Fidest – Agenzia giornalistica/press agency

Quotidiano di informazione – Anno 30 n° 328

Trusted Computing Group Releases Network Equipment Security Guidance

Posted by fidest press agency su mercoledì, 14 febbraio 2018

Trusted Computing Group (TCG) today announced new guidance and an architects guide to secure network equipment. At Mobile World Congress Feb. 26-March 1, TCG members Infineon Technologies and Juniper Networks will demonstrate these recommendations in Stand 6C4, Hall 6.
Recent attacks such as CherryBlossom and Marai have exposed some networks and data, resulting in significant data loss and impact to business. TCG’s new guidance and architects guide, developed with input from network equipment makers and their suppliers, offer designers and developers of network equipment, including routers, switches and firewalls, specific recommendations and best practices to secure against compromise. Strong hardware security enabled by the Trusted Platform Module (TPM) ensures that equipment is tamper-resistant and protected against a variety of attacks.The Mobile World Congress demo will showcase the Juniper Networks® SRX320 Services Gateway protected with the Infineon OPTIGA™ TPM. The TPM prevents physical and logical tampering of the router and securely stores an encrypted hash. If the router configuration is updated but not authorized, the router will not boot, thereby preventing a potential attack. This is just one of the 12 use cases described in the guidance document. The companies also will discuss implementation of the guidance and TPM in a webcast on Feb. 21, 2018.TCG recognizes that network equipment is shipped as a closed embedded system with security provided by the unit as a whole; equipment must boot and operate without manual intervention; and the equipment itself typically should not have the ability to hide or mask its own identity. As with many embedded and industrial systems, network equipment typically has a long life cycle. Recommendations offered by TCG and members include:Devices should provide a cryptographic device identity based on IEEE 802.1AR and use the TPM to protect keys. Cryptographic identity can provide a reliable way to identify remote devices for applications involving device management, configuration and authentication. The TPM can be used to protect confidential data, such as VPN keys in network equipment TPM-based attestation can offer assurance to the integrity of software running on network equipment Use of the TPM’s random number generator can enhance the strength of cryptographic protocols by providing additional entropy Implementing these recommendations can raise the bar for network equipment security and substantially increases the difficulty for attackers who want to undermine this security.

Rispondi

Inserisci i tuoi dati qui sotto o clicca su un'icona per effettuare l'accesso:

Logo WordPress.com

Stai commentando usando il tuo account WordPress.com. Chiudi sessione /  Modifica )

Google+ photo

Stai commentando usando il tuo account Google+. Chiudi sessione /  Modifica )

Foto Twitter

Stai commentando usando il tuo account Twitter. Chiudi sessione /  Modifica )

Foto di Facebook

Stai commentando usando il tuo account Facebook. Chiudi sessione /  Modifica )

Connessione a %s...

 
%d blogger hanno fatto clic su Mi Piace per questo: