Securing the Everywhere Perimeter

The world is on the verge of an unprecedented expansion in networked connectivity, driven by the combined forces of the Internet of Things and Smart infrastructures. These are posing significant threats to today’s network security model. No organization can afford to ignore the importance of protecting access to its network, applications, and information. Without proper controls, a breach of one device could provide a hacker with the virtual keys to the castle.

A central problem is the sheer number and mobility of devices creating new BYOD and IoT-based internal access points. Onboarding, securing, tracking, and managing thousands of devices seems practically impossible. In addition to increased entry points for hackers, these trends extend the traditional organizational boundary to cloud instances.

These trends make it nearly impossible to determine where the organization’s perimeter lies. Is it the branch? The campus edge? A user device? An IoT device? An external cloud? An internal cloud? The answer is that there is no longer a rigid perimeter—there is only an everywhere perimeter.

Businesses need an effective strategy to differentiate critical applications and confidential data, partition users and devices, establish policy boundaries, and reduce their exposure.

Leveraging Avaya technology, organizations can hide much of their network and protect those elements that remain visible. Borders are established that defend against unauthorized lateral movement, the attack profile is reduced, and highly effective breach isolation is delivered. Businesses can avoid many of the conventional hooks and tools that hackers seek to exploit.

In my new Avaya video I elaborate on the Avaya technologies that help secure the everywhere perimeter. I explain how organizations can significantly reduce the level of network exposure and how they can avoid the chinks that are normally used for an exploit.

Deploying an IoT-ready Architecture

Securing the everywhere perimeter offers a series of capabilities that seek to address both traditional and emergent networking requirements with an innovative approach to protecting critical applications and confidential data.

The three key emerging challenges—implementing scalable segmentation, managing the double-edged nature of IP reachability, and securing edge configuration and attachment—are addressed by the three pillars of Avaya’s securing the everywhere perimeter:

  • Hyper-Segmentation: Greatly improving upon traditional segmentation, Avaya’s hyper-segmentation scales to millions and seamlessly spans the entire organization from data center to device. Once hyper-segments are created, organizations experience a reduction in the attack surface, a quarantine function if a segment is breached, improvement of anomaly scanning, and greater firewall efficiency.

  • Native Stealth: Unlike traditional technology, Avaya delivers hyper-segments that are not exposed to the vulnerabilities of Internet Protocol (IP). What this means is that in the event the organization is breached—for example, through the HVAC or an IoT network segment—the hacker is unable to see anything outside that segment, keeping them contained. Because intermediate networking nodes are ignorant of the content, and do not rely upon IP-based reachability, these cannot be used as launch points for exploiting a breach.

  • Automatic Elasticity: Avaya has pioneered the concept of network elasticity as an enabler for securing the everywhere perimeter. An elastic hyper-segment automatically stretches services to the edge, only as required and only for the duration of a specific application session. As applications terminate, or end-point devices close down or disconnect, the now-redundant networking services retract from the edge. It simplifies deployment of hundreds of segments for tens of thousands of endpoints.

Avaya delivers a solution set of next-generation capabilities that address the challenges of the everywhere perimeter. It provides a foundational layer that seamlessly manages hyper-segmentation, native stealth, and automatic elasticity across the organization. Using software-defined and identity technologies to automate onboarding and access from users, devices, networking nodes, and servers, Avaya makes protecting and managing everywhere access practical.


Related Articles:

Securing the Everywhere Perimeter at ASIS 2016

Security experts are converging at ASIS 2016, the world’s premier security event. Over 20,000 security professionals, including the top U.S. Security Chiefs, are gathering in Orlando to discuss how to better protect information and infrastructure, enhance cybersecurity, and improve employee safety.

For the first time this year, InfraGard, a partnership between the FBI and the private sector, will launch a 2-day conference in conjunction with ASIS and (ISC)2 that is  focused on inspiring a safe and secure cyber world. This partnership represents a coming together of the greatest minds in the security industry.

Security has a profound effect on each and every one of us. We can and must learn from one another. Recent breaches at major resorts, retailers and healthcare providers are evidence that no organization, no industry, no country, and no individual are immune to security concerns. Network and data breaches can happen to anyone at any time. Every minute of every day, small businesses, enterprises, government agencies and critical infrastructures face cyber attacks from lone-wolf hackers, disgruntled employees, organized crime networks and nations-state actors.

As a consequence, threat identification and mitigation is more critical than ever for those responsible for the integrity, resiliency, and availability of networks, information and systems. Conventional network defense at the perimeter is no longer sufficient to combat increasingly sophisticated attack sources and methods. The smart approach to confront the complex threat landscape must rely on a multi-layered threat prevention, detection and response system.

Just as automobiles have evolved to make transportation safer, networks must evolve to explicitly address security. Avaya’s secure networking products are powered by stealth technology with industry leading hyper-segmentation and elasticity. To learn more about how Avaya is Securing the Everywhere Perimeter, please visit us at ASIS 2016, September 12-15 at the Orange County Convention Center in Orlando, Florida.

  • Listen to Distinguished Engineer, Ed Koehler, talk about the smart approach to networking for enhanced agency cybersecurity (September 13 3:45pm, Room W304 – West Concourse Building) or stop by the InfraGard booth 3973.

  • Stop by the Axis Partner Pavilion, Axis Booth 3101 and learn more about our Cybersecurity solution – a joint secure surveillance solution by Axis, Avaya, EMC and Genetec.