Smart NAC v3.0 제안서 - PDF Free Download

Next Generation Network Security Vision 2017 2017.3.9 Integrated Network Management Solution Provider, NetMan 1

Contents 1 2017 IT Issue 2 Why IoT? 3 Paradigm Shift 4 Conclusion Integrated Network Management Solution Provider, NetMan 2

ICT Issue for 2017 인공지능차세대네트워크 5G MR(Mixed Reality) 자율주행자동차생체인증핀테크 2.0 O2O 데이터커머스산업인터넷, 소물인터넷플랫폼경제 자율주행차, 커넥티드카가상현실 (VR), 증강현실 (AR) 스마트팩토리디지털헬스케어드론, 로봇사물인터넷생체인식인공지능블록체인사이버보안 Integrated Network Management Solution Provider, NetMan 3

ICT Issue for 2017 1. 인공지능과고급머신러닝 (AI & Advanced Machine Learning) 2. 지능형앱 (Intelligent Apps) 3. 지능형사물 (Intelligent Things) 4. 가상현실및증강현실 (Virtual Reality and Augmented Reality) 5. 디지털트윈 (Digital Twins) 6. 블록체인과분산장부 (Blockchains Distributed Ledgers) 7. 대화형시스템 (Conversational Systems) 8. 메시앱및서비스아키텍처 (Mesh App and Service Architecture) 9. 디지털기술플랫폼 (Digital Technology Platforms) 10. 능동형보안아키텍처 (Adaptive Security Architecture) Integrated Network Management Solution Provider, NetMan 4

ICT Issue for 2017 ICT Issue last 5 years 2012 년 2013 년 2014 년 2015 년 2016 년 2017 년 1 미디어태블릿그이후모바일대전 다양한모바일기기관리 컴퓨팅에브리웨어기기간연결 AI & 진화된머신러닝 2 모바일중심앱과인터페이스 모바일앱 & HTML5 모바일앱과애플리케이션 사물인터넷경계없는사용자경험지능형앱 3 상황인식과소셜이결합된사용자경험 퍼스널클라우드만물인터넷 3D 프린팅 3D 프린팅소재지능형사물들 4 사물인터넷 (IoT) 사물인터넷 하이브리드클라우드와 IT 차세대첨단분석사물정보가상 & 증강현실 5 앱스토어와하이브리드 IT & 클라우드 / 클라이언트마켓플레이스클라우드컴퓨팅아키텍처 맥락을짚는시스템 진화된머신러닝 디지털트윈 6 차세대분석 전략적빅데이터 퍼스널클라우드시대 스마트머신 자동화에이전트와사물 블록체인과분산장부 7 빅데이터 실용분석 소프트웨어정의 클라우드 / 클라이언트컴퓨팅 진화된보안아키텍처 대화형시스템 8 인메모리컴퓨팅 인메모리컴퓨팅 웹스케일 IT SW 정의인프라와진화된시스템메시앱과서비스어플리케이션아키텍처아키텍처 9 저전력서버 통합생태계 스마트머신 웹스케일 IT 앱과서비스아키텍처의그물망 디지털기술플랫폼 10 클라우드컴퓨팅 대기업앱스토어 3D 프린팅 위험기반보안과사물인터넷아키텍처와능동형보안아키텍처자가방어플랫폼 Integrated Network Management Solution Provider, NetMan 5

Top 10 IoT Technologies Top 10 IoT Technologies 2017~18 IoT Security IoT Analytics IoT Device(Thing) Management Low-Power, Short-Range IoT Networks Low-Power, Wide-Area Networks IoT Processors IoT Operating Systems Event Stream Processing IoT Platforms IoT Standards and Ecosystems 단말 네트워크 관리 (Log) 보안 Integrated Network Management Solution Provider, NetMan 6

Internet of Things IoT(Internet of Things) Integrated Network Management Solution Provider, NetMan 7

Internet of Things IoT examples(1) Echo dot Google Home Piper Sen.se mother Nest Thermostat Protect Smoke + CO Integrated Network Management Solution Provider, NetMan 8

Internet of Things IoT examples(1) Echo dot WiFi/NAT Alexa Echo Dot device API Integrated Network Management Solution Provider, NetMan 9

Internet of Things IoT examples(2) Boiler Purifier Gas lock/door lock/switch Integrated Network Management Solution Provider, NetMan 10

Visibility IoT examples(2) WiFi/NAT Smart Home Integrated Network Management Solution Provider, NetMan 11

Internet of Things by 2020 50B IoT devices -CISCO- Integrated Network Management Solution Provider, NetMan 12

