Upload
others
View
7
Download
0
Embed Size (px)
Citation preview
[email protected] | 430 Cowper Ave Ste. 250 Palo Alto, CA 94301 | nyansa.com
Voyance IoT Operational Assurance
Security and Performance analytics for IoT & Critical
connected devices
SOLUTION OVERVIEW
The Voyance IoT Operational Assurance Solution is the industry’s
first comprehensive AI-based solution to integrate full security
lifecycle management and device performance analytics
for IoT & Critical connected devices within a single platform.
Voyance gives IT, cybersecurity, and line of business owners
insight into the full IoT operational life cycle including, asset
inventory, connectivity, performance and root-cause analysis,
vulnerability detection and enforcement, risk assessment, and
policy compliance.
As organizations deploy non-traditional networked devices to
address business critical initiatives, they face new challenges
of how to codify and control the behavior, performance and
security of these devices. For instance, connected infusion
pumps, EKG machines, and smart temperature sensors in
healthcare; smart robots, connected tools and barcode scanners
in manufacturing and distribution, and even esoteric connected
devices such as smart lights, speakers, digital frames, 3D-printers,
etc. in any industry. Voyance IoT represents a new approach that
leverages sophisticated AIOps technology to tackle the unique
threat posture of these purpose-built connected devices that
render traditional security tools ineffective. KEY BENEFITS
Designed to integrate with the NIST & ISO cybersecurity frameworks, Voyance IoT automatically classifies, secures,
and analyzes the behavior of IoT devices from end-to-end across wired and wireless access networks and delivers the
following core capabilities:
Automatically discover, inventory & classify critical IoT devices
Voyance is an agentless security platform for IoT and unmanaged critical devices that collects data passively, via
a software crawler sitting out-of-band on customer’s network. This vantage point enables the platform to monitor
every single client transaction on the network to automatically identify known and unknown IoT and critical
connected devices. Device identification is accomplished by employing a machine learning based, hierarchical
device classification system that uses the detailed behavioral signature of each detected device. Beyond automatic
classification, customers are also afforded the flexibility of tagging critical devices and assets for continuous analysis
within the Voyance IoT security lifecycle management framework.
KEY BENEFITS
• Automatically discover, inventory &
classify critical IoT devices
• Baselining IoT device behavior for
risk assessment and threat detection
• Automating security enforcement to
restrict access to malicious or
compromised devices
• Enabling global industry views into
IoT threats, behaviors and
performance benchmarks
• Tracking utilization & performance
of IoT devices to provide key
operational insights
[email protected] | 430 Cowper Ave Ste. 250 Palo Alto, CA 94301 | nyansa.com
Baselining IoT device behavior for risk assessment and threat detection
By looking at similar IoT devices in a single environment, as well as across multiple customer environments
Voyance automatically ‘learns’ what the normal, baseline behavior of a particular device should be. With over
20 million devices currently under observation, the Voyance system continuously updates the unique pattern for
each family of devices across the entire Voyance installed base, minimizing false anomalies.
In addition to automatically detecting deviations in baseline behavior the Voyance platform also measures the
risk profile for each connected device. This includes recognizing when critical assets share network segments
with non-critical and/or user devices, or when network credentials meant for critical devices are misused, as well
as recognizing when devices talk to suspicious URLs or IPs. To this end, the solution incorporates over 300 billion
global threat data points from a constantly updated URL and IP threat intelligence database.
• Auto detect IoT
devices
• Integrate with
inventory
management
systems:
CMDB & CMMS
• See critical devices:
Infusion pumps, UC,
POS systems
• Detailed statistics: TX/
RX traffic, SSIDs, VLANs
• Full, filterable view of all
client group activity
• Scope to a single IoT client/
group
• Threat intelligence view
with evidence drill-down
• See events, attributes, SSID
and VLAN details
• Automatically basline
behavior
[email protected] | 430 Cowper Ave Ste. 250 Palo Alto, CA 94301 | nyansa.com
Automating security enforcement to restrict access to malicious or compromised devices
If an abnormality is detected, Voyance platform seamlessly integrates into a customer’s cybersecurity workflow
via their SIEM or other Network Access Control (NAC) and identity systems, such as Cisco ISE via pxGrid. This allows
customers to enact corrective action directly within Voyance such as quarantining, revoking access, or other
customer defined actions through direct integrations to their existing infrastructure.
