The number of IoT devices is exploding, creating vast new attack surfaces for would-be hackers to exploit. Ensuring security of IoT networks requires management and monitoring of these devices. IoT networks include thousands of small, inexpensive endpoints that are vulnerable to cyber-attacks but don’t support traditional security solutions. Floodgate Security Manager supports the lightweight management protocols used in these devices.
Floodgate Security Manager provides key security management features for IoT devices and embedded systems using IoT device management protocols such as Light Weight Management Protocol (LWMP), COAP, or MQTT. A web-based interface allows users to manage policies and view devices, events, and audit logs.
- Cyber-threat awareness for IoT devices and networks
- Log collection and management for regulatory compliance
- Device auto-discovery and authentication
- Event logging and viewing
- On-premise or cloud-based deployment
- Policy management and enforcement
- Role-based user management
- Command audit log support
- Support for multiple light-weight device management protocols including LWMP, COAP, and MQTT
- Log management for IoT endpoints, IoT gateways, and embedded devices
- Scheduled and on-demand reports
- Dashboards providing at-a-glance overview of security incidents
Early threat detection and awareness is critical to mitigating and minimizing the impacts of cyber-incidents. Traditional IT log management and SIEM tools are aimed at monitoring and protecting IT environments. IoT networks require a solution that will support the unique protocols and threats that will emerge as IoT networks proliferate. Protecting these networks will require detection of attacks, not only on traditional IT assets, but also on IoT edge devices and mesh-networked sensors. Floodgate Security Manager is designed specifically to meet these demands.
Floodgate Security Manager’s event and audit logging tools also support forensic reporting for analysis when a security-incident does occur.
Security standards compliance
Achieving compliance with security standards has become a critical requirement in many industries. Floodgate Security Manager enables log management, event report, command audit logging, and policy management; key capabilities for compliance with security standards.
Role-based user management
Floodgate Security Manager provides role-based user management, a key requirement for compliance with security standards such as IEC 62443/EDSA and NERC-CIP. Role-based user management provides protection for insider attacks and accidental changes to device configuration.
Remote Device Audit
Floodgate Security Framework provides a local device audit capability that monitors the integrity of the device. Floodgate Security Manager extends this capability by providing a remote audit of the device manifest generated by the FSF device audit task. A unique device manifest is created for each device that includes:
- Hash value for each task
- Watermark for each task
- Hash value for static data files
- Device specific data (secure ID, MAC address, etc.)
The initial device manifest is created in the factory when the device firmware and configuration is loaded. The manifest is cryptographically signed for security and loaded into the device. The manifest can be imported into the Floodgate Security Manager to enable remote validation.