Startup Tempered Networks Takes Aim at IoT Security
New products give IT a way to create a zero-trust model of security -- that is, trust nothing and build the trust relationships as needed.
The Internet of Things (IoT) is a much-discussed topic these days, with smart this and smart that and our rapid movement into a world in which everything is connected. But in this IoT world security has been, and will continue to be, the top barrier for quite some time.
Metcalfe's Law states that the value of a network is proportional to the square of the number of nodes connected. So as we add more nodes to a network, the value grows exponentially. Hence the networks in a world in which everything is connected has substantially more value than a network with some things connected or parallel networks.
While connecting all of these endpoints does indeed enable organizations to develop new processes and streamline operations, it opens the door to security risks, too. Many IoT devices don't have any inherent security capabilities and can create back doors into other network segments. That many IoT applications rely heavily on mobile devices and cloud services creates even more security risks. The fact is, IoT networks have many more entry points than legacy networks, and perimeter-based security methods will not provide effective security for them.
Enter startup Tempered Networks, which yesterday announced a new release of its IP security platform targeted at simplifying the process of securing IoT endpoints regardless of whether they are dedicated devices, running on Windows, or in the cloud. The Tempered solution, called Identity-Defined Network (IDN) Fabric, is enabled through Host Identity Protocol (HIP), which changes the way IP networks operate.
IP is built on the premise that everything should talk to everything, and then security gets layered on top and provisioned node by node. This means each additional device makes the security equation increasingly complex. HIP, on the other hand, is built on the assumption that nothing connects to anything and has security baked into it. Then IT can provision trust maps to enable devices that need to talk to each other to do so.
In a hospital, for example, IT might want to create a trust relationship through which medical devices can only talk to other medical devices. In a retail environment, IT might want to set up a trust relationship between kiosks and a warehouse system. With traditional security, IT could accomplish this through a combination of virtual private network connections, access control lists, and other settings -- but once the network gets to any kind of significant size at all (greater than 10 endpoints) the configuration overhead becomes onerous and difficult to set up and maintain.
You can think of a HIP-enabled overlay network as a secure fabric that uses the device's identity to create connections. This masks the complexity of the underlying network and fluid perimeter, and enables IT to dynamically secure the environment in a way that's easy to set up and maintain.
Tempered offers a number of ways to HIP-enable connected endpoints. These include:
- Physical HIPswitches - These physical devices sit in front of IoT endpoints and provide the necessary security. HIPswitches come in a variety of form factors suitable for data centers or industrial environments; have multiple connectivity options, including WiFi, Ethernet and cellular; and offer a wide variety of throughput options, of up to 1.3 Gbps in speed.
- HIPapp for Windows - This software application enables Windows 7 and 10 endpoints to securely connect using HIP and become part of the overlay IDN Fabric.
- Virtual HIPswitch - The virtual version of the HIPswitch extends the hardened security capabilities of HIP into virtual environments. It also enables the extension of Tempered's IDN Fabric into the Amazon Web Services cloud.
In addition, Tempered is releasing a new version of the Tempered Networks Conductor, which is a centralized orchestration engine that coordinates configuration, security policies, trust relationships, monitoring, and analytics between the management user interface and the HIP-enabled endpoints in the IDN Fabric.
The Conductor upgrades include:
- SimpleConnect API - This RESTful API enables the IDN Fabric to integrate with other networks, including software-defined networks.
- Visual Trust Map - As shown in the diagram above, Virtual Trust Map gives administrators a full view of all the trusted relationships between HIPswitches and whitelisted endpoints. This shows administrators a view of all the connected and protected assets.
- Dashboard - New in this release is a dashboard that provides a view into all HIPswitches, showing at a glance which models are deployed and which releases are running. This can help greatly with ongoing management.
The IoT era is here, and IT professionals must focus on creating a zero-trust model of security -- that is, trust nothing and build the trust relationships as needed. Without this approach, IT departments will find securing the environment to be a never-ending battle in which they fall further and further behind. Tempered's IDN Fabric creates a scalable, visual way of enabling IoT security that's straightforward to set up and manage as the number of connected endpoints grows.