Every year the IT industry has to come up with a new acronym for some new technology that technology writers expound upon. Clearly, the undisputed winner for 2016, has to be nothing other than, “IoT – the Internet of Things.”
AN AUDIO VERSION OF THIS BLOG IS AVAILABLE ON SoundCloud Here:
Forbes, an obvious reputable resource, defines IoT as, “connecting any device with an on and off switch to the Internet (and/or to each other)”, TechTarget basically agrees with Forbes, but puts their own spin by adding in animals or people as long as they have, “unique identifiers and the ability to transfer data over a network.” So, this means that my pet Bengal, Diego, could be an IoT device if he was on the net and by definition, I myself are an Internet of Thing device. That’s a scary thought.
Of course, for the real truth, we need to go to Wikipedia. Here we’ll find an answer that is somewhat in the middle, and in my opinion, correct. The great Wiki says the Internet of Things is, “the network of physical devices, vehicles, buildings and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.”
Taking a step back from all of this, looking at commonality in the definitions we find the following criteria making up IoT:
- Physical electronic device (potentially connected to an animal)
- Connected to the network (ideally the Internet is assumed)
- Communicates with neighboring devices (contributing and consuming information)
Assuming that basic premise is true and correct, what exactly does this mean for the enterprise IT professional? First and foremost, it means that anything and everything is going to be on the network. Initially this will create a massive drive towards IPv6, as a MAC address signifies the unique identifiers required in the basic networking communications architecture. One potential detour around the massive migration to IPv6 devices, would be to use a networking technology such as the Avaya Shortest Path Bridging fabric architecture to isolate islands of IPv4 devices, and segregate them from the public wide area network with an IPv6 to IPv4 Gateway device.
This is nothing new to IT professionals, and the construct has been used with public IP addresses versus private IP addresses in the past. Just think of how many consumer grade routers have been sold that handout 192.168.1.X addresses in our homes. Part of the job of the router is to segregate those IP addresses effectively hiding them from the WAN.
So we now know the devices are going to exist, and they’re going to show up on our networks. In fact, based on a recent report by research firm International Data Corporation (IDC), the spending on IoT in the U.S. alone is slated to grow at a 16.1% compound annual growth rate (CAGR) through 2019 reaching an estimated $357 billion, according to a recent article.
With these devices now present on our network, they need to be managed. We need to understand where they are, what they are, what data they’re consuming, and what data they’re creating. Imagine, if every light switch in your facility suddenly became an Ethernet connected temperature sensor, the microbursts of data that 1000 devices may produce, could potentially cause traffic contention for critical data required to run your business. So, while it would be very convenient to know ambient temperatures in each individual room, as well as the status of the ambient lighting, possibly combined with measurements of the lumens in the room, that information can’t conflict with the credit card transactions or other sensitive information required to keep the doors open and customers happy.
We already see this today, with video networks. They have replaced the coaxial based camera network with IP Cat6 cabling, but it remains a completely separate infrastructure with home runs back to the video head-end. Why not put the cameras on the network? “It won’t handle the multicast traffic from the cameras, and the overall network would suffer,” is the most common answer. With the right network topology and architecture, this is no longer true, Avaya Fabric solved this issue years ago, as proven at InterOp.
With potentially tens of thousands of devices now present on your network, security remains as a number one concern, but that concern is exacerbated by the sheer number of additional “touch points” to your networking infrastructure. For example, take the breach that retail giant Target experienced when their HVAC system was compromised. This gave hackers a convenient on-ramp to the network, where they proceeded to gain access to information that was assumed to be secure. While several failures in security can be attributed to this, the primary cause was the Layer 1 physical access entry point that was compromised.
Security is driving new fundamental functions that were considered a “nice to have” at one point in time. In order to manage this perfect storm of device influx into the network, as well as the number of BYOD devices appearing every day, network connectivity, especially wireless connectivity, cannot be taken for granted. Even the smallest enterprise will need to consider Identity Engine functionality within their network to manage devices that show up, both expected and unexpectedly, and be able to detect and mitigate any rogue device presence that is perceived as a potential threat. For example, even though Target was compromised through the HVAC system, shouldn’t the network have noticed the thermostats talking to the secure customer information databases? That abnormal traffic flow should have been detected, and the questionable device should have been moved into a Virtual Service ID where it was isolated from other areas on the network. This would’ve allowed human intervention and approval or denial of the communications.
An area that needs to be improved upon within the enterprise corporate network is the analytics applied to the network performance. Once again, functions that were considered a “nice-to-have” at one point in time, are now critical to day-to-day operations. The sheer number of devices, the amount of big data that’s being produced, and information from the identity management system all need to be examined, historically catalogued, and then referenced during future operations. If a device or process falls out of the normal scope, where a device starts generating traffic flows that are in excess of what they are expected to be generating, various thresholds are exceeded, the device or process is isolated, and human intervention is applied either stopping the device, or verifying its purpose and creating a new rule that allows the anticipated behavior.
I don’t believe there’s a single industry that is not affected by this new trend. Smartphones have become so ubiquitous; their level of connectivity has become persistent. As we roam around going about our daily business, we are constantly connecting, disconnecting, and reconnecting to various networks and hotspots. We often don’t pay attention to our online status, and honeypot phishing is at an all-time high. Like it or not, the devices we carry are part of the Internet of Things. Not only do the networks need to protect themselves from the multitude of devices touching them, consumers also need to be conscious of what their devices are touching!
“HEY! Get that network out of your mouth! You have no idea where it’s been!”
Mark J. Fletcher, ENP is the Chief Architect for Worldwide Public Safety Solutions at Avaya. As a seasoned professional with nearly 30 years of service, he directs the strategic roadmap for Next Generation Emergency Services in both the Enterprise and Government portfolios at Avaya. In 2014, Fletcher was made a member of the NENA Institute Board in the US, in 2014 – 2015 he served as co-chair of the EENA NG112 Committee in the European Union, providing valuable insight to State and Federal legislators globally driving forward both innovation and compliance.