cherezoff -

Apstra stops the cyber criminals from loitering with intent

Intent-based networking fine-tunes all the complicated variables that influence the performance of a network infrastructure and can head off any potential cock-ups

We really do take our networks for granted. They are powerful and intelligent, but nobody ever asks how they actually feel.

Some empathy is called for. You should never criticise a router until you’ve walked the last mile in its shoes.

To get some idea of the experience of being bombarded with information until your memory is full and packets are spilling out, you only have to read the security reports about the internet of things (IoT).

One from Irdeto says that in a survey, only 7% of 700 global enterprise decision-makers said they feel they have everything they need to be secure. Meanwhile, 80% of device makers say products can’t withstand a cyber attack. By coincidence, exactly the same proportion have been breached in the last 21 months. They should call that the 80:80 rule.

There is no time to process that because here is another bombardment of stats from Symantec’s Internet security threat reports of 2019. Routers contain 75% of all infections, but connected cameras are coming up fast in the Turncoat Stakes, reporting five times the number of hacks they got last year. Sensors are just as vulnerable. When they aren’t taking temperatures, monitoring printers or spying on the population, they will be holding the gateway to the smart city open so that the barbarians can pour in.

The problem with IoT gadgets is that all of them have a default setting of “disaster”. Vendors very kindly publicise their vulnerabilities and there are online databases that publish all the factory settings and passwords. With the help of Shado, the specialist search engine for security, criminals and state hackers are provided with all the weapons they need for an armed robbery.

Keiron Shepherd, senior systems engineer for security vendor F5 Networks, says the IoT players needs to get together to change this. Until some sort of concerted action comes from vendors and bodies, the task of raising awareness and jolting people out of their complacency falls on F5 and its distributors and installation partners, he says.

Perhaps they should try to emulate the approach taken by a different branch of service provision, proposed by Apstra.

Intent-based networking

Intent-based networking is based on a fundamentally different question, says CMO Michael Wood. “Intent is about what you want, not how you want it,” he says. In other words, you don’t just flog people kit and leave them to their own devices, assuming they will do the right thing. Because, as they say in the military, assumption is the mother of all cock-ups.

Apstra and its sales partners will ask “what do you want to do?” and then go out and put everything together and cover all the bases. Traditionally, the IT buyer based their choice on the hardware. The ghastly spectre of “the brand” is something that Apstra’s intent-based networking model will exorcise.

Instead of being dominated by boasting vendors that market a time machine and deliver a clunky metal box with all the mobility and grace of a Morris Marina, intent-based networking fine-tunes all the complicated variables that influence the performance of your infrastructure, says Wood.

Every element across the entire diaspora of the network – from IP addresses to interfaces, syntax to software, cables to router tables – is monitored and micromanaged. From this, you can build a much more fluid and intelligent network. Try to visualise it as the shape-shifting, self-regulating and regenerating monster from the film Predator, only with good intentions.

“Every tiny change is automatically noted and its effect is registered and modified,” says Wood. The result is a network that is efficient and secure, because nothing is left to chance and default settings never get to mother any cock-ups.

It is a service that Apstra and the channel can sell to enterprises, cloud service providers and telcos. These clients are precisely the types of companies that will want to run IoT networks – only more securely than they are at the moment.

“Tight” should be the IoT’s default setting. Or so you would assume.

Read more on Network Infrastructure Solutions and Services