Page 37 - index
P. 37
The alternative, though it may sound onerous, is to create separate logical or physical networks
for Internet of Things devices and traffic. These networks can support different authentication
requirements from guest wireless networks and can support the access and prioritization
requirements of IoT devices. Unfortunately, our survey showed that only 30 percent of
respondents planned to implement separate IoT networks.
Things get trickier (literally) when different species of device have very different access
requirements and can’t easily or securely be mixed on the same network. For example, a third
party might require remote access to one type of Thing, while another type of device might need
to communicate with an internal database server to function—but you might not trust the third
party to access that database server. How you handle that scenario is up to you, but you might
consider creating different Internet of Things networks based on patterns of access: Things that
need access to internal resources, Things that third parties on the Internet need access to, and
so on.
Providing appropriate network access to the Things on your network is far from the only security
challenge you’ll face as we deploy the Internet of Things—there are the limited security features
of some Things, the need to manage them and keep them upgraded—but at least you can use
the networking tools you have at your disposal to address the problem.
About the Author
Cricket Liu is a leading expert on the Domain Name System (DNS) and
Infoblox’s Chief Infrastructure Officer. With more than 25 years of experience
with enterprise-scale DNS infrastructure, technical writing, training and course
development experience, Cricket serves as a liaison between Infoblox and the
DNS community.
Prior to joining Infoblox, Cricket worked for HP for nearly 10 years, where he
ran hp.com, one of the largest corporate domains in the world, and helped found HP's Internet
consulting business. Cricket later co-founded his own Internet consulting and training company,
Acme Byte & Wire. After Network Solutions acquired Acme Byte & Wire and later merged with
VeriSign, Cricket became director of DNS Product Management.
Cricket is the co-author of all of O'Reilly's Nutshell Handbooks on the Domain Name
System, DNS and BIND, "DNS on Windows NT," DNS on Windows 2000, DNS on Windows
Server 2003, the DNS & BIND Cookbook, and DNS & BIND on IPv6, and was the principal
author of Managing Internet Information Services.
37 Cyber Warnings E-Magazine – December 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
