CloudPost Accelerates Network Segmentation Projects
CloudPost has joined the Cisco Security Technical Alliance to accelerate network segmentation projects for organizations using Cisco pxGrid and Cisco Identity Services Engine. CloudPost’s software solution automates the process of classifying and micro-segmenting business critical IoT devices, which are historically complex and labor-intensive tasks. The solution provides:
IoT Device Classification & Risk Assessment : CloudPost saves time by automatically identifying and placing IoT devices into specific groups of like equipment — GE Medical CT scanners are separated from Axis P3214 IP cameras. This is done with active and passive inspection of devices and their communication flows, and requires no manual effort. Further, the system is able to conduct scans to identify exposed vulnerabilities, outdated firmware, and poor password use.
Device-Specific Behavioral Analysis : CloudPost analyzes IoT device communications to identify normal versus abnormal transactions based on a learned flow genome that is specific for each device. This allows security operations to easily identify if a device is under attack or potentially compromised.
Device-Specific Policy Creation : In order to implement micro or logical segmentation in ISE and TrustSec, it is imperative to understand the communication behavior each IoT device uses, and use that information to create accurate access policies. CloudPost improves team productivity by providing insight per device and group of devices, which makes it easy to implement a granular segmentation strategy.
Cross-Network Communications : Determining which IoT devices are communicating across networks or to the Internet is challenging. CloudPost reduces effort by learning the network topology automatically, and then correlating per-device communications through network boundaries to help audit and control policy at firewall and router chokepoints.
To dig in a bit further, check-out these blogs:
IoT Security: Top 5 Reasons Why NAC Falls Short
IoT Security: Top 5 Tasks Requiring Automation