Blogs

How to evolve media infrastructure, and sleep well at night

September 19, 2017

Posted by: Avadhoot Patil

Michal Brenner of Cisco

Imagine you’ve made a decision to move out of your house—the one that’s faithfully served your needs in the past years—to a new one. You want your new house to be part of the digital world around you, and to enjoy all the benefits of modern technology, so you make it connected, smart, automated.

But then, you also think of the possible implications of this change. New risks that weren’t relevant to you before. What if someone uses a flaw in the smart front door lock to break in, undetected, and steal your valuables? What if someone accesses feeds from IP cameras in your home to gather private information about your family?

These scenarios are unsettling to contemplate, but they are real. When you hear about your new neighbors being attacked, that reality drives home even further!, says Michal Brenner, product marketing manager at Cisco.

This digital home example carries many parallels to the digital transformation happening in the media industry. It’s impossible to ignore the growth of cyber-attacks and online piracy faced by content creators and service providers. The ongoing flow of coverage about data breaches and content leaks not only serves as a reminder, but also as a beacon. The potential for new ‘firsts’—attacks with unprecedented scale or level of impact—to mirror similar realities in other adjacent industries, is eerie, at best.

Now, to the good news: It really is possible to achieve a sound security footing in the “open IP and cloud” era. I’m not saying it’s easy. It requires authentically deep visibility, and control, throughout all points in the infrastructure. And now, right now, is exactly the time for content and service providers to ensure that they inherently integrate security into their evolving infrastructures.

At Cisco, we’ve adopted an integrated, best-of-breed architectural approach to make security simple, open, and automated. Our product designers are continually enhancing our security solutions to interact seamlessly with each other, to close security gaps and enable automation.

And, just as important, we’re integrating security with the underlying data centre, cloud, and network infrastructure. Working together, our solutions help our customers to detect and respond to more threats, faster.

And we’re making some real progress.

Here’s a good example of that: We recently integrated Cisco’s Tetration with Cisco’s Stealthwatch to give our customers complete visibility and control over network traffic, application components and workloads in data centres as well as multi-cloud environments. The two products complement each other: Tetration provides analysis and policy enforcement for all applications running in the data centre. Stealthwatch tracks and analyses network traffic behavior.

59b824fca0592-550x222

To get visibility, both Tetration and Stealthwatch rely on sensors for comprehensive network telemetry data. The sensors provide a real-time view of incoming and outgoing traffic from corporate and production networks, as well as across them—which is to say, any lateral movement of traffic within the network.

The rich telemetry data produced by these sensors is key, because it enables our customers to see and act upon any suspicious behavior that may indicate an attack. It also enables forensics and evidence gathering after an attack has occurred, for investigation and incident response purposes.

Tetration contributes another key security capability: application segmentation. Segmentation is key to security, as it prevents hackers from moving laterally east-west across the network. This limits the ability to maneuver through systems and data after an attacker successfully penetrates the network, thereby containing the threat. Tetration analyses application behavior and dependencies, and uses unsupervised machine learning to group and segment applications autonomously. The result? Applications that aren’t meant to talk to each other, don’t.

To see how our solutions could help the video industry, consider a major data exfiltration attack used to steal premium video content, scripts, sensitive emails, personal data, you name it—we’ve seen a number of cases of such attacks affecting media companies and service providers in the recent past. With visibility, security staff could be alerted of suspiciously heavy traffic loads to a particular device or external IP address, and equipped with detailed information to quickly analyse the problem.

Segmentation would enable the company to disable transfer of video content, for example, from media storage or playout to an unauthorised file transfer application. In addition, security technologies such as firewalls, intrusion prevention systems, identity & access management, and email and web security solutions—all in Cisco’s portfolio–can prevent many attack methods from happening in the first place, and stop ones that occur.

As the infrastructure transforms, protecting the business, its valuable assets and people necessitates innate security. The media industry owes it to itself to enjoy the benefits of cloud and IP — while remaining focused on what it does best; producing and delivering content that entertains, touches, and connects people.

Security can be a disquieting issue that can keep us up at night.  But it doesn’t have to be that way if we address it properly.

You can bet your house on it.

The author of this blog is Michal Brenner, product marketing manager at Cisco

Comment on this article below or via Twitter @IoTGN