David Hughes
๐ค SpeakerAppearances Over Time
Podcast Appearances
So as a sensor, it's monitoring with telemetry from the network.
You can monitor the behavior of, say, all of your IoT devices.
You may have a door lock that's internet controlled.
The telemetry we collect every day, 24 by 7, tells us how that door lock should operate.
Maybe twice a day it calls to a particular DNS server.
And so that we can detect when that changes, when there's an anomaly.
So if that device is hacked, we see a change in behavior.
And so using the network as a sensor is one way that you can augment your security strategy.
The second thing is using the network as an enforcement point.
So of course, firewalls can be used as enforcement points, but you can also block traffic earlier near the edge in an access point or in a switch if you have a way of taking global policy defined by a security team and then have that implemented by the network.
So a lot of what we're doing at HPE is really at the intersection of networking and security, helping the security teams and the network teams partner with each other and making sure that the network is actually an important piece of the security puzzle.
So there's hundreds of thousands of types of sensor that we track.
And so for every kind of sensor, we are building a baseline of what is normal behavior.
And from there, we know what is anomalous behavior.
And we don't just have to learn this one customer at a time.
It's with fleet learning.
So across our entire customer base.
And so that's a really important piece of being able to defend customers
against threats which use an IoT device as a hopping point.
So coming back to the report, one of the things that we've seen is that in especially the most sophisticated attacks, they're kind of multi-step.