As new types of devices flood into our environments, networking and security teams are struggling to keep up. They need to understand which devices should be on the network and what they should be allowed to access. The slow and somewhat predictable era of workstations and laptops has exploded into a dizzying array of Internet of Things (IoT) devices being connected to the network—often without the knowledge and oversight of either IT or security.
Due to limitations in traditional discovery and profiling methods, many organizations have a number of device “blind spots” on their networks or have only a partial view, seeing today’s IoT devices simply as a “Windows” or “Linux” device. For example, in a hospital, an MRI machine and an IV infusion pump may look exactly the same—a generic Windows device. But assigning both devices the same access policy could potentially deny one of them from accessing the network, which would have disastrous consequences for the patient. A lack of clear insight into devices makes creating a comprehensive access control policy practically impossible.
Unfortunately, each new connected device offers up the potential for a security incident or compliance violation with poor visibility and access control exacerbating this risk. We hear stories regularly about organizations who were unaware of devices connected to their network. In one case, a customer found that a previously decommissioned electronic sign was still connected to the network, and actively communicating to over 100 different countries.
That is why Aruba has introduced ClearPass Device Insight – a new AI-powered device discovery and profiling solution that provides a complete and granular view of everything on the network whether connected wired or wirelessly. Device Insight takes a different approach to identifying devices on the network by collecting network traffic, extracting device attributes such as applications accessed, ports, protocols and volume, and uses this data to fingerprint them based on their behavioral attributes, not vague static attributes.
As a cloud-hosted solution, ClearPass Device Insight provides a large fingerprint database, and utilizes crowdsourcing and advanced machine learning models to develop fingerprints for devices that haven’t been seen before. This automated approach helps IT keep pace with the number and variety of IoT devices they may see in the future. A crowdsourcing component ensures IT and security teams always have an up-to-date view and accurate information about new devices that are continuously connecting to their network.
Key capabilities of ClearPass Device Insight include:
- Reduces risk by eliminating device blind spots on the network
- Behavioral analysis that goes beyond traditional hardware-based profiling for precise identification
- Advanced machine learning identifies unknown devices and speeds time-to-identification
- Seamless integration with ClearPass Policy Manager enables real-time enforcement and accelerated response
- Cloud-based solution simplifies deployment and management for faster time-to-value and cost savings
Click here to learn more about the ClearPass family of solutions including ClearPass Device Insight.
About the Author
Paul specializes in network security. His focus is network access control and IoT security and is responsible for Aruba’s proven line of network access control solutions. Paul brings over 15 years…