Physical Layer Visibility

OSI Model Physical Layer

The OSI layers, also known as the Open System Interconnection layers, play a vital role in computer system communication across networks. Published by the International Organization for Standardization (ISO) in 1980, the OSI Model is a conceptual framework that efficiently manages computing functions and facilitates global data transmission through its 7 distinct layers. The Physical Layer, deals with the physical medium and the electrical, mechanical, and functional characteristics of the network. It is responsible for transmitting raw binary data over a physical medium such as cables, wireless links, or optical fibers, ensuring the accurate and reliable transmission of bits between devices.

The Physical Layer is vulnerable to network implants and rogue devices that remain undetected without proper protection. Malevolent entities have the potential to cause significant damage within an enterprise network. Jeopardizing sensitive data and disrupting critical operations. Moreover, spoofed peripherals can masquerade as legitimate Human Interface Devices (Hacked Device), further increasing the risk.

Sepio’s innovative technology addresses this gap, providing unparalleled visibility and control over the Physical Layer. By mitigating risks and identifying potential threats, our patented solution ensures robust hardware security.

Physical Layer - OSI Layers

What You See is Not What You Get

Traffic based visibility solutions (NAC – Moving Beyond NACs, IDS, IoT, security scanners) have blind spots. Unmanaged switches, passive taps, and out-of-band devices all fly under the traffic radar. Spoofed devices can mimic approved devices fooling traffic-based solutions. If you can’t see everything you can’t protect everything.

Your Lack of Physical Layer Visibility is an Attackers Gain

Cybercrime syndicates and state sponsored activities are fully aware of that fact and focus their efforts in exploiting these blind spots (either through passive implants or spoofing legitimate devices). If it sounds like a cat, feels like a cat and meows like a cat, it could still be a Raspberry Pi spoofing a legitimate cat.

IoT devices with their use of MAB (MAC Authentication Bypass) are your ״”soft underbelly”, implementing 802.1x and then setting up exceptions for non-802.1x compliant devices (i.e., IP cameras, printers etc.) punches a huge hole in your security defenses, expect attackers to find these holes soon enough.

Adding physical layer visibility to your existing security stack provides full visibility of all network/peripheral devices. Sepio’s solution can easily integrate with you NAC, EPS, SIEM, SOAR putting them to better use as well as fit into your current security operational workflow.

Physical Layer Visibility

The Physical Layer, denoted as layer 1 in the OSI model, serves as the foundational tier responsible for overseeing hardware security. Its primary role is to establish and manage the physical connections between devices, identifying the equipment engaged in data transmission. Layer 1 encompasses the definition of hardware components, cabling, wiring, as well as the management of frequencies and pulses. Information is transmitted in the form of bits, with nodes facilitating its transfer from one point to another.

However, a pressing concern lies in the neglect of hardware security within this layer. Current security software solutions fail to encompass the Physical Layer (Layer 1) of the OSI model. This omission results in a lack of insight into the physical specifications of the network. Consequently, network implants, known as Rogue Devices, operating at the Physical Layer remain undetected. Similarly, manipulated peripherals, referred to as Rogue Devices tampered with at the Physical Layer, are erroneously recognized as legitimate Human Interface Devices (HIDs).

The absence of Physical Layer Visibility puts enterprises at risk of Rogue Devices infiltrating their networks and executing potentially harmful hardware attacks. Given that Layer 1 stands as the initial layer in the OSI model, it becomes paramount to establish robust security measures at this level to thwart attacks originating from Rogue Devices right from the outset.

Sepio’s Patented Technology

Sepio’s Asset Risk Management (ARM) provides required visibility down to the physical layer going deeper and lower where other traffic-based visibility solutions can’t. Asset Risk Management (ARM) doesn’t rely on what the device traffic is saying, we VALIDATE using Physical Layer 1 information. Trust and Verify!

See every known and shadow asset. Prioritize and mitigate risks.
Talk to an expert. It will help you understand how to use Sepio’s patented technology to gain control of your asset risks.

Download Solution Brief
August 25th, 2021