Openness and security can go hand-in-hand to support IIoT
As organisations grapple with the complexities of securing industrial internet of things (IIoT) applications across multiple bearers, Robert Jones, vice president of Product and Sales at Netsnapper and Dan Caton, the partner manager at Wireless Logic Group, explain how new approaches can achieve both high security and the openness needed for IIoT to flourish.
IoT Now: What are the challenges of reconciling the conflicting demands of security with maintaining openness in IIoT? To what extent are compromises necessary?
Robert Jones: A lot of people are getting into IIoT and as that happens different companies are entering the market. On one hand you have companies, like Wireless Logic, that know endpoint connectivity but there are also enterprise players that know enterprise virtual private networks (VPNs) and application management. These two worlds have been operating separately and are coming together now but the enterprise people don’t necessarily understand the complexity of the connectivity world.
The security approach is different, too. Usually in a secure enterprise you use a private access point name (APN) – integrators will have a private APN with an operator – and it usually takes one to three months to deploy a new APN. It’s therefore a big cost and only the SIM cards from that operator are secure. People are left to try and secure their VPNs with that.
With openness, there’s a lot of benefit and value in having things publically addressable on the Internet but this can represent a security risk. We, however, can supply addressable IPv6 addresses to every device and openness can be enabled securely using configurable encryption for backend data analytics from specific devices, for example.
IoT Now: What methods and technologies are being adopted to achieve openness in secure IIoT environments?
RJ: We’re using software defined networking (SDN) to cut across different bearer types and within our software we’re providing configurable, up to 384 bit, encryption. We’re also looking at quantum technology to enable us further in future. The other thing opening up these networks for use in IIoT is IPv6. It’s been talked about for ten years but it’s really needed now because public IPv4 Internet addresses are running out.
Another benefit is that we can provide a bridge between IPv4 and IPv6. We have that futureproof piece today and can assign different addresses to endpoints.
IoT Now: So how does Netsnapper help?
RJ: With a partner like Wireless Logic we can secure the whole network. In addition to the capabilities I’ve mentioned earlier, if you want maintenance staff to have a view of certain parts of the network we allow policy management and encryption to devices to enable a person-tomachine (P2M) secure policy layer.
IoT Now: Dan, how is Wireless Logic utilising Netsnapper’s solutions?
Dan Caton: Wireless Logic is currently exploring many markets and applications where cloudbased Netsnapper can enhance our own secure infrastructure solutions, importantly bringing in its core modules at the earliest stage of connectivity planning. As a horizontal provider, this means that we are exposed to multiple verticals, many of which might employ facets or indeed the majority of Netsnapper’s core tools.
For our clients in the IoT space, we see a number of important wins by integrating the Netsnapper solution. But in all cases, Netsnapper plays into the existing strengths of the Wireless Logic connected ecosystem – delivering more security through Software Closed User Groups, enabling rapid speed to market, creating more seamless and reliable connectivity solutions and bandwidth management, and optimising expenditure through more efficient use of data management and analytics.
In terms of implementation, the Netsnapper servers can be deployed within a customer’s own datacentre. However, they are more typically cloud-hosted enabling the Netsnapper capabilities to be utilised across multiple network types such as 4G and ADSL. The solution can scale to hundreds or even thousands of connections enabling us to build mesh networks, and enable office locations or remote workers to seamlessly interact with IoT devices in addition to cloud and office-based services.
In a short amount of time, we’ve worked intensely with Netsnapper to create a seamless and integrated solution alongside the Wireless Logic NetPro infrastructure to deliver a quick-toimplement and scalable solution. This meeting of minds creates new and important opportunities for our connected work within enterprise networking – with a focus on ease of system integration and system manageability. Early reaction to this enhanced offering has been very positive.
IoT Now: What do you see as the key benefits?
DC: For us, Netsnapper will create enhancements across the IoT and telecoms industry. We envisage applications that have high data usage such as network failover taking advantage of data compression – managing the aggregation of data is critically important within business use cases where the potential to go above data thresholds can mean punitive overage costs. By utilising its optimisation tools, we see multiple data-hungry applications being able to restructure their business models, with more reassurance in terms of usage outcomes.
Switching between networks and bearer services seamlessly is also beneficial to a growing number of applications – especially where enterprises are increasingly moving core services to the cloud – including services such as voice over internet protocol (VoIP) using hosted private branch exchanges (PBXs) – a shift that will only continue to accelerate. Whilst the reliability of bearer services continues to improve, any loss of service can have massive consequential impact. By implementing Netsnapper onto the hardware or router, more applications will start to rethink their failover strategies – leading to more confidence in their own connected solutions and the ability to push their applications further with more emphasis on guaranteed uptime and performance.
Network security continues to be a priority for our customers – although many still use public static IP addresses to enable engineers or alarm receiving centres (ARCs) to access remote devices such as CCTV cameras. However, with Netsnapper we can enable the creation of multibearer closed user groups – by adding a client to each end point and providing the option to further secure the data in transit with the latest level of encryption – secure hash algorithm 2 (SHA-2).
This closed user group functionality is also a way to securely enable SIM-to-SIM communications, something we have enabled for utility companies enabling sensors, actuators and platform to communicate to each other as a mesh of devices rather than simply device to platform.
IoT Now: How are you planning on pushing the end offering to market?
DC: One of Wireless Logic’s unique selling points is delivering a total connectivity solution from early-stage bearer recommendation through to facilitation. This encompasses airtime, management platform, infrastructure and increasingly, the supporting hardware. We are building Netsnapper into our connected hardware offering and integrating Netsnapper tools onto market-leading routers.
We can now deliver improved security, compression, speed, mobility and cost-savings. Across a growing range of sectors such as electronic point of sale (EPoS) within retail, enterprise failover, mobile workforces and CCTV, we are changing the way customers think about their connected applications with a single integrated solution across multiple devices and bearers. With Netsnapper alongside Wireless Logic’s NetPro infrastructure, we can take an enhanced offering to market with an array of features – and all delivered on a cost-effective opex basis.