Current Internet of Things security tools are ‘not fit for purpose’, Gheri tells IoT Now

Klaus Gheri, VP of Network Security
Barracuda Networks

Imagine if there was a scalable, affordable security technology that protected commercial devices in the Internet of Things (IoT).

It’s not hard to see the commercial potential for a solution dealing with tens of thousands of connected devices at a time, in markets ranging from industrial cooling systems to wind turbines and ATM cash machines.

IoT Now’s Jeremy Cowan recently heard about a product the size of an Apple TV, developed as “a kind of firewall” that can be rolled out easily and scalably. Here he quizzes the man behind the rumours, Klaus Gheri, VP of Network Security at Barracuda Networks. Klaus has spent the last few years working on a scalable solution for commercial IoT security problems, and is reported to be planning a deployment of 20,000 units for one customer.

IoT Now: Klaus, how would you describe the threats and obstacles to commercial growth in the Internet of Things?

Klaus Gheri: From delivery vehicles to ATMs, air conditioning systems to CCTV (closed circuit television) cameras, the scope for connecting devices in industry appears to be as big, if not bigger than, the comparable consumer opportunity. However, for the business world, the IoT faces a major barrier to adoption: in their current state, the tools that help businesses deploy and secure IoT devices are simply not fit for purpose.

S Series concept
S Series concept

One of the main barriers to securing the IoT is simply that there’s not a ‘one size fits all’ solution. At one end of the spectrum, we’re talking about tiny equipment such as CCTV cameras and intelligent lightbulbs, on the other we’re talking about large machine equipment. Depending on what the IoT device is, there will be a different approach to security that is economically viable. The challenge is finding the right security solution for each use case. This has meant that today, companies either have nothing securing their IoT network, or have something that is not really fit for purpose.

Scale is a key consideration. Once organisations have a large number of devices, it becomes very difficult from an operational standpoint to get physical access to each device to fix any flaws. When the size of the IoT network goes into the hundreds or thousands, deploying both the device and a security solution for it becomes a logistical challenge – how do you deploy the equipment? how do you manage its lifecycle? how do you implement security policies?

The sheer number of IoT devices can easily overwhelm a lean IT team. I have seen several instances where a 250-person company with 400 IP devices all of a sudden plans to connect more than 5,000 devices. An IT concept for 400 devices looks very different to one for 5,400.

IoT Now: I understand you have focused on a solution for variations in security, scalability, and connectivity. What is it?

KG: Yes, companies embarking on IoT projects are facing a number of challenges that broadly fall into three categories; security, connectivity and scalability.

From a security perspective, companies want to be able to ensure access to the device is only allowed with corresponding privileges. They also need to ensure that the communications from the device to the central management hub are secured. One of the main issues in today’s connected devices is the use of weak encryption and authentication, which leaves the IoT vulnerable to data theft. The device systems might also be ‘closed’, meaning they are hard to remotely maintain and update, should they exhibit any security weaknesses.

From a scalability perspective, businesses need to be able to roll out thousands of devices quickly, by untrained staff, often in remote locations. This means that the solution needs to be very easy to use and set up. These devices also need to be connected and managed in a cost-effective manner.

We designed the Barracuda NextGen Firewall S Series to solve these challenges for mid-to-large size companies that need to manage a large number of remote investment goods, machinery, kiosks or micro-offices.

S Series Architecture
S Series Architecture

Companies place one of our Secure Connector (SC1) units at each IoT device, which are then connected, via an encrypted VPN, to a single virtual-deployed gateway, or Secure Access Concentrator (SAC). All the advanced functions like application detection, IPS, anti-virus and URL filtering can then be done centrally, meaning that the SC1 devices are small, inexpensive, lightweight and mountable. These are essential features for use cases with high-volume, relatively low-cost devices, for example an ATM, or a managed industrial refrigerator.

To ensure scalability into the thousands, multiple SACs can be integrated and managed by a single, central control centre. We’ve made the solution easy to ship in large numbers and easy enough to implement and manage so that organisations don’t need to hire a whole new team of security or IT specialists.

