Limiting the Attack Surface with Extreme Networks
Have you ever been to Vostok, Antarctica? Probably not unless you’re a scientist, but it is known as the coldest place on Earth. Due the extreme cold, the scientists core drill the ice to determine how the climate has changed. Obtaining core samples requires going outside in the cold weather to core drill. This means these scientists have contend with the extreme conditions.
So, how do they do it?
Scientists cover almost all exposed areas of their bodies and work in tents to limit their exposure to the extreme cold.
What happens, if the scientists run into trouble while core drilling?
Making it back to the station could prove to be dangerous as the weather conditions will severely impact your success of getting back, but staying there could be just as dangerous. They limit their attack surface.
How do they limit the attack surface?
They radio into headquarters, where a snowcat can be driven over to the site where the core drilling is being performed. The snowcat’s cab provides warmth and safety from the harsh conditions while transporting the scientists back to base camp, limiting the attack surface to just getting into and out of the snowcat.
Security Assisted Networking Limits the Attack Surface
During Extreme’s first user conference, Extreme Connect 2018, we discussed and demoed the Security Assisted Networking solution. The Security Assisted Networking solution is not a new security device that is offered by Extreme Networks, it augments your current security solution by moving the security capabilities right to the edge of the network limiting the attack surface. It does this by bringing threat intelligence feeds right to the EXOS switch and Analytics Engines. If the network determines that the traffic may be malicious, it uses intelligent workflows that will utilize your current security devices to take a deeper look. If it is deemed malicious, the security device informs the network devices.
So, how does this relate to scientists core drilling in Antarctica?
Recall the example from above and now imagine that instead of dangerous weather conditions affecting scientists, a user with an infected machine is connecting to the network. If the malicious code is programmed for lateral movement through the network, most security devices will not know it is there as it will not be exposed to it until it is too late. Similar to the scientists using the snowcat, the network must also limit the attack surface so the malicious code cannot cause damage.
How does the security assisted networking solution do this?
As the network participates in the security realm, the lateral movement is exposed right at the edge, stopped, and the network informs the security devices about it. Thus, limiting the attack surface and protecting user data from being exposed.
For more information on Extreme’s Security Assisted Networking solution, please view these resources: