Sergey Nivens - Fotolia

IoT cybersecurity: Cisco backs MUD to protect devices, help channel

A Cisco-backed security approach aims to reduce the risk of rogue devices wreaking havoc on emerging IoT networks, a development that could help partners ease customers' concerns.

CHICAGO -- As more channel partners consider the internet of things as a business opportunity, Cisco is backing an IoT cybersecurity approach that aims to reduce the risk of devices going rogue.

The Manufacturer Usage Description (MUD), which Cisco developed and submitted to the Internet Engineering Task Force, provides a mechanism for limiting an IoT device to the use intended by its manufacturer. The ability to restrict use reduces the "threat surface on a device entering a network," according to Cisco's IoT cybersecurity proposal.

Cisco officials discussed IoT security vulnerabilities and the MUD approach at Cisco Marketing Velocity, which wraps up April 27 in Chicago. Cisco addressed a variety of marketing topics at the conference, including unified messaging around its data center technology.

Chris Dedicoat, executive vice president of worldwide sales and field operations at Cisco, said 500 billion devices could be connecting to the internet over the next decade. He said this next-generation internet will require more security, citing the emergence in 2016 of the Mirai botnet. That botnet harnessed more than 100,000 internet-connected devices in a distributed denial-of-service attack against Dyn, which provides the internet's domain name system.

"The threat landscape and the threat actors are changing so rapidly," Dedicoat said.

The threat landscape and the threat actors are changing so rapidly.
Chris Dedicoatexecutive vice president of worldwide sales and field operations at Cisco

Mobile devices and IoT combine to dramatically increase the attack surface among enterprises, added Prashanth Shenoy, vice president of marketing, enterprise networking and mobility at Cisco.

Against that backdrop, Cisco is working toward creating MUD-compliant networks in which plugged-in IoT devices would self-protect, noted Wendy Bahr, senior vice president of Cisco's global partner organization.

For channel partners, Cisco's IoT cybersecurity approach would boost the value proposition they offer clients, she noted. Partners can discuss the added measure of security MUD provides when selling Cisco networks to their IoT clients.

"When [customers] plug in those devices, they will have a sense of security," Bahr said.

The MUD IoT cybersecurity approach involves an extra field being added to the Dynamic Host Configuration Protocol, a communications protocol that lets network administrators manage and automate device configuration on an Internet Protocol network.

The additional field, a Universal Resource Identifier, points to a device maker's website, which provides an XML file describing the device's intended use. A network security controller pulls the XML file from that site and then merges the file with an existing network security policy for enforcement, according to a Cisco blog.

Next Steps

Learn how channel partners are engaging with IoT managed services

Read about PTC's pursuit of IoT partners

Find out how IoT partnerships among companies can improve the supply chain

Dig Deeper on Internet of Things (IoT) Security