companies to deploy IoT security for wired devices without having to worry about the underlying network infrastructure, in a compact, unified offering," Camille Campbell, product marketing manager at Extreme Networks, told eWEEK. "The Defender Adapter is deployed as an overlay and sits between the IoT device and the network to monitor traffic and enforce traffic profiles with full Layer 2-7 visibility."

There are a number of different ways that the Extreme Networks Defender for IoT offering can be deployed. Campbell explained that Defender for IoT is a value-add application that is deployable on the ExtremeCloud Appliance. The ExtremeCloud Appliance delivers management and orchestration for Extreme’s wired, wireless, and IoT solution, and is a core element of Extreme Networks Smart OmniEdge platform.

Additionally, organizations can make use of the ExtremeMobility AP3912 Wall Jack to benefit from the Defender for IoT offering. Campbell said that the ExtremeMobility AP3912 is an existing wireless access point within the Extreme Networks mobility portfolio.

"As part of the Defender for IoT solution, it along with the Defender Adapter, monitors traffic to and from the IoT device with L2-7 visibility, enforcing the security profiles which have been defined in the Defender Application," she said. "The AP3912i is offered as a 3 Port Defender, with optional support for connectivity and protection of Wi-Fi capable devices."  

How It Works

Both the Defender Adapter and the 3912 Wall Jack AP offer an integrated Bluetooth Low Energy (BTLE) radio for extended connectivity to IoT sensors and devices.  Campbell said that the radio includes support for Thread and other higher level IoT protocols that support sensor networks and smart building automation. An integrated iBeacon can be used for locating critical assets.

Defender for IoT can be first connected to a network in learning mode in order to understand what the normal activity is for a given network. Campbell explained that in learning mode, the Adapter/AP then mirrors traffic to the Defender Application so that the application learns its normal operating behavior, including what applications are used. 

"When adequate time has passed in this mode, mirroring can be stopped, and the traffic profile is dynamically generated," Campbell said. "The policy that is created can then be used as-is, or modified before being applied to the device and devices of the same type."

She added that once assigned a policy, the device's network interaction will be constrained to the characteristics of the policy. A core element of the Defender for IoT is its ability to segment IoT devices into what Extreme Networks refers to as secure network zones. Campbell said that a secure zone could be a VLAN , but preferably it would be either an IPSec tunnel, or in the case that Defender is being deployed with an Extreme Fabric Connect network, it could also be a Fabric Connect hyper-segment.

"The network segments originate at the Defender Adapter or the Wall Jack AP and terminate in the Data Center at the ExtremeCloud Appliance," Campbell explained.

Looking forward, Campbell said that Extreme Networks is looking at continuing to expand Defender for IoT with the addition of advanced security analytics.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.