Enabling global industry views into IoT threats, behaviors and performance benchmarks
With patented cloud-native technology that provides anonymized insights for all customers into their IoT
devices’ global behavior and threat data, Voyance IoT allows customers to compare device behavior to other
anonymous Voyance customer to gain objective answers to questions surrounding IoT performance and security.
By leveraging our anonymized industry baselines, customer’s can quickly create a path to improve your security
program maturity.
• IoT security orchestration via
integrations
- Cisco/pxGrid
- NAC & identity systems:
Cisco ISE, Aruba Clearpass, etc...
• Historical record of actions taken
• Detailed event timeline of every
IoT transaction
• Real-time threat detection, alert
generation and containment
[email protected] | 430 Cowper Ave Ste. 250 Palo Alto, CA 94301 | nyansa.com
Tracking utilization & performance of IoT devices to provide key operational insights
Our highly scalable and mature Voyance device performance analytics solution is deployed in hundreds
of enterprise access networks and gives customers detailed knowledge of every single IoT device in their
environment, where they are located, and their level of use. Customers also gain insight into problematic devices
that are having issues connecting to their application with detailed root-cause analysis and remediations.
• Historical baseline
performance of
any IoT device
type on the
network
• Unique SaaS cloud-sourcing
to facilitate comparative
benchmarking across all
customers
• Enable global industry views
into IoT threats, traffic, activity
for comparable IoT device
models in comparable
environments
• Remediate problems faster
[email protected] | 430 Cowper Ave Ste. 250 Palo Alto, CA 94301 | nyansa.com
ADDITIONAL KEY BENEFITS• Quantifying utilization, risk & performance of critical IoT assets
• Wired and wireless device support; support for multiple infrastructure vendors
• Completely agentless and software-only service requiring zero changes to existing network infrastructure
• Proactive enforcement of IoT security policies
• Extensive set of vendor and technology integrations via extensible Voyance platform APIs
• Full IoT Security lifecycle management & Device performance analytics in a single platform
• Role-based access control (RBAC) to customize product views and controls to address the needs of different
personas - IT, cybersecurity, and line of business owners
• Voyance is a certified solution on the Cisco pxGrid ecosystem
HOW IT WORKS?
1. Wired and wireless data from IoT and critical connected devices flows through the network infrastructure and WLAN controller
2. The Voyance crawler looks at all client packet data via a span port on network switch(es) and receives Wi-Fi data from the controller. It then processes the data and sends low bit rate metrics to the cloud
3. The cloud engine processes and correlates incoming data providing actionable insights to IT, cybersecurity, and line of business owners
VOYANCEPrivate or Public Cloud Analytics Engine
VOYANCE Crawler
Data Sources
Voyanceto Crawler
Wired Fabric
Closet Switch
Access Point
CLOUD
INFRASTRUCTURE
CLIENTSCritical Applications
Trust and Identity
Wi-Fi Controller ARUN / CSCO / EXTR
Cisco ISE, Aruba/HP Clearpass, Free RADIUS, AAA
SPAN, TAP
SPAN
Raw Packet Data
Cisco UCM, MSFT SKYPE, Citrix, GE Unity,
NetFlow, JFlow, SFlow
SNMP, AMON, etc.
