The Root Cause: IP addresses are used as machine identity
Translation: The way we use IP is fundamentally flawed
- TCP/IP’s use of a device’s IP address to serve as both its identity and location on the network
- The inherent openness across all networked things results in a lack of security and increased vulnerability
- This network vulnerability is very visible and easily exploited
- With device identity and address being linked, hackers can fake a valid IP address to gain access to your network
- Once inside, large-scale havoc should be assumed
- The result: Network complexity that is unsustainable
- Networks are costly to maintain and manage, and require significant expertise to configure and secure
- And it can take weeks to move or provision a device that has a fixed IP address
Root Cause of Complexity
Network and security policies use IP addresses as identity, which is the root cause of complexity, network security vulnerabilities, poor segmentation, and lack of mobility.
Most efforts to secure IP networks today are simply Band-Aids. Even the creators of TCP/IP have acknowledged if they could go back and do it over again, they would include provable host identities from the start.
Vint Cerf: Co-creator of TCP/IP
The flawed foundation of IP