Aeris Security Management

Quickly and accurately protect, detect and respond to cellular IoT security threats
PRODUCT BROCHURE

Today, most Internet of Things (IoT) businesses implement best practices to keep their
enterprises and IoT programs safe. Yet they find themselves more exposed to cyberattacks
today than ever before. The steady increase in IoT attacks continues to inflict financial losses
and sometimes damages brand reputation and sets business profitability back by years.

Security for Cellular IoT Deployments

Securing cellular IoT solutions is no simple task. The effort is layered with complexities and dependencies that
make IoT deployments more susceptible to security threats and misuse across an ever-increasing attack surface
spanning an entire IoT stack—devices, networks, and applications.

IT teams responsible for securing IoT solutions deploy a wide array of enterprise cybersecurity tools—firewalls,
VPNs, Endpoint Protection Detection & Response (EPDR), Security Incident and Event Management (SIEM),
Endpoint Detection and Response (EDR), etc.—whose effectiveness is only rendered to discover and remediate
certain types of attacks. That’s why organizations need security capabilities to analyze network traffic in real-time to
detect malicious activities and protect against unknown threats.

Nowhere is the need more evident than in the cellular IoT space, where the problem of detecting risks from
unknown threats and attacks is beyond the capacity of a single IoT solution provider to solve.

© 2022 AERIS COMMUNICATIONS, INC. 1

Aeris Intelligent Network Detection and Response (INDR) for Cellular IoT
Aeris INDR provides the capabilities that IoT solution providers have lacked over the
years to keep threats out and secure against malicious activities inside the networks.

INDR delivers crucial visibility by analyzing device-level transactions and surfacing

high-fidelity contextual alerts in near real-time. Aeris INDR takes those responsible for
securing IoT solutions beyond the perimeter-focused threat detection products that
run on rules and log aggregations. Such tools are not designed to safeguard against
fast-evolving threats and lack the depth required for forensic investigation and threat
hunting.

Aeris INDR combines rules and behavioral detections using machine learning and/or
Artificial Intelligence to identify anomalies and threats. What makes Aeris INDR unique
is the rich set of network data from 15 million cellular IoT devices deployed
globally across diverse industries and use cases.

Further, Aeris INDR is built using models that

continuously evolve and are robust enough to
detect threats in near real-time and operate at
scale, offering the fastest, most accurate, and
contextual threat detection needed to reduce
cybersecurity risks for cellular IoT.

Aeris Intelligent Security Center

Today, Aeris offers a wide array of field-proven
and innovative IoT security features and
solutions to safeguard against new attack
vectors. These features are part of the Aeris
Intelligent Security Center (AISC). AISC leverages network intelligence and
machine learning technology to improve the effectiveness of cybersecurity for IoT
devices. It enables you to monitor and analyze security risks across multiple vectors,
not only at the network level but also at the individual endpoint.

By seamlessly combining near-real-time and historical data, AISC provides advanced,

deep forensic analysis to improve the investigative workflow, so you can quickly
identify and rapidly respond to potential security incidents. This is especially important
for IoT deployments where the scale and distribution of devices render traditional
techniques ineffective. For businesses that adopt the secure by design principle and
defense in depth strategy, they can continually adapt and respond to constant and
evolving security threats. All the features under AISC fall into three key categories:
protect, detect, and respond.

Protect
The first step to improve IoT security is through protection. This can be achieved
by protecting unauthorized actors or services from accessing the network or by
encrypting data on the network, both in transit and at rest, to ensure integrity and
protect theft or leakage. This helps to securely and reliably transfer large amounts
of data from the device to your network or to other data centers.

© 2022 AERIS COMMUNICATIONS, INC. 2

Detect & Respond
Given how pervasive and costly security threats have become these days, chances are
protection measures are not enough. There will be instances when security features
and tools for threat detection and mitigation are required.

Visibility & Insights

Through intuitive and user-friendly dashboards, you can easily visualize the
data plane and control plane information. This is achieved by aggregating and
normalizing data over time in order to make it easier to identify potential issues.
We have also improved the design of the user interface to enhance both the
visibility of, and the insights you can gain from, the Aeris Intelligent IoT Network.

Indicators of Compromise (IOCs)

Four specific metrics serve as early indicators of a security threat. For each
indicator, you can establish a baseline, track activities, identify anomalies, and
conduct deep forensics.

• Data Transactions (per device)

This is a traffic summary report that provides the average amount of data sent
and received to/from each device per transaction. A spike could imply data
overage charges and adversely impact the cost of operations. It may also signal
a potential data breach where malicious actors are exfiltrating sensitive data
from the compromised IoT device.

