TCG Members Infineon Technologies and Juniper Networks Demonstrate How to Secure Network Equipment with TPM at Mobile World Congress
PORTLAND, Ore., Feb.13, 2018 – Trusted Computing Group (TCG) today announced new guidance and an architects guide to secure network equipment. In a few weeks at Mobile World Congress, TCG members Infineon Technologies and Juniper Networks will demonstrate these recommendations in Stand 6C4, Hall 6.
Recent attacks such as CherryBlossom and Marai have exposed some networks and data, resulting in significant data loss and impact to business. TCG’s new guidance and architects guide, developed with input from network equipment makers and their suppliers, offer designers and developers of network equipment, including routers, switches and firewalls, specific recommendations and best practices to secure against compromise. Strong hardware security enabled by the Trusted Platform Module (TPM) ensures that equipment is tamper-resistant and protected against a variety of attacks.
The Mobile World Congress demo will showcase the Juniper Networks® SRX320 Services Gateway protected with the Infineon OPTIGA™ TPM. The TPM prevents physical and logical tampering of the router and securely stores an encrypted hash. If the router configuration is updated but not authorized, the router will not boot, thereby preventing a potential attack. This is just one of the 12 use cases described in the guidance document. The companies also will discuss implementation of the guidance and TPM in a webcast on Feb. 21, 2018.
TCG recognizes that network equipment is shipped as a closed embedded system with security provided by the unit as a whole; equipment must boot and operate without manual intervention; and the equipment itself typically should not have the ability to hide or mask its own identity. As with many embedded and industrial systems, network equipment typically has a long life cycle. Recommendations offered by TCG and members include:
Implementing these recommendations can raise the bar for network equipment security and substantially increases the difficulty for attackers who want to undermine this security.
TCG (@TrustedComputin) is a not-for-profit organization that develops, defines and promotes open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. More information about TCG is available at www.trustedcomputinggroup.org. Follow TCG on Twitter and on LinkedIn.
Brands and trademarks are the property of their respective owners.
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.