I recall watching the movie “The Perfect Storm” for the first time. The film is about a once in a century storm that is generated and amplified by particular weather patterns that can occur in the north Atlantic. I remember how futile the acts of the characters seemed against the wind, rain, and waves. If you saw the movie you know the ending. If not, then I will not ruin it, you should see it.
We in the cyberspace industry are facing a similar dilemma. The nexus of BYOD, IoT, and cloud have worked to bifurcate and, in some instances, even dissolve the notions of a traditional security demarcation. Does this mean that we are helpless in the midst of this storm like the characters in the movie? Thankfully no, we are not. We have new technologies available to us to create ‘dark’ network infrastructures that are very difficult if not impossible for would-be attackers to enumerate. Along with this, the infrastructure provides for ‘hard’ segmentation between different security domain of interest such as separating users from IoT and OT devices. We refer to this as hyper-segmentation. We also have drastically increased visibility and control of the network serviced edge, which is after all where all things connect. This assures that the right class of device gets provisioned into the correct hyper-segment for complete automation of the onboarding task if desired.
On visibility, as the saying goes “you can’t manage what you can’t see”. The same comment is true for security because after all security is a form of management. Visibility is required to assure that policies are being maintained and that they are correct. Additionally, this visibility and analytics can help us to see unusual behaviors and anomalies that might suggest a compromised device or a malicious user.
When this is combined with the ‘dark’ capabilities of the Extreme Fabric Connect network infrastructure, an unprecedented security capacity is added to the traditional security posture. But we cannot stop there. We have integrated with leading security ecosystem vendors such as firewalls, end system protection, and Security Information Event Management. By this integration, we arrive at a value of the whole that is truly greater than the sum of its parts.
Like every year, I am personally excited to be presenting at the Air Force Information Technology & Cyberpower (AFITC) event in Montgomery, Alabama. In my ‘The Perfect Storm’ presentation I will not only highlight the dangers and threats but also advice and methods of mitigation in this ‘new and dangerous world’ of networking security.
In addition, to demonstrate both the theory and practical benefit of this approach we will be holding a fun “Hackathon”, which challenges the participants to attempt to traverse from one hyper-segment to the other. We do this for a number of reasons. First, to raise awareness to the technical innovation. Second, it’s a fun event that works well at such a venue, and third, in security, you never say never. So, we hold these events on a regular basis at various locations with various agencies, universities, and customers.
What? You say that you do not know the first thing about hacking? No worries. Sit down for a bit with me at AFITC booth #308/#310 and I will demonstrate and teach you at the same time!
To learn more about AFITC and my session, sign up for a meeting, or register to try your luck in our hack-a-thon, visit our AFITC event page.