The
use
of
unmanaged
and
IoT
devices
in
enterprises
is
growing
exponentially,
and
will
account
for
55.7
billion
connected
devices
by
the
end
of 2025.
A
critical concern
is
deploying
IoT
devices
without
requisite
security
controls.
While
these
numbers
are
numbing,
their
reality is
undeniable.
90%
of
customers
believe
digitization
has
accelerated
the
importance
placed
upon security.
The
World
Economic
Forum
now
lists
cybersecurity
failure
as
a
critical
threat,
and
estimates
a
gap
of
more
than
3
million
security
experts
worldwide,
hindering
secure
deployments
at
scale.
Furthermore,
83%
of
IoT-based
transactions
happen
over
plaintext
channels
and
not
SSL,
making
them
especially
risky.
Cisco’s
solution
Securing
an
IoT
device
can
be
achieved
either
through
securing
the
IoT
device
itself,
or
hardening
the
network
it
accesses.
Securing
devices
can
be
cumbersome,
requiring
complex
manufacturing
partnerships
and
increasing unit
prices,
thereby
reducing
adoption.
On
the
other
hand,
securing
the
network
is
always
desirable
as
it
helps
secure
access,
encrypt
traffic,
and
ease
management.
Being
a
leader
in
both
security
and
networking,
Cisco
continues
to
bring
security
closer
to
networking,
providing
the
network
with
built-in
security,
and
enabling
the
network
to
act
both
as
sensor
and
as
an
enforcer.
The
convergence
of
security
and
networking
leverages
the
network’s
intelligence
and
visibility
to
enable
more-informed
decisions
on
policy
and
threats.
Cisco
uniquely
integrates
security
and
networking,
for
instance
we
recently
integrated
Cisco
Secure
Firewall
to
operate
on
Cisco
Catalyst
9000
Series
switches.
Additionally,
Secure
Firewall
can
be
deployed
in
a
containerized
form,
on-premises
and in
clouds.
Cisco
Secure
Firewall
classifies
traffic
and
protects
applications
while
stopping
exploitation
of
vulnerable
systems.
Additionally,
we
offer
Identity
Services
Engine
with
AI
Endpoint
Analytics
to
passively
identify
IoT
devices
and
apply
segmentation
policies.
Furthermore,
Cisco
offers
management
flexibility
by
integrating
with
Cisco
Defense
Orchestrator
and
DNA
Center
and
with
existing
customer
tools
like
SIEMs
and
XDRs.
Let’s
look
at
three
use
cases
where
the
addition
of
Secure
Firewall
capability
on
Catalyst
9000
Series
switches
solves
real
world
problems:
Use
case
1:
Securing
the
Smart
Building:
This
solution
is
ideal
to
secure
smart
buildings,
converging
various
IoT
systems
into
a
single
IT-managed
network
infrastructure.
Smart
buildings
lower
the
operational
and
energy
costs. Smarter
building
systems,
however,
pose
serious
security
risks
as
these
include
so
many
unmanaged
devices
such
as
window
shades, lighting,
tailored
HVAC,
and
more.
One
of
the
methods
to
secure
smart
buildings
is
to
control
access
to
avoid
manipulation
of
sensors.
Such
control
is
attained
with a
networking
switch
with
enhanced firewall
capability.
The
firewall
ensures
granular
segmentation,
directing
policies
for
traffic
generated
out
of
IoT
devices,
providing access
to
the
right
users.
This
integration
also
brings
security
closer
to endpoints,
making
policy
orchestration
simpler.
Use
Case
2:
Centrally
manage
isolated
IoT
network
clusters:
IoT
devices
which
communicate
with
each
other
in
the
same
subnet
typically
cannot
be
routed,
which
is
a
challenge.
By
default,
most
IoT
networks
are
configured
in
the
same
subnet,
making
it
difficult
to
manage
them
centrally.
Administrators
are
forced
to
physically
connect
to
the
IoT
network
to
manage
and
collect telemetry.
Furthermore,
IoT
vendors
often
charge
hefty
amounts
to
update
IP
addresses
of devices.
Cisco
Secure
Firewall,
hosted
on
the
Catalyst
switch,
solves
this
problem
and
not
only
inspects traffic
from
the
IoT
network
but
also
translates
duplicate
IoT
IP
addresses
to
unique
global
IP
addresses
using
NAT
for
centralized
management
of
isolated
IoT
networks.
Use
Case
3:
Securely
encrypt
IoT
traffic
passing
through
a
shared
IT
network:
At
airports,
for
example,
multiple
vendors
manage
unique
systems
such
as baggage,
air
quality,
biometric
access
control,
etc,
which
share
a
common
network. IoT
traffic
is
usually
in
plain
text,
making
it
susceptible
to
packet
sniffing,
eavesdropping,
man-in-the-middle
attacks,
and
other
such
exploits.
The
IPSec
capability
on
Cisco
Secure
Firewall
encrypts IoT
traffic,
securing data
transfer
and
reducing
risk.
Cisco’s
IoT
initiatives
join
the
once
disconnected
worlds
of
IT
and
IoT,
unifying
networking
and
security.
For
further
details
refer
to
the
At-A
Glance
and see
how
and
an
Australian
oil
company, Ampol,
fortified
its
retail
IoT
with
Cisco
Secure!
We’d
love
to
hear
what
you
think.
Ask
a
Question,
Comment
Below,
and
Stay
Connected
with
Cisco
Secure
on
social!
Cisco
Secure
Social
Channels
Instagram
Facebook
Twitter
LinkedIn
About Author