Internet of Things IoT devices will be more light (OS, H/W ) - no client or weak - not enough storage - not intelligent increase explosively(50b) - needs enough IP address Integrated Network Management Solution Provider, NetMan 13

Internet of Things IoT devices will run on IPv6 network - Mobile (LTE/IPv6, 5G/IPv6) - Public WiFi (WiFi/IPv6) IPv4 network using NAT - needs client - needs additional control equipment - IPv6 running(ipv4/ipv6 dual stack) Integrated Network Management Solution Provider, NetMan 14

Internet of Things NAT IPv4 IPv6 NAT Integrated Network Management Solution Provider, NetMan 15

Internet of Things Keyword Visibility Log Management Intelligence Adaptiveness Integrated Network Management Solution Provider, NetMan 16

Visibility Visibility(NAT, IPv6) Increase NAT area(ipv4) - hidden from public world - needs visibility for NAT - additional control(client, agent) Increase IPv6 running device - IPv6 is running on all devices(ipv6/ipv4 dual stack) - hidden from IPv4 network - needs visibility for IPv6 - additional control(client, agent, network eq.) Integrated Network Management Solution Provider, NetMan 17

Visibility Visibility(IPv6/IPv4 dual stack) Internet Blocked by IPv4 IPv4 NAC IPv6 IPv4 illegal IPv6 Communicate using IPv6 Authenticated IPv6 IPv4/IPv6 IPv4/IPv6 IPv6 device is hidden from IPv4 network, but it is running Integrated Network Management Solution Provider, NetMan 18

Visibility Visibility(IPv6/IPv4 dual stack) Internet Control Point Blocked by IPv4 IPv4 NAC illegal IPv4/IPv6 IPv6 Communicate using IPv6 Authenticated IPv4/IPv6 Integrated Network Management Solution Provider, NetMan 19

Visibility Visibility(IPv6/IPv4 dual stack) Internet Blocked by IPv4 IPv4 NAC IPv6 Control illegal IPv4/IPv6 IPv6 Communicate using IPv6 Authenticated IPv4/IPv6 Integrated Network Management Solution Provider, NetMan 20

Log management Log management IoT s Logs - Authentication related Logs - General information Logs - Configuration related Logs - Security related Logs - Device Management Logs - Save it cloud or log management system Usage statistics, Environmental data, System logs, software logs(device settings, HVAC settings, wiring config) Integrated Network Management Solution Provider, NetMan 21

Log management Log management Product Core RAM Storage Amazon Echo dot TI DM3725 256MB 4GB Google Home ARM Cortex-A7 512MB 256MB Nest Thermostat 2G TI AM3703 512MB 2GB icontrol networks Piper TI TMS320 - - Devices will generate billions of log events Integrated Network Management Solution Provider, NetMan 22

Intelligence Intelligence now after after intelligence Integrated Network Management Solution Provider, NetMan 23

Intelligence Intelligence Shift control point NAT, IPv4, IPv6 Integrated Network Management Solution Provider, NetMan 24

Intelligence Intelligence Server + Switch Security + Security Security + Switch Server Switch Security Appliance Switch type appliance Switch Server UTM NAC Switch NAC OS OS OS Metal (x86, ) Metal (x86, ) Metal (x86, ) Integrated Network Management Solution Provider, NetMan 25

Adaptiveness Security paradigm shift for IoT Shift What? & How? Integrated Network Management Solution Provider, NetMan 26

Adaptiveness Control type? ARP 802.1x DHCP Mirroring SNMP In-line ACL NDP(IPv6) Integrated Network Management Solution Provider, NetMan 27

Adaptiveness Why Adaptiveness? Devices PC IoT OS Protocol Client Client-based Clientless H/W spec. Storage Security Level High (NAC, DRM, DLP, Vaccine ) Low/middle (User Authentication, Data encryption ) Integrated Network Management Solution Provider, NetMan 28

Adaptiveness Policy Enforcement Layer 1 2 3 4 Adaptation layer (PEP) 1 2 3 4 User network Environment (IPv4/IPv6) 1. ARP(IPv4)/NDP(IPv6) 2. 802.1x SNMP, ACL, DHCP 3. Mirroring 4. Network equipment Integrated Network Management Solution Provider, NetMan 29

Conclusion Conclusion Visibility IPv6 running devices must be control. Log Management Log management & Analytics must be required. Intelligence Network equipment must be intelligent. Adaptiveness Various device, OS and H/W must require various control. Integrated Network Management Solution Provider, NetMan 30

감사합니다. Integrated Network Management Solution Provider, NetMan 31