01 IoT terminals have low security and high potential risks
According to statistics from IoT Analytics, at the end of 2020, the number of IoT connected terminals exceeds that of non-IoT connected terminals for the first time. It is estimated that by 2025, there will be more than 30 billion IoT terminals connected.
Source: IoT Analytics, State of the IoT 2020: 12 billion IoT connections, surpassing non-IoT for the first time
These devices are widely used in smart security, smart transportation, smart medical, smart energy and other fields, effectively improving people’s production and life efficiency.
However, these IoT terminal types are diverse and widely distributed, and their current security control is relatively weak. It is extremely prone to counterfeit access to devices and illegal outreach, which leads to the destruction of network boundaries and poses security threats to related businesses. In addition, IoT terminals generally have vulnerabilities, weak passwords and other vulnerabilities, which are easy to be used illegally to initiate attacks, bringing potential security risks to users.
According to the “2020 Internet of Things Security Annual Report” released by the National Internet Emergency Response Center, from January to November 2020, the NVD* platform disclosed a total of 12,805 vulnerabilities, of which 1,541 were IoT-related vulnerabilities, accounting for 12.03%, and related vulnerabilities were attacked. Features low complexity and high hazard rating.
(﹡National Vulnerability Database. https://nvd.nist.gov/vuln/data-feeds)
With the rapid development of the Internet of Things technology and the application in more scenarios, a large number of IoT terminals will leave a larger attack surface for attackers, which will cause more serious security problems. How to effectively control the security of IoT terminals and ensure that all connected terminals are safe and controllable is the key to the security of IoT networks.
02 Add more weight to the security construction of the Internet of Things, and I am convinced that SIG will help
Sangfor has comprehensively upgraded the Internet of Things access security gateway SIG, with the goal of “precise identification and effective protection”, and through the three core capabilities of “asset identification”, “access control” and “security protection” to solve the problem of the Internet of Things in smart security, Terminal security management and control issues in application scenarios such as smart transportation, smart medical treatment, and smart energy.
Sangfor Internet of Things Access Security Gateway SIG
1. IoT asset identification, accurate and efficient
Since the development of the Internet of Things, the number of terminals is increasing, and the types are complex and diverse, and the difficulty of management is increasing. Sangfor has many years of experience and technical precipitation in the identification of IoT security applications, terminals and protocols, which has been well inherited from SIG.
For thousands of IoT terminals such as security equipment, medical equipment, various collectors and sensors, Sangfor SIG can perform comprehensive, accurate and efficient discovery and identification, helping users to establish detailed device fingerprint information, and greatly improving the work of asset managers Efficiency and accuracy of asset identification.
2. IoT access control, precise and strict
IoT terminals are widely distributed and there are a large number of outside field environments, which provides opportunities for counterfeit access and private replacement. Once an untrusted terminal enters the network, it will bring huge security risks to the entire IoT network.
On the basis of traditional access technologies such as 802.1x and MAB, Sangfor SIG has carried out substantial capacity upgrades around IoT scenarios, providing L2-L7 three-dimensional access control capabilities. At the same time, relying on the fingerprints of IoT terminal devices established in advance, access control is implemented based on network protocols (such as MQTT) and signaling, and compliance requirements (such as GB/T 28181) to avoid unknown, counterfeit, untrustworthy, and non-compliance The terminal is connected to the IoT network.
3. IoT security protection to eliminate hidden dangers
At the current stage, the design and development of IoT-related technologies focuses on the market and application. Security is not the focus of construction. However, security vulnerabilities are common in IoT terminals, and the resulting virus intrusion, remote control, botnets, and data leakage are common. When risks continue to threaten user asset information and business security, security protection has to arouse users’ focus.
Sangfor SIG has the key security protection capabilities required by IoT networks, including vulnerability detection, gateway antivirus, botnet detection, access control, traffic filtering, transmission encryption, etc., and comprehensively solves the terminal vulnerabilities in the perception layer and network layer in the IoT scenario. Network access risks and other issues. Discover potential risks in time and eliminate hidden business safety hazards in advance.
4. Linked handling of security incidents, efficient closed loop
At the same time, Sangfor SIG can connect with SIMP, an animal networking security management platform. With the SIMP platform as the core, it conducts unified management and security analysis on IoT terminals, and grasps the security status of networked devices in real time. Once a risk is found, it can be linked with SIMP to block and reduce it. Negative impact of security risks.
Sangfor IoT Security Management Platform SIMP
In addition, Sangfor SIG can also cooperate with the next-generation firewall AF, latent threat probe STA, etc. to conduct joint security incident handling, quickly discover and close-loop security threats to the entire network.
So far, Sangfor SIG has been applied in public security, traffic police, transportation, prison, medical and other industries. In the future, Sangfor will continue to increase investment in IoT security research, bring more breakthroughs to the construction of IoT security, and promote the safe and stable development of IoT in all walks of life.
The Links: LQ104S1LG81 FZ2400R17KE3_B2