Device Security: Race to the Edge

Smart Communication

Device Security: Race to the Edge

Analytics services are moving to the edge but ensuring the physical security of edge devices can be a real headache. Device Security providers often take very different approaches to securing the edge, and finding the right strategy for enterprises and organizations will vary by IoT business case, not to mention risk management.

by Oliver Schonschek

The cloud ain’t what it used to be. “The traditional model of moving huge amounts of data from edge devices to a central cloud for processing poses certain challenges in terms of bandwidth and scalability, slowing down operations and raising compliance and privacy issues,” says Satyam Vaghani, vice president and general manager for IoT and AI at Nutanix, a software company specializing in hyper converged infrastructure (HCI).

“Given the right edge computing platform, these challenges can be met with ease, at low cost, and on a global scale,” he maintains, adding that worldwide edge intelligence can clear the road for many companies to unleash their innovative power.

the cloud is the wrong place to store data. Instead, intelligence should be transferred to where it is really needed – at the edge.

Satyam Vaghani, vice president and general manager for IoT and AI, Nutanix

Satyam Vaghani - vice president and general manager for IoT and AI, Nutanix

According to Vaghani, the race to the edge is already on: “In manufacturing, edge means many more machines and facilities can undergo predictive maintenance because parts can be inspected in situ through image analysis which shows up quality problems faster than ever before. Retailers are empowered to analyze patterns in purchasing behavior down to the level of individual outlets. In every case, recognizing and reacting to trends becomes faster and more flexible.”

Securing Mission-critical Edge Solutions

The data produced by these forms of analysis is extremely valuable for the enterprise and provides a tempting target for hackers and cybercriminals. Protecting data stored at the edge must be given top priority.

“Despite its undisputed benefits, edge technology does make management’s job harder,” warns Dr. Martin Klapdor, senior solutions architect at Netscout, a provider of application and network performance management solutions. Edge computing, he is convinced, is best for use in Industrial IoT (IIoT) and machine-to-machine (M2M) applications and environments which focus mainly on such technologies as sensor networks, mobile data capture, signature analysis, peer-to-peer applications, and ad-hoc connectivity solutions. “Since these are usually mission critical and highly interdependent, breakdowns of individual components can have drastic and lasting effects on business,” he believes.

Edge security needs to follow the business case instead of vice versa.

Dr. Martin Klapdor, senior solutions architect, Netscout

Dr. Martin Klapdor - senior solutions architect, Netscout

How can applications that live out there at the edge be secured? A wide range of providers offer solutions, often based on very different approaches to the problem. Finding the right one for a particular company can be daunting – to say the least. Edge device security needs to follow the business case instead of the other way around.

Edge Security as a Service

In order to bring online services closer to their customers, enterprises do not always need to invest in their own edge infrastructure. In fact, there are a number of providers willing to offer Edge as a Service (EaaS).

One of them is Massachusetts-based Akamai, whose Intelligent Edge platform currently runs on more than 240,000 servers around the world. “We are very close to the customers of our customers,” asserts Elmar Witte, product marketing manager for security at Akamai. He claims there is a big difference to more traditional cloud providers because Akamai is focused on services such as media delivery, web performance monitoring, and security, whereas Amazon Web Services (AWS) and Microsoft Azure typically rent storage space and computing power. “Our performance services speed up the delivery of online applications and online content,” he says.

Akamai has 240,000 edge servers worldwide.

Elmar Witte, product marketing manager for security, Akamai Technologies

Elmar Witte - product marketing manager for security, Akamai Technologies

A good example from Witte of a “cloud first” strategy is a use case of a large international banking firm which initially spread its cloud development over various platforms including AWS, Microsoft Azure, and Google Cloud. It then decided to realize uniform device security standards over all its services by integrating Akamai into an edge-based security layer. In addition, it opted for Akamai Edge Platform to increase the speed and performance of their websites and online applications.

IT Container WBW1 - Einbauten

Thyssenkrupp Steel implemented its first edge data center, provided by Riottal, as far back as 2017.

