Fortinet, a network security company, has released its new whitepaper which focuses on critical elements of the Internet of Things security solutions.
Fortinet has been around since 2000 and has a broad array of next-generation security and networking functions covering network security, data center security (physical and virtual), cloud security, secure (wired and wireless) access, infrastructure (switching and routing) security, content security, endpoint security, application security and others.
The latest whitepaper, titled “The Critical Elements of an IoT Security Solution”, focuses on IoT security and its place in the network. With a significant and exponential expanding of the Internet of Things devices, the concerns over IoT security has become a top priority for a lot of enterprises and security companies.
In addition to the attacks on businesses and the so-called “commercial impact”, the risk of IoT-related service disruptions also extend to critical infrastructure.
According to Fortinet’s whitepaper, security professionals must clearly define solution requirements, which include precisely defined vulnerabilities, manage unsecure communications like public Wi-Fis, apply and enforce policies that will prevent data leaks, and protect the network from malware infections which usually come hand-to-hand with IoT devices.
The main topic of the whitepaper is to try and define critical elements of the IoT security solution, which include “strategic areas” like learning, segmentation, and protection. The learning area focuses on device identification and discovery as well as predictive action, which can both automatically detect, profile and classify the device on the network as well as learn behaviors and predictively react to an attack before it happens.
The segmentation area focuses on assigning policies and managing risks by protecting critical parts of the network. It consists of identifying risks, with the clear classification of users, data, devices, locations and other criteria, managing policies and devices depending on those same classifications, and exerting control by isolating IoT devices from the rest of the network.
The protection strategic area of the IoT security solution focuses on protecting the device before protecting the network, as if an IoT device is secured when it becomes a part of the network, it should be protected in a coordinated way with the rest of network elements. The protection strategic area includes policy flexibility and enforcement as a way to define and enforce policies across both type and device access factors, and threat intelligence, which can learn and respond to threats.
The whitepaper states that the evolution of security is clearly needed with a fabric-based approach that must be broad enough to guard the entire network, powerful enough to provide threat protection without an impact to performance, and smart enough to deliver high levels of automation.
It concludes that the new approach must accept that there is no clear differentiation between the network and outside world and approach the network security with intelligence and automation in mind.
You can download the full whitepaper over at Fortinet’s website (registration required).