Isolated Remote IP Endpoints

Introduction

By default, the ENF firewall denies all communication – no endpoint can talk to any other endpoint. The flexibility of the ENF firewall allows fine-grained control of the allowed communication. When considering network security, it is a best practice to limit communication channels to only what is essential.

Isolating Endpoints

In most cases, it is not necessary for one remote IoT device to communicate directly with another. The administrators should not, therefore, add generic rules to the firewall that would allow this.

Since IoT devices are often in remote locations, it is possible that a malicious actor could gain physical access to an endpoint. Even with the best security, a malicious actor with access to the hardware may be able to compromise the device. By isolating the endpoints from each other, the compromised endpoint is prevented from affecting any other device. When anomolous behavior is observed, the compromised device can then be quarantined by revoking its access in the IAM.

Communicating with Servers

By setting the firewall rules appropriately, IoT endpoints can communicate with server endpoints unhindered. Many use cases require the IoT devices to communicate only with the server, while the server can communicate with any device.

Didn't find what you were looking for?

Contact us and we’ll get back to you as soon as possible.

Contact Us