Filling the IoT connectivity and security gaps
Perry Hutton writes on how we can connect, secure and manage IoT devices which are a critical component of the new digital economy - collecting and sharing information.
Internet of Things (IoT) devices are a critical component of the new digital economy, collecting and sharing information about a myriad of things – from smart appliances, irrigation systems and shipping containers, to wireless energy meters and mobile healthcare devices.
"The information they collect allows for more efficient inventory and manufacturing management, and can be mined for competitive advantages," states Perry Hutton, vice president of Africa at Fortinet. "Of course, IoT introduces a number of critical challenges as well, not the least of which are, ‘how do we connect and manage so many devices?' and ‘how do we secure so many devices and so much traffic?'"
He points out that it's because most IoT devices are mobile, that they tend to connect to the network via wireless access points. "Since IoT wasn't on the horizon when most wireless solutions were deployed, the growing volume of IoT and user devices is now overwhelming these access points," continues Hutton. "In addition, because most IoT devices do not have security installed, the need to apply security inspection and monitoring is creating a bottleneck."
According to Hutton, the best strategy for IoT security is through secure access. "Which is why Fortinet recently announced the launch of our new FortiAP-U series of universal wireless access points, designed to provide organisations with the most flexible, enterprise-grade wireless solution on the market," he says.
This new series of wireless access points is now also available in more than 20 African countries by Fortinet's value-added distributor in the region, Networks Unlimited, and provides the following essential solutions required to implement, manage, and grow a robust IoT-based access infrastructure on the continent:
1. Unlock IoT access and performance demands
IT teams face severe challenges scaling their wireless edge to meet rising access demands. "Fortinet's new FortiAP-U universal access points have been designed to meet the wireless needs of the largest enterprises, with maximised bandwidth and device capacity. Multi-gigabit throughput and increased simultaneous connections allow them to support even the densest wireless requirements," says Hutton.
2. Protect IoT with the Fortinet Security Fabric
"Since most IoT devices can't run a security client, or even be patched, security needs to be applied at the point of access," highlights Hutton. The new FortiAP-U series wireless access points integrate advanced Security Fabric intelligence and protections directly into the wireless infrastructure. This enables:
1. Secure access control – FortiAP-U devices provide real time authentication and authorisation of IoT devices to prevent such things as device spoofing, and to enable device tracking and traffic monitoring.
2. Security embedded in the access point – FortiAP-U devices can also be fully integrated with the Fortinet Security Fabric to deliver unified protection for the network edge through robust security functionality and application controls. "This allows IT teams to easily implement essential Secure Fabric protection for their IoT technologies, and seamlessly integrate them into the unified security strategy deployed across the distributed network environment - without compromising performance or functionality," adds Hutton.
3. Network segmentation – The FortiAP-U series has been designed to provide dynamic access layer segmentation to better defend against emerging threats introduced by IoT devices and networks. Hutton elaborates that by integrating FortiAP-U with the Security Fabric, organisations can dynamically route IoT traffic into its own secure network segment, thereby preventing an unauthorised user from monitoring or injecting malware into IoT traffic, as well as protecting the network from undetected or zero-day IoT malware.
4. Specific protection for IoT O/S vulnerabilities and exploits – Once IoT devices have been authenticated and segmented, the Security Fabric can accurately and efficiently monitor IoT traffic, identify IoT-based threats, collect and share threat intelligence, and impose specific protections designed to address IoT-specific vulnerabilities and ferret out IoT exploits.
5. Securing IoT applications – "Finally, because the Fortinet Security Fabric is IoT-ready, it can identify and inspect IoT applications to detect unique threats targeted at IoT applications, devices, and traffic," says Hutton.
3. Simplify management
"However to make this all happen efficiently we need to automate security and access operations," notes Hutton. The FortiAP-U series can automatically detect different types of controllers and management tools, and automatically connect to those deemed to be most suitable. This allows organisations to quickly deploy high-performance, high-capacity wireless access points on demand, without worrying about back-end compatibility, so they can focus on coverage and security, rather than on setting up a complex access infrastructure.
"The new FortiAP-U series of wireless access points provides real time security inspection, unlocks advanced internal segmentation strategies that are critical to defend against IoT threats, and allows devices to share threat intelligence across the Security Fabric in order to better monitor and respond to compromised devices or malicious traffic - anywhere across the distributed and mobile network. And it does this while maintaining the industry leading performance, capacity, and flexibility today's IoT networks demand," concludes Hutton.
"Networks Unlimited distributes and trains its partners and customers in the African region to become certified to manage complex projects by effectively installing and utilising the Fortinet range high performance solutions – especially in todays proliferation of mobile technology and IoT devices in the region," comments Anton Jacobsz, MD at Networks Unlimited.
For more information, please contact Stefan van de Giessen, Fortinet product manager at Networks Unlimited on stefan.vdgiessen@nu.co.za.