IoT Now: How does your approach differ to others in the market?

KG: Most of the traditional firewall or UTM players treat IoT defence as just another deployment option for their smaller firewalls. There is a hope that an industrial freezer or a remotely managed air conditioning system can be connected and secured in the same way as a home office. There are also a number of players that come from the industrial IT space and have a more specific approach on form factors.

Barracuda SC1 - Front
Barracuda SC1 – Front

Both groups have one thing in common: that the sheer number of connected things overwhelms the capacity of traditional management architectures. We went back to the drawing board to re-engineer the design of a secure, but ultimately scalable infrastructure. We moved the actual granular firewall fabric into the data centre, whether that is privately or in a public cloud. Then, the operational devices, which can protect and connect the things, are able to fulfil their role of making the devices invisible and permanently connected.

IoT Now: Has this been tested in the market yet? If so, with which organisations and what were the results?

KG: There have been a number of early adopters of secure IoT, but most of these companies relied on traditional firewall or VPN architectures, since they could scale comfortably from hundreds up to a maximum of a thousand. Some obvious examples are banks securing ATMs and some machine manufacturers.

Only recently has the digital transformation revealed the need to secure not hundreds, but tens of thousands of Things. The use cases for the S Series are incredibly broad, but while it is a few months too early to publicly speak of them in detail, it is astonishing how formerly self-defined “boring” IT infrastructures can all of a sudden change into the most demanding and challenging ones.

We have been working on a range of use cases including securing and connecting wind turbines, retail store components, automatic soup dispensers and industrial laundry machines. These use cases typically range from 1,000 up to 30,000+ devices. As you can imagine, there is time and effort involved into getting things right before the roll-out starts. What they all have in common, though, is that each project is one or two orders of magnitude bigger than what the respective companies have previously needed.

IoT Now: When and where can we expect to see this go to market?

Jeremy Cowan, editorial director of IoT Now & VanillaPlus.
Jeremy Cowan, editorial director of IoT Now & VanillaPlus

KG: The secure IoT market is ramping up right now. From a geographic perspective, Germany is leading the drive for this kind of simple, secure, scalable technology, but it is closely followed by the other industrialised economies including the UK and Netherlands. The S-Series is available and really gaining momentum across Europe now.

I see this as a reverse yet complementary evolution to the adoption of public cloud, which started in the US, gained momentum in the UK, then in Benelux until it eventually started to take off in Germany. Both the cloud and Things are natural results of the digital transformation of businesses and are hence inevitable trends, even enabling and further driving each other. Hence, we expect both to play a big role in the near future for almost every business.

Only recently users of cloud and IoT technology had to find a good reason to do it. Now, one has to find a good reason not to.

The author of this blog is Jeremy Cowan, editorial director of IoT Now & VanillaPlus.

Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow


Huawei launches FRMCS solution to facilitate digital transformation of railway

Posted on: September 28, 2022

Huawei officially launched the Future Railway Mobile Communication System (FRMCS) solution at the InnoTrans 2022 and the 9th Huawei Global Rail Summit in Berlin, Germany, where special guests, Wang Guoyu, COO of Huawei Aviation & Rail BU, and Li Jie, president of Huawei Enterprise Wireless Domain, spoke about its success.

Read more

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more

What is IoT?

Posted on: July 7, 2019

What is IoT Data as a new oil IoT connectivity What is IoT video So what’s IoT? The phrase ‘Internet of Things’ (IoT) is officially everywhere. It constantly shows up in my Google news feed, the weekend tech supplements are waxing lyrical about it and the volume of marketing emails I receive advertising ‘smart, connected

Read more
IoT Newsletter

Join the IoT Now online community for FREE, to receive: Exclusive offers for entry to all the IoT events that matter, round the world

Free access to a huge selection of the latest IoT analyst reports and industry whitepapers

The latest IoT news, as it breaks, to your inbox