Another edge security specialist, Limelight Edge Compute, has gone a different route by reducing network latency for operators of online conferencing solutions. “These users expect perfect voice and video quality no matter where in the world they use the service,” says Steve Miller-Jones, vice-president of product strategy at Limelight. Slow loading and buffering can exacerbate transmission delays, frustrating customers and leading to more support tickets, not to mention loss of business. “Limelight reduces network latency by routing conferences through its proprietary global network, thus offering uniform service quality worldwide, which makes our customers very happy indeed.”

Device Security: First and Last defense

Enterprises that prefer to build and operate their own edge infrastructure can turn to specialist vendors offering security elements as add-ons, creating a kind of bulwark system to protect their assets at the edge. One of these, Netscout Arbor Edge Defense, has been described by its manufacturer as the “first and last defense against incoming and outgoing cybersecurity risks.”

Limelight reduces network latency by routing conferences through its proprietary global network backbone.

Steve Miller-Jones, vice president of product strategy at Limelight Networks

Steve Miller-Jones - product marketing manager for security, vice president of product strategy at Limelight Networks

Dr. Martin Klapdor of Netscout believes that demand for edge security will explode over the coming years as 5G mobile technologies go operational. “Smart cities, mobile health services, augmented reality, and autonomous vehicles are all in very early stages of development,” he believes. “To get out of the pilot stage they will need robust security like the kind Netscout provides.”

Ideally, he says, an edge-based device security solution should identify outgoing communication attempts to suspicious IP addresses, domains, and individual URLs. This can help stop malware from entering the company’s network, where it could start draining off sensitive data. In case of attack, Arbor Edge Defense collects information about the type and scope of the attack so IT professionals can react fast. The solution comes equipped with a host of preconfigured connectors and interfaces to hook up with existing security systems within the company.

The Packaged Edge

Besides various service or hardware options for existing edge infrastructure, enterprises can choose to purchase preconfigured “edge containers,” or even a complete edge data center with built-in security. A leading vendor in this field is Rittal, a German provider of industrial enclosure systems, including power distribution and climate control as well as for IT infrastructure and software and services. Rittal sees itself as an industry leader in this field, explains Andreas Keiger, executive vice president of Rittal’s Global Business Unit IT.

“In order to facilitate the creation of data centers we have chosen a modular design that is like a set of building blocks, enabling clients to construct their own facilities to their own specifications,” he says. To that end, Rittal has partnered with leading global solution providers such as SwissSwedish multinational ABB, Hewlett Packard Enterprise (HPE), and IBM. Services are hosted in Germany by Innovo, a leading cloud service provider whose job is to bundle all this into turnkey, edge solutions including hardware, software, and services.

A good example of a Rittal deployment in the field of manufacturing is Thyssenkrupp Steel, the German industrial giant. It has installed edge data centers connected to the cloud at all its production facilities in order to facilitate the digitization of day-to-day manufacturing processes. The amount of data being transferred back and forth has grown enormously, as has demand for shorter latency and seamless data access.

Thyssenkrupp installed its very first IT containers as production units back in 2017. These were designed by Rittal to fit the exact needs of the company and realized through Rittal’s partner network. The containers are assembled on site and are configured as edge data centers with direct access to the cloud.

We expect to see many enterprises decentralizing their It infrastructure in 2019.

Andreas Keiger, executive VP at Rittal

Andreas Keiger - executive VP at Rittal

Another example is the edge data center located at Cloudpark Höchst, near Frankfurt, which was developed by Rittal with Innovo. It was designed specifically for local companies around Frankfurt and provides them with fast, secure IT services through standardized edge containers.

Devices Security - Cloud Park Höchst

Cloudpark Höchst: is a data center for companies located in the Rhein-Main region of Germany. Prefab IT containers supplied by Rittal provide a wide range of IT services. Thyssenkrupp Steel

This goes to show that there are a number of possible paths to the edge from which companies can choose. Finding the right one will depend on the business case. As a rule of thumb, it can be said that in the coming years the closer you are to the customer, the more important edge computing will become. To secure edge installations, calling on edge service providers may be best but if speed and simplicity are key, special edge containers or whole edge data centers will probably be right for you.

Leave a Reply

Your email address will not be published. Required fields are marked *