Twitter: @ForeScoutArch
Chapter 2: Control Freak
Control: the ability to manage a machine, vehicle or other object. The restriction of an activity, tendency or phenomenon.
Previously on the Internet of Stranger Things, the explosion of IoT devices on our networks proved to be similar to the Shadow Monster in the Upside Down world. What once seemed to be a cute little Demogorgon (not unlike BYOD) has turned into a monster (a plethora of connected, IP-addressable devices) connecting areas of our network that aren’t intended to be connected. IoT isn’t coming for you, it HAS come for you and you can feel it everywhere. And just as there was evidence of something compromising the city of Hawkins through the infested pumpkin patch, flickering lights, bulging walls, static on the phone, and even shadows in the sky, IoT provides its own reflection of IOCs (indications of compromise). IOC’s are found in unusual outbound traffic, login failures, non-compliant endpoints, raspberry pies, home-brewed wireless, anomalies in privileged account activity, etc. The tentacles of IoT are so many and so far reaching that it feels impossible to even know about all the connected devices, much less control them. These tentacles are gateways for IOCs to invade our network and, like the shadow monster, these threats are growing, and spreading…and killing. As the tentacles of the IoT Shadow Monster continue to grow, you can’t continue fighting or containing it with tools intended for other uses no matter how many certifications you have. Firewalls, intrusion prevention tools, web and email gateways and even endpoint solutions play a part in slowing down the beast, but we must leverage something new. Something that can discover, classify and control the beast.
Enter Eleven…the beautifully innocent, yet powerful lab experiment, who has the power to connect to and control things. Whether it’s preventing a friend’s plunge from a cliff, catapulting a van in hot pursuit, or causing a “mouth breather” to wet his pants, Eleven has the ability to see and control things without actually touching them.
What if, in the world of IoT you had an Eleven. Someone, or something, that could see things you can’t see and control them…without touching them. Insert ForeScout Technologies. At ForeScout we don’t just believe that’s possible, we see it in action every day with thousands of customers controlling millions of devices. Don’t get me wrong, we aren’t in the business of causing attackers to wet their pants, although that would be cool (Hey, Product Management…feature request!). Here’s the thing: no one intended the monster to be set free nor did they anticipate just how far reaching the tentacles would be.
Here’s how ForeScout can help:
- Coordinate a calculated effort to see what connects to your network (think asset inventory)
- Determine the privileges of connected devices (network segmentation)
- Confirm corporate or federal compliance (did I hear someone say device compliance?)
- Allow or deny access (think NAC on steroids)
- Work in conjunction with existing security solutions (Incident Response)
And even better? We don’t have to enlist the support of Eleven; we can do it all with CounterACT® 8. In the third and final chapter of The Internet of Stranger Things, we will see how Eleven worked with Hopper, Joyce, Bob the Brain, a few eager and willing teens, and an unlikely hero from the lab to orchestrate an attack that would free Will and control the beast.