Cisco Blogs
Share

Helping Enterprises Scale IoT Deployments with Secure Computing at the Edge


June 20, 2018 - 1 Comment

After an exciting week at Cisco Live in Orlando with hundreds of customer meetings we came away excited to see IT and Operational teams partnering together to move Industrial IoT deployments from Proof of Concept (PoC) to production.  Customers, channel and alliance partners want to ensure they have the right architecture to securely deploy and scale their distributed IoT deployments with compute at the edge as a top of mind concern.

Not all of the data being captured at the edge is valuable for decision making and in most cases cannot be transported to a data center.  For example, a single oil rig may be equipped with 30,000 sensors that capture data, yet – on average – only 1 percent of that unstructured data is currently being utilized to drive business decisions today. So how do you determine which data needs to be processed at the edge, so that decisions can be made quickly, versus what can be sent to the cloud?

In addition to dealing with the deluge of data that is produced across industries, enterprises often face challenges with capturing data seamlessly. For many businesses, data is collected across disparate legacy systems from multiple vendors that are not interoperable, which then requires manual intervention in order to bridge those systems together. These makeshift multi-vendor solutions could then lead to a potential security breach.

During Cisco Live, we unveiled a new IoT networking solution that addresses these scalability, data control, and security challenges. The new Cisco Industrial Compute Gateway IC3000 offers built-in security and manageability at scale, enabling faster decision making at the edge by processing and normalizing data from various sensors.

Enterprises across vertical industries like transportation, manufacturing, oil & gas, smart cities, and utilities need to be able to make faster decisions at the edge. But when leveraging data from highly distributed and disparate systems and sensors, this can create operational challenges and slow down critical decision making. By utilizing Cisco’s IC3000 gateway, enterprises can process data at the edge without having to send it to a cloud environment or to an on-premise data center.

The gateway can be combined with Cisco software including Cisco Kinetic Edge Fog Module to extract, compute, and move data from all sensors to the right applications at the right time; and Cisco IoT Field Network Director (FND) to enable zero-touch deployment of the compute gateways and edge applications at scale.

Processing data at the edge requires the utilization of security and privacy best practices, which is where Cisco IOx comes in. With Cisco IOx, the IC3000 delivers four pillars of security for edge computing environments:

  • Access control – Deployment and management of applications in an edge computing environment often requires roll-based user authentication, and IOx enables the network manager and the applications manager to separately perform their tasks.
  • Integrity – IOx enables additional security capabilities specific to edge computing environments including isolation of applications, application signature validation, secure delegated access and more.
  • Data confidentiality and privacy – IOx includes secure storage services [SSS] capabilities that securely store certificates, keys, and user data in a device. Users and applications can access SSS services running in the host through REST based APIs, through which an application can carve out data encryption.
  • Threat detection and mitigation – IOx also enables distributed network traffic analysis so that operations managers can detect potential anomalies in applications’ behaviors as well as record measurements for further analysis and capacity planning.

The IC3000 has additional layers of software and hardware security baked in. This includes a trusted Cisco Linux kernel with regular security updates (PSIRT) and secure boot, signed apps, and secure connectivity at the software layer.  At the hardware layer, the IC3000 features an anti-counterfeit, anti-tamper chip and hardware root of trust for secure boot and data. The in-depth software and hardware security schema of the IC3000 empowers enterprises to focus on their businesses, scale their IoT deployments while protecting their networks, device, and data.

The IC3000 in Action at Cisco Live

At Cisco Live, we had thousands of customers see the IoT demos across Cisco’s Kinetic and Industrial IoT networking portfolio including the Cisco 800 Series Industrial Integrated Services Routers and Cisco Industrial Ethernet 4000 Series Switches. For example, the new gateway can help provide new insights for data collected on connected roadways. As seen at Cisco Live Orlando, the IC3000 helped demonstrate the following use cases:

Vehicle as a Sensor

Vehicles equipped with sensors can provide data such as their acceleration patterns and brake usage. This type of roadway condition data can be incredibly valuable to transportation departments that aim to improve traffic congestion and driver safety. With the help of the IC3000, these transportation departments can extract and compute that vehicle sensor data quickly and securely at the edge then use that information to make decisions about what recommended speed limits should appear on digital road signs.

Pedestrian Tracking

As autonomous vehicles become more widely adopted in the future, it will be critical for these vehicles to be able to receive alerts when pedestrians are crossing the street. This action can be seen as an “event” – and with the help of the IC3000, these types of events can be captured as data to be reviewed and analyzed. The IC3000 can then create a traveler information message (TIM), which would transmit over dedicated short-range communications (DSRC) to the autonomous vehicle. Once transmitted, the autonomous vehicle would receive an alert about the pedestrian crossing, helping to keep pedestrians safe.

But the opportunities are endless. Now more than ever, enterprises need the convenience and agility to compute at the edge to improve decision making and scale their IoT deployments, all while keeping data secure.

To learn more or to schedule a demo, please contact us at: ask-iot-edge@external.cisco.com

 

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments

  1. Good to see the Hypercorn gets back to life again.