A new security project exhibited at DEF CON hacking conference on Thursday, August 7 seeks to standardize household security with the increase of commercial smart devices (often referred to as the “Internet of Things”). Itus Networks was founded by Jock Breitwieser and Daniel Ayoub, both formerly of Dell SonicWALL. Itus Networkson Thursday to coincide with their DEF CON expo. They’re aiming for their prototype, called iGuardian, to bring enterprise-level security solutions to the household level.
Photo: iGuardian Kickstarter Campaign
Itus Networks’ primary goal with iGuardian is to address the problem of securing an interconnected home (as HP addressed with its Fortify on Demand security study). To date, the average consumer’s typical options include an anti-virus and home router. Most anti-virus software only alerts the user once malware has already entered a device. Routers, on the other hand, are still using outdated technology, using what is called stateful packet inspection (SPI) firewalls. These SPi firewalls block incoming traffic from the outside and keep track of all sessions initiated by outgoing users, then simply await a reply from the server.
Itus Networks co-founder Daniel Ayoub told VPN Creative that the protection stops there: “because it has a trusted outgoing connection, it assumes that anything coming in is also going to be secure.” SIP firewalls only inspect header information, not the actual data coming through the channel (where most modern attacks take place). This technology is very different from the advanced security measures businesses implement today, but home routing systems still rely on it.
The market for interconnected “smart” devices includes consumer electronics that, until recently, have never made use of wireless connections. The companies that produce them are not security companies, but rather consumer producers whose focus is on mass production. These companies aim to make their products as inexpensive as possible so as to appeal to a broad market; security, unfortunately, remains an afterthought.
The technology for products such as the iGuardian has been available “for quite some time,” according to co-founder Breitwieser, but is too complicated to expect the typical consumer to assemble. Current approaches to business-grade security options are relegated to tech hobbyists and are not considered user-friendly. These methods are too costly, difficult, and time-consuming for the average household.
In contrast, the iGuardian boasts a simple setup. The prototype is a small box (the Kickstarter webpage provides a photograph with a banana for scale). Itus Networks promises a five-minute installation requiring “zero configuration or technical knowledge.”
The iGuardian is comparable in product specifications to familiar names in the security industry, including Dell SonicWALL and Juniper Networks. Itus Networks’ strategic partner Rhino Labs also produces the hardware for large enterprise security companies. Breitwieser and Ayoub’s goal is to keep their product below $200 for general consumer use, compared to business-grade hardware that can reach prices exceeding $1,000. “Once you get into those higher price points, you immediately start excluding people,” explained Ayoub.
From its Kickstarter page:
The iGuardian is an embedded Linux system based on OpenWRT and runs Snort as an in-line intrusion prevention system. It has been designed and optimized for easy installation and provides advanced threat prevention against a wide variety of attacks. The iGuardian protects your connected devices from Internet threats with a reliable, simple and affordable solution.
Snort is an open source intrusion-prevention system that monitors all incoming traffic both to and from the network. It is produced by SourceFire (which was recently acquired by Cisco).
According to Ayoub, Snort is “the most widely-used open source intrusion-prevention system that’s out there today.” It works by looking for patterns of known attacks. It also monitors outgoing information (for instance, a Trojan-infected laptop attempting to connect to an outside server) and blocks connections to known malicious servers.
Because Snort is open source, it is true that the technically inclined could build their own security system (and many do). What Itus Networks hopes to accomplish is to bring this system to those who have neither the money nor the technical know-how to buy an expensive security system or to configure their own.
Users simply plug in the iGuardian between their cable modem and wireless router. The system auto-configures, auto-installs, and the entire network is “protected within five minutes.” The iGuardian covers all devices connected to the network, both wired and wireless.
Itus Networks’ timeline for the iGuardian predicts mass production by February 2015, pending fulfillment of their Kickstarter goals. To date, Itus Networks’ Kickstarter campaign has currently reached over $13,000 of its proposed $125,000 goal.
Breitwieser and Ayoub founded Itus Networks to challenge the status quo surrounding household security. The two were surprised to discover there was nothing of its kind already on the home market. “It’s really bizarre,” Breitwieser told VPN Creative. They hope the iGuardian will spur a “paradigm shift” that will call upon consumer electronics producers to be more responsible in their approach to security.
The Itus Networks co-founders believe their product caters to two different audiences: while the iGuardian is a quality product that will be useful to the technical expert or security hobbyist, it is also accessible to the average consumer. They hope to show that business-level security solutions can be built and marketed at affordable consumer prices so that all homes can have access to up-to-date security options.