Bring IT Security Standards to IoT and Edge with VMware ...

#vmworld

EIOT3170BU

Bring IT Security Standards to IoT and Edge with VMware and Forescout

Wayne Dixon, Forescout TechnologiesRavishankar Chamarajnagar, VMware, Inc.

#EIOT3170BU

VMworld 2019 Content: Not for publication or distribution

©2019 VMware, Inc.

Disclaimer

This presentation may contain product features or functionality that are currently under development.

This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.

Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.

Technical feasibility and market demand will affect final delivery.

Pricing and packaging for any new features/functionality/technology discussed or presented, have not been determined.

2

The information in this presentation is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation to deliver any items presented herein. VMworld 2019 Content: Not for publication or distribution

©2019 VMware, Inc.

Agenda

3

Opportunities and Threats

VMware Pulse IoT Center

Forescout

VMware Pulse and Forescout

Better together

How it works+ demo

The Vision

Next Steps


©2019 VMware, Inc. 44Confidential │ ©2019 VMware, Inc.

Security and Compliance

Facilities, Energyand Physical Security

New RevenueModels

Logistics, Supply Chain, Product

Operations

Customer Engagement

Analyze data at origination, improve root of trust

Unify visibility and streamline management

Monetize data and drive revenue in new ways

Agilize and automatesupply chains, business

processes

Delight and support customers in new ways

IoT is Everywhere – a Key Component in Digital xFormation

Edge Opportunity Across The Enterprise


©2019 VMware, Inc. 5

IoT Has Increased the Surface Area of Attacks

Heartbleed gives hackers access to website servers. 66% of websites affected (2012)

KRACK exposes security weakness in all modern protected Wi-Fi networks

WannaCry ransomware infects more than 230,000 computers in over 150 countries

Mirai Botnet brought down much of America’s network the fall of 2016 with a DDosattack on Dyn Servers



Technical Challenges:

You Can’t Secure What You Can’t See™!To optimize security, you need to continuously discover, classify & assess every connected device that touches your extended enterprise network in real time!

Business Challenges:

Enterprises, on average, have ~30% more devices connected than expected across IT, OT, IoT, Guest, BYOD, Cloud, etc.

Even when enterprises know about devices connecting, they often don’t know what they are & whether they should be there

IT & regulatory device audits are challenging & often fail

Agents are not supported and/or not deployed on all devices

Little to no device attribute information to classify & assess connected devices

No single source of truth that is current for all connected devicesVMworld 2019 Content: Not for publication or distribution


Dynamically Scalable Operations

Consistent Secure Infrastructure

Rich Contextual Insight Operationalize IoT efficiently with accurate and continuous visibility into device health, network behavior, anomaly detection and remediation

Achieve deep visibility and enforce security configuration and compliance of connected IoT devices

Streamline IoT deployments, automate device onboarding and execute IoT lifecycle and security management at scale

Secure Insight – Edge Management at scale

VMware and Forescout


10©2019 VMware, Inc.

Introducing VMware Pulse IoT Center



VMware – #1 in Infrastructure Management

vCenter for Data Center Pulse for IoT & EdgeWorkspace One for EUC

Extending VMware’s expertise to managing and securing non-IT devices



Operationalize IoT

Accelerate IoT Business Value

Manage any app, on any device, anywhere

Extend IT security and compliance to IoT

Implement a consistent scalable framework for managing any app, on any device, anywhere across your edge

Operationalize IoT efficiently with accurate and real-time visibility into device health and act on anomalies as they arise

Achieve deep visibility and control of connected devices and extend IT security and compliance standards to IoT

Streamline IoT deployments by implementing a standard to simplify device onboarding and management that scales to millions of devices.

VMware Pulse IoT Center v2.0Business Value



Enabled by VMware Pulse IoT Center

Device Lifecycle Management

PLAN

MANAGE

SECURE

END OF LIFE

ON-BOARD

MONITOR




OT User IT User

ONBOARD MANAGEMONITOR SECUREONBOARD MANAGEMONITOR SECUREONBOARD MANAGEMONITOR SECUREONBOARD MANAGEMONITOR SECUREONBOARD MANAGEMONITOR


Introducing 2.0

• Choice of SaaS or On-Prem versions

• Low-touch secure device enrollment

• Enhanced over-the-air (OTA) updates

• Richer alerts and notifications

• Container management

• Simpler agent (C-SDK)

• Enhanced APIs – agent and server

• RBAC, device IDs, certificates

• Scalable architecturePulse Agent

Pulse Agent

Pulse Agent



ON-BOARD CONFIGURE - MONITOR MANAGE

VMware Pulse IoT Center Security and Compliance

• TPM based authentication

• Credential based authentication

• Certificate based authentication

• Device white listing with mobile app

• Secure device token

Compliance Certifications: ISO27001 SOC 2 Type 1 GDPR

Pen test: VMware InfoSec approval Third-party Pen test

• Secure and encrypted OTA SW/FW updates and patching

• Audit log

• Encryption for all communication and services

• Backup and recovery

• RBAC and custom roles

• Login with AD / SSO

• Command execution with least privilege

• Enable/disable SSH to gateways

• Secure container distribution, configuration and management

• Enforce Gateway root credential change



Introducing Forescout



The Forescout Vision and Value Proposition

UNIQUE DIFFERENTIATION

AGENTLESS HETEROGENEOUS RICH DEVICE CONTEXT

CONTINUOUS SCALABLE POLICY-DRIVEN ACTIONS

Campus ITData Center Campus IoTCloud OT

ANY DEVICE, ANY NETWORK, MASSIVE SCALE, HYPER-CONNECTED



Datacenter/Cloud Traditional IT & Mobile Endpoints

IoT & OT Edge Devices

Real-time Device Visibility, Policy-driven Controls & Remediation

vSphere & NSXWorkspace ONE,

AirWatchPulse IoT Center

Enterprise Lifecycle, Performance & Security Management

Increase operations efficiency & close security gaps by leveraging real-time device visibility & control

