Internet of Everything requires security of everything: Cisco
- — 07 March, 2013 09:09
A global ‘Internet of Everything’ (IoE) may be rapidly emerging as everything from lightbulbs to thermostats comes online, but that IoE could descend into chaos without revisiting the security frameworks protecting it, Cisco Systems executives have warned.
Addressing a thousand-strong crowd on the first day of the company’s Cisco Live! user event in Melbourne, Carlos Dominguez, a senior vice president in the office of the chairman and CEO with the seminal networking vendor, highlighted the increasing potential of connected non-computer devices, which are being paired with always-on connectivity to deliver interactive features that make for great demonstration material, if nothing else.
“You know the Internet has arrived when a light bulb is connected to the Internet,” Dominguez joked as he highlighted the many ways in which the emerging IoE – a Cisco term reflecting the convergence of machine-to-machine (M2M), person-to-machine (P2M), and person-to-person (P2P) communications – would integrate connectedness into everyday life.
“These devices are simple to use, smart, give you a lot of value, access the cloud, and they’re all generating a lot of information and data,” he said. “These connections are really going to be very powerful, but we need to turn all the analytical data that we’re getting, into wisdom – and we need to do it in a predictable manner.”
The scope of the challenge became clearer after the local release of Cisco’s updated Cisco VNI Global Mobile Data Traffic Forecast, 2012-2017, which predicted that growth of M2M devices in Australia and New Zealand would far outpace their proliferation across the APAC region. By 2017, M2M connections will account for 16.5% of global mobile services and 12.6% of APC mobile services – but would account for 28.0% of Australian mobile services and 29.1% of New Zealand mobile services.
“The variables in ANZ are being driven by more connections, the types of devices, and the faster mobile speeds and applications,” said Dr Robert Pepper, vice president of global technology policy, in a separate interview in which he noted growing use of connected sensors in manufacturing, supply chain management, transportation and other vertical industries.
“We’re in a very sophisticated market where people are already connected, and we’re seeing a huge growth in machine to machine devices over this period of time. Most of them are not going to be high data rate – they’re going to be very bursty when they talk, and will communicate most of the time with relatively small amounts of data – but huge numbers of these will be rolled out.”
Therein, both men conceded, lies the rub: security, in particular, becomes a particularly pointed challenge as the IoE scales up to millions and even “billions and trillions of sensors”, many of which are being developed as independent systems with little common ground or compliance to standards.
Yet it is this sort of compliance that will become increasingly important as growing usage of autonomous, connected sensors introduces all manner of new ingress point into the corporate network. Cisco has thrown its weight behind OpenFlow, a recently introduced protocol from the Open Networking Foundation (ONF) that has been designed to improve the security and flexibility of relatively fluid networks encapsulating the software defined network (SDN) concept.
OpenFlow manages communications between network controllers and switches, allowing for on-the-fly changes to network operation. This makes it ideal not only for supporting changes in bandwidth allocation, but for implementing consistent security monitoring and management tools that will allow organisations to keep an eye on the proliferation of devices as the IoE evolves.
The fact that ONF’s membership is a veritable who’s-who of networking vendors should lend some weight to Cisco’s claims that OpenFlow compliance is “incredibly important”, as noted by Bret Hartman, vice president and CTO of Cisco’s Security Technology Group, in a separate address.
“These networks are so complicated that it’s difficult to figure out how you have to secure them, and where security belongs in that whole huge, complicated network,” he explained, noting the companion role for Cisco’s ISE (Identity Services Engine), which enforces identity-based access control that can be extended to mobile devices as well as M2M network elements.
“The number of endpoints continues to grow, and ISE needs to keep up with that as we add more and more zeroes to the end of these numbers,” Hartman continued, noting the importance of security-analytics technology – which monitors network traffic for telltale signs of botnet command-and-control traffic – that Cisco picked up in its January acquisition of Cognitive Security.
“The fact that you have such a complicated network means that you have more attack services, and the bad guys have potentially more ways to impersonate and inject traffic. We need to do a better job sharing threat indications across products, and building the rights infrastructure to support this Internet of Everything scenario. It’s an arms race for all intents and purposes, and it’s going to be an arms race forever.”