Data integration directly to Cloud
WAN Routers
IoT devices/assets WIRED WIRELESS
Small Branch Appliance (300Mbps) Large Enterprise Appliance (Up to 40Gbps) or ESXi Virtual Machine
SIEM, SecOps, CMMS
[email protected] | 430 Cowper Ave Ste. 250 Palo Alto, CA 94301 | nyansa.com
TECHNICAL SPECIFICATIONS
KEY DATA SOURCES
• Packet data via SPAN or TAP
• Wi-Fi infrastructure vendors - Cisco, Aruba, Extreme Networks, Mist*
• NetFlow support
• RADIUS Syslog → Cisco ISE, Aruba ClearPass, FreeRADIUS, Microsoft RADIUS
• DNS/DHCP → Infoblox*
EXTERNAL INTEGRATIONS TO ORCHESTRATE IOT OPERATIONAL WORKFLOWS
• Network Access Control (NAC) and identity systems: Cisco ISE, Aruba/HPE ClearPass*
• Security threat control platforms: Cisco’s Platform Exchange Grid (pxGrid). Voyance is a certified solution
on the Cisco pxGrid ecosystem
• CMDB: ServiceNow native integration
• SIEM: Splunk and others via extensible Voyance platform APIs
• We are adding integrations to CMMSs, Firewalls*
EASE OF DEPLOYMENT
• Offered as a public SaaS or private cloud solution
• Agent-less and sensor-less software-only service
• Requires zero changes to existing network infrastructure
* In progress
[email protected] | 430 Cowper Ave Ste. 250 Palo Alto, CA 94301 | nyansa.com
FEATURE LIST
FeaturesVoyance IoT Operational
AssuranceClient performance service baselining, incident generation &
alerting Tracking historical performance to provide before and after
snapshot
Client monitoring and troubleshooting for Service Desk Proactive recommendation engine for client experience Comparative Industry Benchmarking via Cloud-Sourcing User Application Analytics (Skype for Biz, Cisco UCM, Citrix, GE,
Ascom) WAN Analytics – WAN link utilization correlation with client
experience
Device classification & inventory IoT device behavior characterization Alerting & real-time anomaly detection IoT security with integrated Threat Intelligence IoT security risk assessment via industry benchmarking Security workflow orchestration and micro-segmentation via
infrastructure integrations (NAC, Cisco pxGrid)
SIEM Integrations (Splunk, APIs etc.) CMDB: ServiceNow native integration
WHAT DOES VOYANCE CONSIDER AS AN IOT DEVICE?
IOT DEVICE
(n. singular)
Purpose built, network-connected computing
devices that have the ability to transmit data
and cannot be managed via traditional
security tools are classified as IoT devices by
Voyance IoT Classification engine. Conventional
user devices such as desktops, laptops, smart
phones & tablets are explicitly excluded from
this definition.
Some examples of IoT devices include: connected infusion pumps, EKG machines, and smart tempera- ture sensors in healthcare; smart robots and connected tools in manufacturing; barcode scanners and POS systems in retail & distribution, and even esoteric connected devices such as smart lights, speakers, digital frames, 3D-printers, wearables etc.
However, customers have the flexibility to override and customize the Voyance IoT classification engine to include or exclude devices considered critical or non-critical in their specific context.
[email protected] | 430 Cowper Ave Ste. 250 Palo Alto, CA 94301 | nyansa.com
Credited with developing the industry’s first cloud-based enterprise network analytics platform, Nyansa is a fast-growing innovator of advanced IT analytics software tech-nology and operates the world’s largest and the only vendor-agnostic public analytics service – observing and analyzing traffic across hundreds of production sites with more than 20 million client devices around the world.
The Nyansa Voyance platform is the industry’s first full-stack vendor agnostic platform for client experience and critical asset protection.
Employing context relevant machine learning and big data analytics, the Voyance platform collects and analyzes extensive data including packet and flow data, wireless metrics, system log metrics, global threat and IP enrichment data. Nyansa’s Voyance product is available as a public SaaS service or as a pre-configured private cloud solu-tion.
Customers range across a variety of industries including companies such as MuleSoft, Stanford University, Uber, Tesla, Mission Healthcare System, San Francisco International Airport, American Eagle Outfitters, and the Mayo Clinic.
Voyance is available for proof of concept demonstrations at no cost. The system is typi-cally deployed and operational in under one hour.
To request a demo, trial or more information, visit: https://www.nyansa.com/demo.
ABOUT NYANSA
The Nyansa Voyance AIOps Platform is the industry’s first full-stack vendor agnostic plat-form for network performance and IoT operational assurance with the integration of IoT security and device performance analytics in a single platform. Employing context relevant machine learning and big data analytics, the Voyance platform collects and analyzes extensive data including packet and flow data, wireless metrics, system log metrics, global threat and IP enrichment data.
THE VOYANCE AIOPS PLATFORM