The proliferation of Internet of Things (IoT) devices is like the Wild West: Newcomers are appearing everywhere, no one is acting “civilized”, and anyone is suspect. IT staff can’t just decree that devices can’t be connected: Departments are buying networked devices on their own, and end-users are bringing consumer tech to work. Nyansa is positioning itself as a solution for the IoT Wild West, watching the network to catalog, characterize, and control new devices.
The Trouble with Robots
Nyansa has been around for a while, and are well-known for their ability to monitor and manage client devices and applications. But IoT presents a new challenge for solutions that have traditionally used client-side software as a key data collector. You can’t install software on an infusion pump or industrial robot, and you wouldn’t want to in any case. This presents an opportunity for Nyansa’s “Crawler”, since it can monitor the entire network through a tap on a core switch. Anything happening on the network is presented to Nyansa’s Voyance platform for analysis.
Then there’s the problem that IoT devices are “things” rather than computers. In other words, they aren’t part of the traditional IT environment because of what they are. They are specified, ordered, and deployed without thought to IT because they aren’t in the datacenter and don’t look like computers. If the network manager allows them to connect, they’re online. There’s also a vast array of “BYOD” devices connected by employees, from smart speakers to power line devices. These don’t look like computers either, and IT has no idea where they are deployed.
Even if IT could get a handle on the installed base of IoT devices, they might not be able to solve the security and access problems uncovered. Most popular IoT devices are developed not by networking or security companies but by solution providers of all sorts. In healthcare, we see “bed-side” devices like infusion pumps and patient monitors; in manufacturing it’s robots and quality assurance; and smart buildings are sprouting up everywhere with signage, lighting, and “toys”. These devices have vexed Wi-Fi and networking experts for ages, but the sheer number has gone beyond what people can manage by hand.
A New Sheriff In the Network
Nyansa proposes to take control of the situation through a five-part process: They will inventory the devices, verify connectivity and performance, characterize their behavior, detect and secure unusual actions, and verify that mitigations are working.
Detecting devices is entirely passive. Nyansa watches traffic, identifies endpoints, and characterizes the devices. Rather than building an exhaustive inventory of supported IoT solutions, the product simply watches what network clients are doing. In most situations, this inventory will include a surprising list of IoT endpoints that IT wasn’t aware of. Maybe there’s an Alexa speaker in the conference room, a video player in the lunch room, or a smart lighting fixture out front. And healthcare and manufacturing environments will likely discover all sorts of devices on the network. They may also be surprised by what’s not connecting: Lots of devices end up sitting in closets or disused in the corner!
In short order, Nyansa Voyance will identify how often each device connects and what it is up to. Nyansa characterizes the connectivity and performance of all network clients, and this includes IoT devices. But smart pumps and robots and so on have very different performance characteristics from a tablet or desktop. The platform will begin to characterize their behavior on the network. How often do they connect? Where is the data going? What does the data look like?
The next step is to secure the network. If a device starts to deviate from its typical routine, Nyansa can take action to mediate. It can deauthorize clients, deny them DHCP addresses, disconnect them from Wi-Fi, and so on. It can even segment a software-defined network, isolating devices to keep them from going rogue. And all of this is based on learning rather than an expert system.
Stephen’s Stance
As discussed at Networking Field Day 20, IoT is a new area for Nyansa but was a natural extension for the company. They already have traction in healthcare and manufacturing and these are big users of IoT devices. It was natural that Voyance would be collecting data on these devices and that the company would develop a solution to manage them. The characteristics of the platform lend themselves to policing this problem, and I am impressed by what they’ve delivered to date.