The Big Problem

The Root Cause: IP addresses are used as machine identity
Translation: The way we use IP is fundamentally flawed

 

The Flaw

  • TCP/IP’s use of a device’s IP address to serve as both its identity and location on the network
  • The inherent openness across all networked things results in a lack of security and increased vulnerability

The Problem

  • This network vulnerability is very visible and easily exploited
  • With device identity and address being linked, hackers can fake a valid IP address to gain access to your network
  • Once inside, large-scale havoc should be assumed

The Result

  • The result: Network complexity that is unsustainable
  • Networks are costly to maintain and manage, and require significant expertise to configure and secure
  • And it can take weeks to move or provision a device that has a fixed IP address


Root Cause of Complexity


Network and security policies use IP addresses as identity, which is the root cause of complexity, network security vulnerabilities, poor segmentation, and lack of mobility.


Most efforts to secure IP networks today are simply Band-Aids. Even the creators of TCP/IP have acknowledged if they could go back and do it over again, they would include provable host identities from the start.

 

  Washington Post: Net of Insecurity - A flaw in the TCP/IP design


 

 

Vint Cerf: Co-creator of TCP/IP
The flawed foundation of IP