Internet of things (IoT) devices are now an integral part of any organization’s network. Smart lights, cameras, card readers, printers, etc., are critical to the day-to-day operations of branch offices and retail outlets. Gartner predicts there will be over 18 billion connected devices in enterprises by 2030. To put the numbers in perspective, that’s four times the number of devices connecting to enterprise networks than users.
Palo Alto Networks Unit 42 Team’s IoT Threat Report states that these devices have exposed organizations to a new set of cyber threats as 57% of these devices come with built-in vulnerabilities, 98% leverage unencrypted traffic, and 83% of all connected devices run an unsupported operating system (OS).
The right approach to securing IoT devices begins with an accurate identification which includes category, vendor, model or operating system. To address this requirement, enterprises today are deploying point products such as IoT sensors at the branches. This adds significant operational costs and complexity as we introduce yet another device to manage at the branch and they backhaul traffic to IoT controllers for visibility and security purposes.
Secure access service edge (SASE) converges wide area networking or WAN, and network security services like CASB, FWaaS and Zero Trust, into a single, cloud-delivered service model. The hybrid workforce, cloud adoption and the need for zero trust have defined SASE as the de facto solution to deliver digital transformation, protect applications and users and improve user experience. With the explosion in IoT presence, these capabilities should also extend to things.
Protecting IoT devices should start with the SASE solution's capability to discover IoT devices continuously. This means software-defined wide area networks (SD-WAN) that are integral to SASE in transforming networks should provide accurate IoT identification at the branches. By tightly integrating security services with SD-WAN, SASE should enhance visibility into IoT traffic patterns and enable effective security enforcement that takes into account device classification and vulnerabilities. This comprehensive approach should provide businesses with the tools to proactively protect their networks from potential threats in the rapidly evolving IoT landscape.
Palo Alto Networks introduces new capabilities for its Prisma SD-WAN solution offering deep IoT device visibility. Customers can now leverage their existing Prisma SD-WAN appliances to help secure all IoT devices with Prisma Access. This eliminates the need to implement additional sensors at the branches and backhaul traffic.
Prisma Access, with a global presence and IoT security subscription, delivers detailed IoT inventory with high confidence while detecting abnormal behaviors of these devices. IT administrators can now identify all IoT devices, view security policy recommendations and enforce these policies from a single console offered by Prisma SASE unified cloud management console.
With ZTNA 2.0, businesses can confidently identify and secure all IoT devices, regardless of their vendor or operating system, by safeguarding them against advanced threats and unknown vulnerabilities. This industry’s only complete solution extends zero-trust to protect all endpoints and mitigate the risk of cyber attacks on the organization.
Join SDxCentral and Palo Alto Networks for an exclusive online event to see how artificial intelligence/machine learning (AI/ML) is powering next-gen SD-WAN and SASE for the branch.