The Open System Interconnection (OSI) Model, is a conceptual framework that defines the layers that computer systems use to communicate over a network. In other words, the 7 Layer OSI model characterizes computing functions into a universal set of rules and requirements to support interoperability between different products and software. There are seven layers within the OSI model, each of which has a specific functionality to perform. Together, the layers work collaboratively to transmit the data from one person to another across the globe. It is crucial to raise awareness about why Layer 1 of the OSI model needs to be addressed.
Below is an overview of the seven layers and their individual functions.
Starting at the very beginning-the Physical Layer of the OSI Model
The Physical Layer (L1) is the lowest layer of the OSI model and provides hardware security. This layer is responsible for the actual physical connection between the devices by identifying the equipment involved in the data transfer. Layer 1 defines the hardware equipment, cabling, wiring, frequencies and pulses. The information is contained in the form of bits and transmitted from one node to another.
The problem is that hardware security goes neglected; existing security software solutions do not cover Layer 1 of the OSI model. Without Layer 1 visibility, the physical specifications of the network are not captured. Hence, network implants – Rogue Devices which operate on the Physical Layer – are not detected. Similarly, spoofed peripherals – Rogue Device manipulated on the Physical Layer – are identified as legitimate HIDs. Without Layer 1 visibility, enterprises are at risk of Rogue Devices infiltrating their network and conducting harmful attacks. As Layer 1 is the first of the OSI layers, it is crucial to have protection at this level to stop the attacks originating from Rogue Devices at the very first instant; before being carried out.
Sepio Systems supporting compliance
Sepio Systems’ Hardware Access Control (HAC-1) solution provides entities with the Physical Layer coverage they need to obtain complete device visibility. And, in doing so, also provides protection against hardware-based attacks. As the leader in Rogue Device Mitigation (RDM), Sepio’s solution identifies, detects and handles all peripherals; no device goes unmanaged.
HAC-1 uses Physical Layer fingerprinting technology and Machine Learning to calculate a digital fingerprint from the electrical characteristics of all devices and compares them against known fingerprints. In doing so, HAC-1 is able to provide organizations with ultimate device visibility and detect vulnerable devices and switches within the infrastructure. In addition to the deep visibility layer, a comprehensive policy enforcement mechanism recommends on best practice policy and allows the administrator to define a strict, or more granular, set of rules for the system to enforce. When a device breaches the pre-set policy, HAC-1 automatically instigates a mitigation process that instantly blocks unapproved or Rogue hardware.
Furthermore, HAC-1’s RDM capabilities support compliance with Section 8 of the EO, which concerns the government’s investigative and remediation capabilities. Section 8 focuses on enhancing data collection efforts in order to improve the investigation and remediation processes following an incident. HAC-1 logs all hardware asset information and usage, and maintains such data for a period defined by the system administrator.
With the threat landscape evolving and cyberwarfare proliferating, what protects you today might not protect you tomorrow. Hence, federal agencies, other critical infrastructure providers, and eventually all other organizations, need to make improvements to their cybersecurity strategy. Technology might bring numerous benefits to the world, but it also makes it a dangerous place to be. So much so, that physical security and cybersecurity are becoming, if not already, one and the same.
Sepio platform uses a novel algorithm, a combination of physical layer fingerprinting module coupled with a Machine Learning module – providing the sought-after visibility and enforcement level, it is further augmented by a threat intelligence database – ensuring a lower risk hardware infrastructure.
Hardware Assets Control solution for iot security
Sepio Systems Hardware Access Control HAC-1, provides 100% hardware device visibility.
HAC-1 enables Hardware Access Control by setting rules based on the devices characteristics.
HAC-1 instantly detects any devices which breach the set rules and automatically block them to prevent malicious attacks.
The idea is to Verify and then Trust that those assets are what they say they are.
Sepio Systems HAC-1 brings the ultimate solution to zero trust adoption by providing 100% hardware device visibility for Healthcare Industry
With greater visibility, the zero-trust architecture can grant access decisions with complete information.
Thus, enhancing the enterprise’s protection within, and outside of, its traditional perimeters.
The Hardware Access Control capabilities of HAC-1, block Rogue Devices as soon as they are detected
Our HAC-1 solution stops an attack at the first instance, not even allowing such devices to make network access requests.
Sepio Systems Hardware Access Control HAC-1 provides 100% hardware device visibility. No device goes unmanaged. Rogue Devices are block as soon as they are detected. HAC-1 solution stops an attack at the first instance, not even allowing such devices to make network access requests.
Layer 1 of OSI Model, Physical Layer Fingerprinting
Sepio Systems is the only company in the world to undertake Physical Layer fingerprinting. HAC-1 detects and handles all peripherals; no device goes unmanaged.
With this total visibility, a stronger cyber security posture is achieved. There is no longer needed to rely on manual reporting or employee compliance. Sepio Systems manage security and provides answers to questions such as:
- Do we have an implant or spoofed device in our network?
- How many IoT devices do we have?
- Who are the top 5 vendors for devices found in our network?
- Where are the most vulnerable switches in our network?
Having visibility across all hardware assets provides a more comprehensive cyber security defense. Reduce the risk of a hardware attack being successful and our private health data being stolen.