Versa IoT Security

Device fingerprinting identifies specific IoT devices on the network by capturing and analyzing a range of attributes, such as the device’s operating system, browser type, system settings, installed software, and even hardware configurations. Versa may also collect data related to network behavior and patterns of interaction with the network. Using the collected data, Versa applies advanced algorithms to generate a unique fingerprint for each device.

Using behavioral analysis, Versa assesses the patterns of URL access and other network behavior to identify devices. For example, an IoT device might regularly access specific URLs at predictable times for data upload, or an OT device might interact with control servers using fixed URLs. Identifying these patterns helps in categorizing the devices and applying appropriate security policies, as well as establishing baseline behavior for anomaly detection.

URL filtering capabilities analyze the URLs accessed by network traffic, which can be indicative of the type of device or the application being used. For instance, specific IoT devices may regularly communicate with certain cloud services, or industrial control systems might access URLs related to specific industrial applications.

Versa’s IoT security performs dynamic risk assessment of devices by continuously monitoring their behavior and interactions within the network. Using advanced analytics and machine learning, Versa evaluates the risk level of each device based on its activity patterns, identifying potential threats in real-time. This approach allows for the immediate adjustment of security policies and access controls, ensuring that high-risk devices are promptly isolated and mitigated. By dynamically assessing risk, Versa enhances overall network security and proactively protects against evolving threats in IoT environments.

Versa Networks facilitates 802.1x-based Network Access Control (NAC) for OT networks and IoT devices through multiple authentication strategies. It employs X.509 certificate-based authentication, leveraging customer-provided certificates for devices capable of advanced security protocols, and offers MAC-based authentication as an alternative for simpler devices that cannot manage certificates. These authentication methods are supported by a RADIUS backend, which controls the authentication process and manages the connections of client machines (supplicants). Versa’s system also includes capabilities to control port access, allowing or denying entry and assigning devices to specific VLANs or network layers based on their authenticated status. This approach uses standard client software that supports EAP and EAP-TLS protocols, ensuring a secure and regulatory-compliant network environment for IoT and OT devices.

With the devices classified and the network segmented, Versa then applies policy-based traffic management. These policies dictate how traffic should be handled based on the device and application class, the type of data involved, and the required security posture. Using Quality of Service (QoS) rules, Versa can prioritize traffic based on its importance, ensuring that high-priority device communications are transmitted quickly and reliably, even during times of high network congestion. Policies can specify bandwidth allocation, access permissions, and prioritization levels. For instance, traffic from critical IoT sensors monitoring real-time manufacturing data might be given higher priority over routine IT data traffic.

Versa is able to apply Zero Trust principles to “things,” not just users, which means that no device (or user) is inherently trusted, regardless of their location relative to your network perimeter. This approach requires strict identity verification and authentication before granting access to network resources. For OT and IoT devices, this means enforcing policies that control access based on continuous verification of the device’s security posture and behavior.

To minimize the potential impact of a security breach, Versa uses segmentation and micro-segmentation techniques to divide the network into smaller, controlled zones. Each OT or IoT device is confined to its specific segment, which isolates critical infrastructure elements and sensitive data from the broader network. This limits the pathways available to an attacker and reduces the risk of lateral movement for staged attacks.

Versa offers Next Generation Firewall (NGFW) protection specifically tailored for IoT devices, leveraging advanced traffic identification and control mechanisms across multiple layers of the network. This includes inline identification of IoT application traffic and protocols; layer 4-7 protocol identification and control; an extensive database of application signatures and classes; web traffic identification and control; as well as policy-based compliance enforcement.

Versa Networks employs a robust IP reputation and geo-location filtering system to protect OT networks and IoT devices from a range of cyber threats. The system includes a comprehensive database of IP addresses known for malicious activities, covering both IPv4 and IPv6 addresses across multiple countries. By enforcing geo-location-based actions and matching traffic based on source and destination IPs, Versa effectively blocks communications with IPs associated with malware distribution, command and control (C&C) centers, phishing, botnets, and other security threats. This protection is dynamically maintained with near real-time updates to the IP reputation lists as part of Versa’s Security Package, ensuring that OT and IoT devices are safeguarded against the latest observed threats and attack vectors.

Versa Networks provides robust protection for OT networks and IoT devices through its Next-Generation Intrusion Prevention System (NG-IPS), which incorporates both signature-based and anomaly-based detection mechanisms. This system is designed to defend against a wide range of vulnerabilities, including those discovered over the last decade, as well as current Zero-Day attacks, by using an extensive library of vulnerability signatures that are frequently updated. These updates ensure real-time protection and include coverage for vulnerabilities disclosed in Microsoft’s regular updates and emerging threats identified through JavaScript attack vectors. The NG-IPS supports custom user-defined signatures and the Snort rule format, enhancing its adaptability and effectiveness in identifying and mitigating targeted attacks and early signs of host compromise. This comprehensive approach, validated by rigorous penetration testing, ensures high levels of security for critical infrastructure within OT and IoT environments.

• Versa integrates various threat protection mechanisms, including intrusion prevention systems (IPS), advanced malware protection, and continuous threat intelligence updates. These tools work in concert to detect, prevent, and respond to threats across the network, offering proactive security measures that adapt to emerging threats targeting OT and IoT environments.
• Visibility and monitoring of IoT Devices and OT networks

Versa provides real-time discovery of connected devices, enabling organizations to maintain an up-to-date inventory of all IoT and OT devices on their network. This feature helps in identifying new devices as soon as they connect to the network, monitoring their behavior, and ensuring that they are properly managed and secured.

By profiling and classifying devices based on their type, function, and behavior, Versa allows for detailed visibility into the network. This classification is crucial for applying appropriate security policies and for monitoring specific groups of devices more closely, particularly those considered critical or vulnerable.

Versa provides comprehensive analytics on network performance and traffic patterns. This feature not only aids in security analysis but also helps in optimizing network performance by identifying bottlenecks, unusual traffic flows, and other operational issues.

The platform includes tools for generating detailed security and compliance reports. These reports offer insights into network security posture, incident responses, and audit trails, which are essential for maintaining compliance with industry regulations and internal standards.

Organizations can customize dashboards to monitor the health and security of their OT and IoT environments effectively. The system allows for setting alerts based on specific events or thresholds, ensuring that network administrators are promptly notified of potential issues.