Smart city is a multi-disciplinary, multi-field, highly integrated large-scale system. One of the core components of the intelligent system of smart city is the Internet of Things (IoT), which drives the technologies that enable the perception of, as well as interaction and coordination with the physical world by the digital world. It is one of the most fundamental infrastructures supporting smart cities. IoT security is also crucial for the security and stability of smart cities.
The NSFOCUS IoT security solution aims at the problems brought about by the ubiquity of IoT terminals, such as difficulty in asset management and control, and extension in areas where security services are needed, as well as the resulting exposures of illegal connectivity, device counterfeiting, illegal access, and data leakage. It is a comprehensive solution based on comprehensive consideration of asset management and control, network access management, and network behavior management and control. In the report Hype Cycle for Smart City and Sustainability in China, 2022 issued by Gartner®, NSFOCUS was selected as a representative vendor in the field of smart city CPS security.
IoT is more and more widely applied across large-scale industries or areas such as smart cities, smart transportation, WIT120, and smart communities. Compared with the traditional office IT system, IoT system is characterized by a higher security level, large network scale, more network branches, poorer controllability of external access, more scattered geographical location of front-end devices, and difficulties with artificial supervision, etc., resulting in higher risk exposures of front-end device. Therefore, it becomes crucial for security operations to find solutions to illegal connectivity, device counterfeiting, connection with the Internet from proprietary networks, internal data leakage, etc., and ensure the complete controllability and full-time availability of the IoT system.
In accordance with the aforementioned characteristics and security protection requirements of IoT, our solution integrates multiple security capabilities, including but not limited to, automatic detection of devices on the network, real-time failure alarm, automatic vulnerability detection, automatic network access control, automatic network behavior analysis, automatic behavior anomaly detection, automatic infrastructure management, digital watermarking, and anti-screenshot, which can be used for a wide range of purposes, such as IoT asset management, terminal access management, illegal gateway detection, abnormal behavior detection, fault monitoring, operation and maintenance audit, weak password vulnerability detection, and data leakage prevention. In addition, it enables hierarchical deployment and flexible extension.
Driven by machine learning algorithms, this solution conducts network behavior analysis, and automatically establishes a whitelist of network access relations to help users fully grasp ongoing network behaviors. During the network behaviors identification and analysis process, upon spotting abnormal network behaviors, the system immediately starts alarming and blocking, making it impossible for attackers to hide. Our solution can detect, manage and monitor tens of thousands of IoT terminals and other devices on the network; network anomalies can be detected and blocked through address analysis, behavior analysis and vulnerability scanning.
Solution features
- Network-wide automatic device identification and management
- Topology self-learning and network element management
- Behavior anomaly alarm and blocking
- Illegal gateway alarm and blocking
- Digital watermarking and anti-leakage
- Failure detection and video monitoring
- Client-free secure access for devices
- Weak password and vulnerability detection
- Encrypted transmission and terminal protection
- IoT behavior audit
References
[1] Gartner, Hype Cycle for Smart City and Sustainability in China, 2022, July 2022
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Gartner and Magic Quadrant are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.