SD-WAN Featured Article

Increasing Network Safety for IoT Using SD-WAN

March 01, 2019

By Special Guest
Martin Bosshardt, CEO and President, Open Systems,

Innovation always introduces new risks, but these risks are always followed by ways to mitigate them. In the Middle Ages, for example, cities arose to protect people, but they also allowed the spread of fires that killed thousands. In the 1800s, factories dramatically increased the production of goods, but dangerous equipment led to explosions, fires and building collapses. As each new risk became apparent, solutions were found to lessen those risks: the disastrous fires led to better city planning and fire brigades, and the factory explosions led to safer machinery and required equipment inspections. Today we are seeing the same pattern with internet technology. When the internet revolutionized communications, we found ourselves facing cyberattacks, which led to firewalls, virus checkers and the rise of cyber defense teams. Today, the rise of the cloud and software-defined wide-area networking (SD-WAN) is transforming connectivity for distributed enterprises, but it is also introducing new high-risk pathways into enterprise systems. Fortunately, there is already a solution for shutting down these pathways.

SD-WAN connects distributed enterprise networks, including those at branch offices and data centers. It also enables enterprises to take greater advantage of the Internet of Things (IoT) by making it easier to move data from the deep edge to business systems. However, connecting hundreds or thousands or millions of things to a network puts unprecedented pressure on IT to secure access to the things and the network. Consider the Target breach, which led to the theft of information on 40 million credit and debit cards. The Target (News - Alert) systems were penetrated via an HVAC system featuring a remote access capability that allowed the HVAC vendor to perform maintenance faster and at a lower cost by eliminating the need for truck rolls. Attackers used login credentials stolen from the HVAC vendor to gain initial access to the network, and from there they were able to reach the payment systems.

Despite this threat of a companywide attack, vendors and enterprises continue to use SD-WAN to connect things and services – from sensors in the field to data warehouses to customer and purchasing systems. This “service chaining” is essential for enabling the digital transformation, business intelligence, and customer experience management initiatives enterprises need to maintain competitiveness. However, by its very nature, service chaining is a security nightmare, creating vast opportunities for malicious code to find a small crack in a network’s security configuration and provide an attacker with access to the entire network.

Creating a Safer Network

The good news is that solving this problem is relatively simple. An SD-WAN solution that enables an enterprise to establish separate security zones within the network can limit the spread of damage should an attack ever make it into one part of the system. Once the zones are established, it is then a matter of carefully assigning which systems can be accessed from which zones.

Another key to SD-WAN security is the use of artificial intelligence (AI). For example, a machine learning (ML) algorithm can be trained to detect outlying or malicious behavior by assuming that 95 percent of network activity is appropriate. However, there is an important caveat here. This ML-powered analysis is not really “intelligent,” and the ML algorithm must be trained by security experts. That is, once the system has identified anomalous behavior, an expert must still determine if the specific activity is appropriate or malicious. Only then can the AI system accurately and automatically allow or block similar behavior. Eventually an AI may be able to take complete control of detecting malicious behavior, but we aren’t there yet, and for some time yet human intelligence will remain a critical piece of the solution.

In evaluating the cost/benefit of network security approaches, it is vital to distinguish between secure networks and safe networks. Our industry has focused primarily on securing networks by preventing a breach of the perimeter: firewalls, passwords, multifactor authentication, etc. While a perfect perimeter defense would be ideal, no network will ever be 100 percent secure – in part because this form of defense will always depend on people following proper procedures and not being duped by new scams.

This is why we must focus equally on creating safe networks. A safe network ensures that even if the security perimeter is breached, the attack can’t reach systems across the entire company. By partnering with an SD-WAN solution provider with the expertise to establish security zones and apply AI to network activity, enterprises can confidently deploy an SD-WAN to power applications while still ensuring a safer and more secure network. In turn, the SD-WAN will enable the enterprise to connect the globally distributed organization and deploy IoT solutions that will accelerate digital transformation and enable business growth without compromise.

Edited by Maurice Nagle