“Expanding attack surfaces are causing organizations to rethink their NAC approach”
In an interaction with VARINDIA, Jitendra Ghughal, Director Channels, India & SAARC - Fortinet highlights how NAC’s monitoring and response capabilities are especially critical since many IoT devices open networks to additional risk via compromised, poorly written and unpatchable software, unadvertised back doors hardwired into firmware, and more -
What is driving customers today to reprioritize their security tools and approaches?
Security strategies are ever evolving. Recent cybercrime developments have caused many of the customers' IT teams to reprioritize their security tools and approaches. For example, for many years threat prevention was the primary tactic they used to secure their networks, with teams acting to ensure that no unauthorized attempt to infiltrate the network could be successful. The result was a heavily perimeter-focused security approach, which often left a largely open and unsecured network that could be easily navigated once an attacker managed to get inside.
For far too many of the customers, this is still the case. As cyberattacks become more sophisticated, though, more IT teams are accepting that it’s impossible to stop every attack. To keep pace with threat trends and technology, IT teams must adapt by adjusting their strategies and tools.
Network Access Control is not new to networks but how has it roles evolved in security strategies over the years?
Network access controls have been around for the past 15 years, but due to traditional perimeter-focused security strategies, and NAC’s reputation for complicated implementations, the option hasn't played a significant role in recent security approaches. However, expanding attack surfaces and a new generation of NAC solutions are causing organizations to rethink their approach to Network Access Control.
Today’s modern NAC solutions provide your customers with enhanced visibility into the IoT devices on their corporate networks, whether they're connecting from inside or outside the network. Moreover, modern NAC tools can also automatically respond to compromised IoT devices or anomalous activity. They also provide a clear view into network assets to support regulatory certifications and security best practices that require organizations to establish and maintain an accurate inventory of all connected devices, including IoT—even in virtual environments where assets are constantly connecting and disconnecting from the network.
Customers need a unified view into every IoT device on the network to secure against the threats brought on by the adoption of IoT, combined with the ability to detect and act on threats. NAC solutions do just that by leveraging automation, contextual data, and integration for visibility across integrated IoT, operations, IT and cloud networks.
NACs provides customers with three essential capabilities -
LearnTo overcome this problem, customers’ security teams need to identify and learn about each device connected to the network, including the level of risk each device carries. NAC controls visibility into every device across the entire distributed network. NAC then uses advanced tools and techniques to provide a detailed inventory of the devices on the network. Agentless scanning detects and classifies all IoT devices, including headless devices. Automated onboarding allows organizations to onboard large numbers of endpoints, users, and guests. And device profiling uses behavioural information for the level of access permitted for a device.
Segment: Many of your customers have designed open networks to facilitate faster transfer of information. The challenge is that such environments also allow compromised devices to dwell in the network long enough to determine where valuable data is stored, and then quietly exfiltrate it under the radar.
To minimize the potential of such an event, IT teams must be able to classify each device in the network and then apply an appropriate set of access rules to ensure it can only enter certain areas of the network. These rules must then be communicated to the rest of the security infrastructure, thereby preventing an outside device from accessing and stealing sensitive data stored across the network.
Protect: Because modern cyberattacks occur at machine speed, network access controls must respond to threats at digital speeds. Doing so requires automation and threat context. Modern NAC solutions leverage automation to respond to compromised devices the moment they are detected in a network. NAC can then immediately act to terminate the connection, restrict network access or change configurations.
How does a NAC Solution Secure IoT in a network?
As connected devices continue to become more prolific across customers’ networks, they need a modern network access control solution that can identify IoT assets, enforce access control rules, and automatically isolate and remediate threats posed by compromised devices.
NAC solutions today offer unified visibility into connected devices across your customers’ distributed networks. Such integration ensures optimal protection even as the volume of IoT devices connected to their networks expands.
As cybercriminals successfully target the growing number of attack vectors being implement due to digital transformation efforts, doing more of the same when it comes to security is a losing strategy. Organizations not only need to become more hypervigilant about security, but they also need to be smarter about what they do with that information. Those who fail to meet their digital transformation efforts with an equally aggressive security transformation strategy will forfeit their ability to compete in today’s digital marketplace as they become victims to the continually innovative cybercrime community.