Forescout - VMware Integrations for Your Extended Enterprise



Increase Security with Real-time Device Visibility and ContextWhat Forescout Does How Forescout Does It

DISCOVER all IP-addressable devices

at time of connect

Physical Virtual

No device agents needed

Intelligently uses passive & active techniques

Agentless

Heterogeneous

Integrate >70 network & security technologies

Extend beyond campus to DC, cloud & OT

CLASSIFY every device & categorize appropriately

HuddleCamHD Red Hat Linuxon VMware vSphere

Managed

HP Elite Tableton Windows 10

BYODIoT

Intelligent

Device Cloud >1500 customers contributing/7M devices

Comprehensive device taxonomy across IT & OT

ASSESS device posture by

!

Continuous

Real-time, so no need to schedule scans

Policy engine constantly evaluates device state to policyVMworld 2019 Content: Not for publication or distribution

©2019 VMware, Inc.

See What’s on Your Network at a Glance



with Policy-driven Network and System Controls

Automate Policy Enforcement and Threat Response

Open trouble ticket

Send email or on-screen notification

SNMP Traps

Start application

Run script to install application

Auditable end-user acknowledgement

HTTP browser hijack. Webpage redirect

Trigger endpoint management system

Deploy a virtual firewall

Reassign the device to a VLAN

Update access lists

DNS hijack (captive portal)

Move device to a guest network

Start mandatory application/process

Ensure security agent is operational

Change wireless user role

Move device to quarantine VLAN

Block access with 802.1x or device authentication

Use ACLs to restrict access

Block access with device authentication

Turn off switch port (802.1X, SNMP)

Block wireless or VPN access

Terminate applications

Disable NIC/dual-homed or peripheral device

NOTIFY!

COMPLY

RESTRICT

!

Security camera

Windows PCVMworld 2019 Content: Not for publication or distribution


Comprehensive Device Visibility –Cornerstone of Security & Manageability



VMware and ForescoutSecure end-to-end visibility and control


Confidential │ ©2019 VMware, Inc. 25

Discover, Classify &

Assess

Monitor Health Metrics

Forescout


Auto Onboard, Provide Config

Properties

1. Forescout discovers, classifies and assesses devices

1

2. Forescout auto on-boards devices into Pulse IoT Center

2

3. Pulse initiates device monitoring and management

3

4. Pulse and Forescout sync data for optimized management and security

4

1

2

3

4

Manage & SecureVMworld 2019 Content: Not for publication or distribution


ONBOARD MANAGEMONITOR SECURE

VMware Pulse IoT Center + Forescout Value

Pulse IoT CenterEnterprise Lifecycle, Performance & Security

Management

• Discover and onboard connected IoT devices regardless of type or network tier

• Monitor device health, configuration and network behavior

• Dynamically manage, patch and segment IoT devices at scale

• Automatically enforce device security configurations and ensure regulatory compliance

Real-time Device Discovery, Assessment & Control

- Pulse IoT Gateway



VMware Pulse IoT Center & Forescout: How It Works

1. Forescout agentlessly discovers,assesses and classifies IoT devices

2. Forescout shares information & validates enrollment with Pulse IoT Center

3. IoT and edge devices not enrolled are automatically registered into Pulse IoT Center via Forescout

4. Data flows from devices to Forescout and Pulse IoT Center and to other locations such as cloud & datacenters

6. A critical security patch is missing, Forescout isolates device to mitigate risk

5. Pulse is monitoring,managing & securing IoT devices at the edge with Forescout

Device Health DataCampaigns and Rules

8. New configuration or firmware update “campaign” pushed to all applicable devices

Pulse IoT Center

7. Pulse deploys patch to edge device(s) via Forescout, Forescout allows back on network once installed

SecurityPatch

Actions & CommandsContinuous IoT…

Discovery

Assessment

Classification

Plus…

Policy / Compliance enforcement

Threat monitoring

Mitigation & Remediation

Security Patch

Pulse Gateway



Registering Gateways



Identifying Things



Pulse & Forescout

Information Sharing



VMware and Forescout solutions deliver one secure infrastructure to create a digital foundation for supporting any IoT use case

VMware and Forescout establish end-to-end visibility across your entire edge and IoT landscape, automate device on-boarding and secure edge infrastructure at scale

Take Aways

VMware and Forescout would like to discuss your Edge and IoT Strategy and help you develop a standard, secure way to implement IoT



Ask us about a POC for your organization

Learn More

Visit:

Forescout.com/vmware

vmware.com/products/pulse-iot-device-management

Contact us:

[email protected]

[email protected]


https://www.forescout.com/vmware

https://vmware.com/products/pulse-iot-device-management

mailto:[email protected]

mailto:vmware.com/products/pulse-iot-device-management



Date post:	10-Dec-2021
Category:	Documents
Upload:	others
View:	5 times
Download:	0 times

Bring IT Security Standards to IoT and Edge with VMware ...

Documents