Today, virtually every device connects to the enterprise network. From simple-function IoT devices to multimillion-dollar operational systems, modern devices utilize data connectivity to perform highly specialized tasks much more intelligently. The sheer heterogeneity of these devices is growing exponentially.
Effectively regulating these devices, in terms of what they can and cannot do inside the enterprise, requires a significant amount of knowledge on each, since you simply cannot control what you don’t know. In an effort to build the necessary repositories of device intelligence, vendors create – with varying levels of detail – device profile libraries. These libraries should be viewed as a starting point, a base on which to deliver a comprehensive suite of control capabilities that effectively protect devices and relevant business-critical information. Developing a large profile library is nice – organizing that library in a way to keep it relevant and up to date is crucial.
There are enormous challenges in keeping the library relevant and up to date. A set of printers that are classified as a set of profiles in one enterprise installation will look slightly different in another customer installation – perhaps because of configuration, operational behavior, network connectivity – and will result in an entirely new set of device profiles. Any firmware or software update will necessitate a new profile in order to keep it up to date. At the same time, just like a traditional library, there are vast amounts of material that are irrelevant since nobody can effectively use them. Profiles with irrelevant information will do more harm than good. To search through all the myriad uncorrelated and out-of-date information in a library to get what you need is simply an untenable task.
Profile Library vs Profile Generator
The only clear way to keep the device profiles relevant and up to date is to develop a profile generator. Being able to report millions of device profiles in a library is fundamentally unimportant. What is important is the efficiency with which the profiles can be used in an underlying multi-vendor networking and security infrastructure – and automate such infrastructure to control these devices in terms of access control and policy enforcement. What’s needed is a real-time Profile Generator for those devices actually deployed in an enterprise which produces the relevant parameters for automated control.
Establishing a real-time Profile Generator necessitates sophisticated Machine Learning (ML) techniques. Each unique set of device attributes should be collected and fed into a machine learning engine, which learns and organizes it. When new devices are added to the network or when their software is updated, the learning engine intelligence determines whether it should add a new device profile or update an existing one. Moreover, it has the intelligence to determine that multiple devices, while they may have slight differences in individual attributes, are essentially the same type and class of device. It filters out irrelevant details and focus on important attributes.