Hi,
Say I was greenfield hospital deployment, I want to use OpenFlow switches and something like OpenDaylight, the end result I want is microsegmentation for mostly security purposes. Say an attacker has control of a PC on the network, with this design he should have very little "lateral movement" options or if an unknown device (IoT) is discovered on the main network it should be moved into a "internet only access" network?
Is this sort of thing in production, pros and cons, gotchas, more info?
It looks like Avaya are doing something similar:
https://support.avaya.com/products/P1614/open-networking-adapter
https://www.networkworld.com/article/3089860/avaya-s-edge-network-adapter-is-an-iot-onramp.html
https://www.itworldcanada.com/article/avaya-launches-surge-its-revamped-iot-security-solution/390712
Not sure exactly what the ONA is for, would this be used for the MRI to build an encrypted traffic tunnel along the pre-determined path and the MRI could send scans directly to a database, for example; all other traffic would be disabled (these are mentioned in the networkworld article linked), what VPN tech would it be using to do this and what would be the security advantages of using a VPN, stopping the attacker being able to access the MRI?
Thanks.
Richard
No comments:
Post a Comment