• Destination Endpoints
Endpoints are sources and destinations of data transmission activity within the
IoT network. While many IoT networks adhere to a hub-and-spoke architecture,
other models, like a mesh network where IoT devices can talk to each other,
are also prevalent. Monitoring the source and destination IPs contacted by
an IoT network can be a powerful tool to detect malicious activity, such as
pivoting attacks or device hijacking (for botnet attacks).

© 2022 AERIS COMMUNICATIONS, INC. 3

 • DNS Queries
DNS servers are used by IoT devices to route outbound communication to
the appropriate destination endpoint. Monitoring DNS traffic increases the
likelihood of detecting anomalies. A higher-than-expected query count could
potentially signal a DDoS attack.

• Data Volume (by aggregate)

This information provides early warnings about potential data breaches by
monitoring outbound data transmission activity. It enables you to track the
volume of data that is sent out, drill down into the specifics of which devices
are sending this data, and identify where the data is being sent.

Security Risk Score (SRS)

A Security Risk Score is the quantified output of a risk assessment model
that reflects the relative security of your IoT deployment. The score is a
percentile ranking that incorporates multiple threat vectors. It provides an
intuitive and interactive view of the security risk posture, and continuously
evaluates IoT deployments against recommended security controls and best
practices. This feature is similar in concept to the credit rating and can be
helpful for non-experts in other part of the business to understand the level
of security threat across the entire IoT deployment.

Deep Forensics
Once a potential compromise has been identified, you can “drill down”
further on each device using several different options:

• By Time (for specific period)

• By Source/Destination URLs (for where data is being transmitted)
• By Device ID (to isolate specific devices)

Any one of these three options will enable you to perform deep
forensics of the data traffic pattern and triage the root cause(s) behind
any anomaly or potential security threat.

© 2022 AERIS COMMUNICATIONS, INC. 4

The following table summarizes all the AISC features that Aeris has to offer to help protect, detect, and respond to potential
threats and any anomalies that can potentially sabotage your IoT program:

Protect
Features Objectives Outcome

1. Private Domain Name Server (DNS) 1. Protect unauthorized actors or services from 1. Devices are only allowed to interact with
accessing the network (while also detecting authorized servers and endpoints on the
2. ConnectionLockTM
shadow IoT). network.
3. Non-dialable numbers
2. Encrypt data on the network, both in-transit 2. Devices are properly segmented and isolated
4. SMS & AccountLock and at-rest, to ensure integrity and protect to their designated networks.
theft or leakage.
5. Cloud Connect 3. Devices can adhere to best practices like
6. Virtual Private Network (VPN) 3. Minimize risk posed by exposure to public secure by design.
DNS servers.

Detect
Features Objectives Outcome

1. Indicators of Compromise (IOCs)
2. Security Risk Score (SRS)
1. Minimize manual efforts, time, and resources
to identify issues.
2. Highlight potential security vulnerabilities
and incidents at IoT scale and speed of
deployment.
3. Expand security awareness, inform on best
practices, and make key security indicators
more accessible.
1. Detects traffic anomalies and security threats
immediately.
2. Strengthens the overall security level.
3. Lowers the amount of internal security
resources and allocates resources to address
other business needs.

Respond
Features Objectives Outcome

1. Deep forensics
2. Block traffic to/from compromised devices
1. Triage and validate potential anomalies and
security issues.
2. Alert on confirmed incidents or threats.
3. Block or suspend traffic to impacted devices.
1. Detects server anomalies and threats.
2. Prevents data overage charges.
3. Responds rapidly to isolate vulnerable or
compromised devices.

Protect

Multi-Layer Defense
Security by Design
Security in Depth

Detect Respond

© 2022 AERIS COMMUNICATIONS, INC. 5

 United States Contact:
info@aeris.net or
Aeris is a Trusted Business Partner +1 408 557 1993

Aeris has been one of the early pioneers to help businesses around the
Europe Contact:
world successfully monetize and scale their IoT programs. We are 100%
EU_info@aeris.net or
committed to partnering with you to bring the honest perspective needed to +44 118 315 0614
help you reach the business goals. With 30 years of experience, we recognize
that one size does not fit all. Regardless of where you are on your IoT journey, India Contact:
your business will change over time. That is why we offer extra features and india_info@aeris.net or
support options to address your unique set of requirements. +91 01206156100

© 2022  Aeris Communications, Inc. All rights reserved. No portions of this document may be reproduced without prior written consent of Aeris
Communications, Inc. Specifications are subject to change without notice. Aeris, the Aeris logo, Aeris Connection Lock, and Aeris AerPort are trademarks
or registered trademarks of Aeris Communications, Inc. in the United States and/or other countries.

A0822
© 2022 AERIS COMMUNICATIONS, INC. 6