Interlocking Security at the Edge and in the Network

By Cynthia S. Artin October 05, 2017

As is typical during any large IoT gathering, a steady stream of announcements has been rolling out this week from the IoT World Congress winding down in Barcelona today. 

One of the more notable stories came from Neustar and NetFoundry, announcing that Neustar's Trusted Device Identity (TDI) service has leveraged NetFoundry’s platform to enable trusted identity to drive IIoT networking security across any set of networks and clouds.

Platform-to-platform integrations are becoming more common, particularly as APIs powering open telco and open cloud are becoming more pervasive. But integrations between end-point and communications platforms are uncommon, and require a new mastery of handling sessions so "end-to-end" systems and solutions can work without breaking, without being hacked, and without slowing down the works. 

It is getting harder to manage edge-connectivity, in particular, given the proliferation of device types (whether sensors, actuators, and other edge components), infrastructure elements (gateways, servers and more) and multi-cloud environments (public, private and hybrid). Performance is always an issue, as is troubleshooting when systems stop working, but in the case of this particular partnership, security is the challenge Neustar and NetFoundry appear to be taking on. 

Neustar has a history of taking on hard problems in the cybersecurity world, and given the increasing number of massive breaches (most recently at Equifax, with billions of consumer records breached, and Yahoo with the recent revelation upon Verizon's process of integrating Yahoo with Oath that three billion consumer records were hacked) - Neustar is smart to continue investing in locking digital down. 

In the world of connected things, while the attacks have been on a smaller scale, according to a report published by F5 labs in August (The Hunt for IoT Vol. 3: The Rise of Thingbots), IoT attacks grew 280% from the prior six-month reporting period, with growth stemming from Mirai—malware that infects IoT devices and turns them into bots. As more billions of endpoints manifest across the hyper-connected world, Neustar is solving for micro-identity authentication at the edge of the network, while NetFoundry is solving for security baked into the network and tuned for specific applications like those Neustar continues to invent. 

The two companies demonstrated how Neustar’s TDI service "provides customers with security, extending trusted identity based products across multiple networks and clouds. 

Neustar's TDI platform was literally built-on-top of the NetFoundry Application-Specific platform, linking both company's security software together, sold as "embedded," and designed, according to their press release, to "reduce the time, cost and risk of implementing products."

Both companies are active members and contributors to the fast-growing  IIoT edge open source community, EdgeX Foundry - more than sixty companies have joined the community, which has organized working groups to tackle the entire IoT stack, bringing together top experts for open discussion regarding establishing a common industry framework (not standards, but approaches that they aspire to build in order to simplify building IoT systems across multiple vendors and service providers). 

In the case of Neustar and NetFoundry, they are challenging the legacy wisdom of PKI-based identity management solutions, which becomes a clunky, expensive "necessary evil" in order to protect things, applications and systems from actual evil. Neustar's new software - their "TDI" - can authenticate and revoke identities in real-time, monitor session, detect anomolies, and deliver faster alerts to enterprises and organizations enabling them to quickly address breaches. It's a network operations - or "OT" - solution as much as it is an IT gain. 

Recoverability in case of emergency is the vision, according to Hank Skorny, SVP of IoT at Neustar who said, “Neustar and NetFoundry together provide a highly secure, highly manageable and recoverable environment to secure communications between any and all parties.”

“Traditional networking with the use of PKI and firewalls has been manageable to date, but the digitally transformed applications landscape requires the app contexts, such as identity, to programmatically define the network,” said Galeal Zino, Founder of NetFoundry. “Our platform enables leading solutions from innovative partners such as Neustar to program the network to enforce each application’s identity, access and security policies, rather than trying to manually manage a separate set of policies on the network.”

The Neustar and NetFoundry implementation is ideal for microservices-based architectures, which is where the EdgeX Foundry comes in.

“EdgeX Foundry is changing how companies develop, deploy and support IIoT solutions,” said Philip DesAutels, senior director of IoT at the Linux Foundation. “The new Neustar and NetFoundry IoT networking solution is a prime example of this and how open source collaboration can benefit not just the EdgeX ecosystem but the IIoT landscape as a whole." 

Specific features listed by Neustar and NetFoundry in their announcement include: 

  • Real-time activation and revocation
  • Route validation
  • Secure remote management
  • Anomaly detection
  • Multi-factor authentication
  • Recovery without the need to re-key
  • Endpoint and identity management
  • The security and efficiency of end-to-end identity driven networking
  • Enhanced application performance with dynamic path optimization and remediation
  • Application level micro-segmentation with data-in-motion encryption and isolation

If combining edge-security with network security can be done without compromising performance and availability, confidence in rolling out seriously scalable solutions may grow heading into 2018, while we continue to keep watch on cyber criminals who are likely building their own roadmaps for the year and years to come. 

Edited by Ken Briodagh

Contributing Writer

Related Articles

Toshiba Digital Solutions Corporation and Nebbiolo Technologies Sign IIoT Partnership Agreement

By: Ken Briodagh    4/24/2018

Toshiba Digital Solutions Corporation and Nebbiolo Technologies have signed a strategic partnership agreement to deploy Industrial IoT solutions using…

Read More

Expert Advice for Choosing Between Cloud Computing and Fog Computing

By: Special Guest    4/3/2018

Time is money and the best way to be effective is to gain competitive edge with faster and more efficient information-gathering methods. The IoT has f…

Read More

FogHorn Partners with Google Cloud to Deliver IIoT Solution

By: Ken Briodagh    3/22/2018

Foghorn Lighting Edge Intelligence platform with Google Cloud IoT Core will maximizes the value of industrial data on IoT devices

Read More

IoT Time Podcast S.3 Ep.9 Cloudera

By: Ken Briodagh    3/20/2018

In this episode of IoT Time Podcast, Ken Briodagh sits down with Amy O'Connor, Chief Data and Information Officer, Cloudera, to talk about her new rol…

Read More

Accruent Announces Meridian Enhancements, Cloud-Based ALIM Solution

By: Ken Briodagh    3/15/2018

New cloud platform, analytics and mobile client transform engineering data into actionable asset information

Read More