Cradlepoint emphasizes device-level security in latest NetCloud Exchange offerings
Best known for its versatile in-vehicle routers used by public safety, Cradlepoint is leveraging its recent acquisition of Ericom to enhance its NetCloud Exchange offering by delivering flexible, device-level security services through the platform that follow zero-trust principles, according to company officials.
Jonathan Fischer, Cradlepoint’s vice president of business development, said this type of security is especially important in mission-critical use cases.
“We’re the connectivity company, but without security, there is no connectivity,” Fischer said during an interview with IWCE’s Urgent Communications. “We’ve known that for several years and have skated toward that [goal]. These latest acquisitions really give us that start into the depth of security that we needed.”
Cradlepoint—a subsidiary of telecom equipment giant Ericsson—in April purchased Ericom, which provides zero-trust and cloud-based security solutions for enterprises. Combining this functionality with Cradlepoint’s existing site-based NetCloud Exchange allows Cradlepoint to provide customers with an even more comprehensive security solution, according to Roger Billings, Cradlepoint director and principal architect for new and emerging technologies.
“Adding on the Ericom acquisition allows us to take that from a site-specific security down to an individual-device-like security,” Billings said during an interview with IWCE’s Urgent Communications. “So, the policeman or firefighter that’s actually using a device or computer within that site is now protected against phishing or any malware that comes out, as well as zero-day [cyberthreats].”
Bruce Johnson, Cradlepoint senior product marketing manager who is focused on the Secure Access Service Edge (SASE) initiative, said the zero-trust concept is a central tenet to the company’s security approach, which is to mimic the Multiprotocol Label Switching (MPLS) environment within 5G communications.
“We’ve built all of this security functionality around our zero-trust architecture—that is the underlying premise,” Johnson said during an interview with IWCE’s Urgent Communications. “We don’t need just another SD-WAN implementation. 5G is unique, and we’re trying to make 5G into the MPLS of the future.
“We had the [NetCloud Exchange piece of it, so we were doing the zero-trust parts of it for private networks. But what we didn’t have was the web protection. So, whenever the users were going direct to the Internet, we didn’t have a way to protect those users individually from dirty web sites or to protect applications from unmanaged users.”
Zero-trust architecture is a key concept within the cybersecurity sector, with different players offering different interpretations of the concept. Fischer compared Cradlepoint’s approach to zero-trust security to hotel visitors receiving a key card to their rooms that must be scanned to use the hotel elevator.
“Once I was in the elevator, I had the keys to the kingdom; I could go anywhere [in the hotel],” Fischer said. “That’s analogous to the traditional VPN—you’re encrypting to get there, but once you’re in, it would be quite easy to move laterally [into other areas where a user does not belong].
“Our definition of zero-trust is the next level. Our new elevators at our Cradlepoint headquarters in Boise have a profile for each specific user. So, when you scan it, you can only get to the floor that you’re authorized for. To use that analogy with the networking piece, I’m only going to give you access to specific resources in the network, not access to the whole network. So, it really adds an additional layer of security for that network.”
Johnson noted that the zero-trust approach also provides an extra layer of security for smart systems that use sensors and IoT devices that hackers could use as vulnerable launch points for cyberattacks into smart networks.
“The other thing a zero-trust network does for you is it protects IoT devices,” Johnson said. “They (IoT devices) typically can’t run an agent, and they’re very vulnerable, because their passwords never get changed. So, a zero-trust network hides their IP addresses from the outside world, so the IP scanners that hackers often use can’t just come along and discover these vulnerable devices.”
Cradlepoint currently offers the Ericom functionality in parallel with its NetCloud Exchange offerings, but the company plans to have the Ericom capabilities fully integrated into NetCloud Exchange sometime next year, Johnson said.