Kaspersky IoT Secure Gateway 1000 is the company’s latest Cyber Immune product for organizations embracing digital transformation, helping them to accelerate business value from new streams of industrial data. The gateway connects IoT devices and controllers with business applications and cloud platforms. It then ensures the security of these interactions and the data transferring through them thanks to the secure KasperskyOS in the gateway’s core and its network attack protection capabilities. Customers operating smart city systems, including utilities, street lighting and road infrastructure, or in manufacturing or energy production and distribution projects, get a secure IoT system and visibility across all connected devices.
IoT is continuing to penetrate businesses: according to Gartner, 61% of organizations already show a high level of IoT maturity. Given the diversity of IoT devices and their related cybersecurity risks, the need for their protection is clear, especially when it comes to smart cities or critical infrastructure. Traditional measures are not sufficient for IoT protection, making it crucial that specialized security solutions are implemented.
A reliable shield from network attacks and gateway threats
The new Kaspersky IoT Secure Gateway 1000 is a hardware appliance with firmware based on KasperskyOS and Advantech UTX-3117 device. It ensures the security of the entire IoT system at the gateway level thanks to its secure-by-design approach and built-in protection capabilities.
It provides industry with protection from network attacks, as well as DDoS or Man-in-the-Middle attempts, through a firewall that uses the principle of Default Deny. This only allows preapproved network interactions to pass through the gateway. Additionally, the Intrusion Detection and Prevention module (IDS/IPS) detects and blocks malicious activities.
The gateway is made immune to most attacks by KasperskyOS, which sits at its core. The operating system features a microkernel which minimizes the risk of vulnerabilities and decreases the attack surface through just a few thousand lines of code. The minimal number of trusted components in the operating system, security domain isolation, scanning of inter-process communications and the Multiple Independent Levels of Security (MILS) architecture ensure that most types of attacks are not able to affect the gateway’s functions. Its security goals were defined at its inception, making Kaspersky IoT Secure Gateway 1000 secure-by-design.
Furthermore, secure boot and update technologies ensure the authenticity and integrity of the gateway’s firmware and updates. The secure boot blocks firmware from loading if it is damaged or altered without authorization. Secure update guarantees that only correct updates from trusted sources will be uploaded to the device.
A convenient tool for IoT device visibility and security management
Kaspersky IoT Secure Gateway 1000 helps network administrators maintain visibility and control over the network. It shows all devices connected to the network and detects and classifies new ones within a minute of connecting. The interface provides IT or OT teams with necessary details about devices, including type, vendor and operating system.
This product is managed through Kaspersky Security Center, where all security events can be viewed. The gateway supports Syslog and MQTT protocols, which permit all security events to be transmitted to external systems, such as SIEM or cloud platforms like Microsoft Azure, Siemens MindSphere, AWS, IBM Bluemix and others. Kaspersky Security Center also facilitates unified administration of Kaspersky enterprise products, such as those for endpoint and cloud protection. Customers can completely protect their IoT suite, from the gateway to the cloud, and manage it through one centralized administration console.
“With this new gateway, Kaspersky expands its portfolio for IoT infrastructure protection. In 2021, we launched Kaspersky IoT Secure Gateway 100, dedicated to Industrial IoT and safe data delivery from manufacturing to business applications. The next generation of gateways delivers more IoT security and management functions important for industries and operations with increased security requirements, such as smart cities, transportation networks, video surveillance and critical infrastructure. The Cyber Immunity approach embodied in the firmware ensures that most threats cannot affect the security status of a device or the whole IoT system of the enterprise,” comments Andrey Suvorov, Head of KasperskyOS Business Unit at Kaspersky.