The Need
Our client was looking for a solution that enable network visibility and actionable intelligence to protect their IoT devices and the data they transmit from potential anomalies, reducing costs and mitigating security risk.
Impacts Delivered
- An intelligent network monitoring solution was developed that enabled network visibility and actionable intelligence.
- Enabled the customer with information required to protect their IoT devices and the data.
- Reduced the costs of mitigating from security events and risks.
Our Solution
- Customer was aware of the potential risks in the IoT device security including massive data overage costs, exposure of sensitive data to unauthorized parties, and damage to brand reputation and customer success,
- Customer organization required the necessary tools in place to properly protect their connected solutions.
- Monitoring and Securing the network traffic of their connection at a device level.
Typical Challenges addressed
- Real-Time Traffic Monitoring – access live network traffic views based on shallow packet and session inspection, trending, and monitoring.
- Visibility into Multiple Conditions – gain visibility into various device-oriented network conditions including IP address or port changes, specific network protocol types, IMEI changes, time-based events, anomalous communication patters, as well as loss of connection or outage.
- Complex Rules with Actions – set rules with automated actions based on certain condition alerts –including initial and follow-up actions – to suspend, deactivate, or reactivate devices
Solution implemented
- Netflow and Radius data - Ability to process 100K messages/secs and auto-scale on demand. Collect high volume data in Kafka based messaging backbone and a fleet of Kubernetes PoDs processing Kafka message in near real time.
- Custom build Rule Engine for performance at its core, that evaluates Admin configured rule to generate Alert and trigger Actions, in the event of Rule Violations.
- Design for High Availability and Disaster Recovery across On-premises Data Centers.
- Keycloak based Authentication, and authorizing Role based Access Controls.
Tools & Technologies
- Kafka Topics
- Redis Cluster
- Elastic Stores
- Cisco Firepower
- Clickhouse warehouse
- Kubernetes services
System Architecture Block Diagram