Interlocking Security at the Edge and in the Network

By Cynthia S. Artin October 05, 2017

As is typical during any large IoT gathering, a steady stream of announcements has been rolling out this week from the IoT World Congress winding down in Barcelona today. 

One of the more notable stories came from Neustar and NetFoundry, announcing that Neustar's Trusted Device Identity (TDI) service has leveraged NetFoundry’s platform to enable trusted identity to drive IIoT networking security across any set of networks and clouds.

Platform-to-platform integrations are becoming more common, particularly as APIs powering open telco and open cloud are becoming more pervasive. But integrations between end-point and communications platforms are uncommon, and require a new mastery of handling sessions so "end-to-end" systems and solutions can work without breaking, without being hacked, and without slowing down the works. 

It is getting harder to manage edge-connectivity, in particular, given the proliferation of device types (whether sensors, actuators, and other edge components), infrastructure elements (gateways, servers and more) and multi-cloud environments (public, private and hybrid). Performance is always an issue, as is troubleshooting when systems stop working, but in the case of this particular partnership, security is the challenge Neustar and NetFoundry appear to be taking on. 

Neustar has a history of taking on hard problems in the cybersecurity world, and given the increasing number of massive breaches (most recently at Equifax, with billions of consumer records breached, and Yahoo with the recent revelation upon Verizon's process of integrating Yahoo with Oath that three billion consumer records were hacked) - Neustar is smart to continue investing in locking digital down. 

In the world of connected things, while the attacks have been on a smaller scale, according to a report published by F5 labs in August (The Hunt for IoT Vol. 3: The Rise of Thingbots), IoT attacks grew 280% from the prior six-month reporting period, with growth stemming from Mirai—malware that infects IoT devices and turns them into bots. As more billions of endpoints manifest across the hyper-connected world, Neustar is solving for micro-identity authentication at the edge of the network, while NetFoundry is solving for security baked into the network and tuned for specific applications like those Neustar continues to invent. 

The two companies demonstrated how Neustar’s TDI service "provides customers with security, extending trusted identity based products across multiple networks and clouds. 

Neustar's TDI platform was literally built-on-top of the NetFoundry Application-Specific platform, linking both company's security software together, sold as "embedded," and designed, according to their press release, to "reduce the time, cost and risk of implementing products."

Both companies are active members and contributors to the fast-growing  IIoT edge open source community, EdgeX Foundry - more than sixty companies have joined the community, which has organized working groups to tackle the entire IoT stack, bringing together top experts for open discussion regarding establishing a common industry framework (not standards, but approaches that they aspire to build in order to simplify building IoT systems across multiple vendors and service providers). 

In the case of Neustar and NetFoundry, they are challenging the legacy wisdom of PKI-based identity management solutions, which becomes a clunky, expensive "necessary evil" in order to protect things, applications and systems from actual evil. Neustar's new software - their "TDI" - can authenticate and revoke identities in real-time, monitor session, detect anomolies, and deliver faster alerts to enterprises and organizations enabling them to quickly address breaches. It's a network operations - or "OT" - solution as much as it is an IT gain. 

Recoverability in case of emergency is the vision, according to Hank Skorny, SVP of IoT at Neustar who said, “Neustar and NetFoundry together provide a highly secure, highly manageable and recoverable environment to secure communications between any and all parties.”

“Traditional networking with the use of PKI and firewalls has been manageable to date, but the digitally transformed applications landscape requires the app contexts, such as identity, to programmatically define the network,” said Galeal Zino, Founder of NetFoundry. “Our platform enables leading solutions from innovative partners such as Neustar to program the network to enforce each application’s identity, access and security policies, rather than trying to manually manage a separate set of policies on the network.”

The Neustar and NetFoundry implementation is ideal for microservices-based architectures, which is where the EdgeX Foundry comes in.

“EdgeX Foundry is changing how companies develop, deploy and support IIoT solutions,” said Philip DesAutels, senior director of IoT at the Linux Foundation. “The new Neustar and NetFoundry IoT networking solution is a prime example of this and how open source collaboration can benefit not just the EdgeX ecosystem but the IIoT landscape as a whole." 

Specific features listed by Neustar and NetFoundry in their announcement include: 

  • Real-time activation and revocation
  • Route validation
  • Secure remote management
  • Anomaly detection
  • Multi-factor authentication
  • Recovery without the need to re-key
  • Endpoint and identity management
  • The security and efficiency of end-to-end identity driven networking
  • Enhanced application performance with dynamic path optimization and remediation
  • Application level micro-segmentation with data-in-motion encryption and isolation

If combining edge-security with network security can be done without compromising performance and availability, confidence in rolling out seriously scalable solutions may grow heading into 2018, while we continue to keep watch on cyber criminals who are likely building their own roadmaps for the year and years to come. 

Edited by Ken Briodagh

Contributing Writer

Related Articles

Zenlayer, Zadara Livin' on the Edge with Cloud Storage Services

By: Maurice Nagle    9/23/2021

This week, Zenlayer and Zadara unveiled a partnership to provide fully-managed cloud storage services at the edge. North American Zenlayer customers c…

Read More

IDC Anticipates Serious Growth in Managed Edge Services Over Next Five Years

By: Luke Bellos    8/23/2021

A new forecast model created by IDC expects to see major growth for managed edge services within the next five years.

Read More

Will All Enterprise Networks Be LTE/5G by 2030? Some Experts Think So

By: Matthew Vulpis    6/14/2021

Unlike previous generations of network technology that paved the way for innovations like smartphones and wireless broadband, 5G's tremendous improvem…

Read More

Advancing the Orchestration of Distributed Edge Applications, ZEDEDA Integrates with Microsoft Azure IoT

By: Arti Loftus    2/24/2021

ZEDEDA's recently introduced orchestration solution for the distributed edge provides a unique, native integration with Azure IoT, giving developers a…

Read More

Raising the Bar on Edge Computing, ZEDEDA Introduces Industry's First Open Orchestration Solution for the Distributed Edge

By: Arti Loftus    1/29/2021

We are officially in the Infrastructure-as-a-Service (IaaS) world, with the value of evolving ecosystems growing. Proprietary orchestration solutions …

Read More