nets360 Extended Secure IoT SIM

Secure IoT M2M SIM card

With the Extended Secure IoT SIM, nets360 offers more than a conventional IoT M2M SIM card.

The Extended Secure IoT SIM operates in the closed nets360 core network and has optional comprehensive cloud security through Fortinet solutions such as anomaly detection or DLP (data loss prevention)

Extended Secure IoT SIM

Sample Deployment Architecture

Example: Managed Connectivity IoT SIM incl. Endpoint Security and full Core Network Security
Example: Managed Connectivity IoT SIM incl. full Core Network Security
Example: Managed Connectivity IoT SIM incl. and basic Core Network Security
Example: Extended Secure Network IoT SIM in mixed environments with full Core Network Security
Example: Extended Secure Network IoT SIM and Gateway in mixed environments with full Core Network Security
Previous slide
Next slide

IoT Connectivity
as a Service

Available SIM formats

  • eUICC eSIM
  • 2FF Mini SIM
  • 3FF Micro SIM
  • 4FF Nano SIM
  • MFF2 Embedded SIM

One-stop shop IoT Solution

  • eUICC SIM Card
  • Data with best coverage
  • Highest security
  • 24h Operation
  • Lifecycle Management
  • One contact, one contract, all over Europe

 

Revolutionizing the security of IoT M2M SIM cards, connected devices, and data traffic, the Extended Secure IoT SIM from nets360 represents a significant advancement in the protection of IoT ecosystems. Integrated into the nets360 Extended Secure Network, this solution is powered by Fortinet technology, the industry leader in IoT and OT security, ensuring your devices and data are safeguarded with state-of-the-art security measures.

The Extended Secure IoT SIM uniquely combines an M2M SIM card with the most advanced IoT and OT cloud security from Fortinet, presented as a comprehensive managed service. This approach allows customers to focus on their core business activities, confident in the security of their IoT infrastructure.

With the capability to process and secure 55 different OT-specific network protocols, including Modbus TCP, BACnet, and OPC, along with more than 1,850 unique application control signatures, the nets360 Extended Secure Network offers unparalleled protection. This extensive coverage ensures that your operations are fortified with advanced and reliable security solutions, ready to meet the challenges of today’s digital landscape.

Coverage and Data

Wide range
We support 2G (GSM/GPRS/EDGE), 3G (UMTS/HSDPA/HSPA+), 4G (LTE/LTE Advanced), LTE-M, NB-IoT and 5G technologies.

NB-IoT and LTE-M (LTE Cat M1)
NB-IoT and LTE-M are particularly suitable for energy-efficient or low-power IoT devices. Many network operators across Europe already support this technology.

Usable all over Europe
Access to every mobile network in Europe through national roaming. Access via the strongest mobile network at the location.

Theft protection
Based on the IMEI (unique identification number of a mobile device), the use of a SIM card is restricted to a specific device (IMEI lock).

Building custom connectivity

Direct connection from our nets360 core network

With our direct connection via nets360 Core-Network, we offer direct cloud access to over 50 cloud providers and SAAS solutions. This increases security and ensures even faster data transmission without using the public internet.

Direct Internet access as you are used to from traditional ISPs.

Platform-based Network Internet Proxy (SWG) means a single central Internet access from your private IoT / OT network platform via a nets360 proxy in the nets360 core network.

Direct data center layer 2/3 access from your private IoT / OT platform network.

It does not matter whether the DataCenter is operated by you or your servers are located at the DataCenter provider.

Direct Cloud Layer 2/3 access from your private IoT / OT platform network.

Direct access to over 50 major cloud providers in Europe such as

– Amazon AWS
– Microsoft Azure
– Google
– SAP
– DATEV
– SAGE
– etc.

Direct platform access from your private IoT / OT platform network on a layer 2/3 base.

Direct access to platform providers such as

– Providers for e-mobility
– Billing software
– ERP and CRM systems

Enhanced IoT & OT Security

Modular security portfolio
Through our modular security portfolio built upon Fortinet, the market leader in IoT and OT security, we are equipped to provide you with a customized security solution tailored to your specific needs.

Internet of Things security is the practice of safeguarding connected devices and networks in the IoT ecosystem from malicious attacks and unauthorized access. It involves implementing measures to protect the confidentiality, integrity, and availability of data collected and transmitted by IoT devices. With the vast number of connected devices, IoT security is critical for preventing data breaches, ensuring privacy, and maintaining the functionality of IoT systems.

OT security focuses on safeguarding industrial and critical infrastructure systems that manage, monitor, and control physical processes. It aims to protect these systems from cyber threats that could disrupt their operation, cause physical damage, or compromise safety. By implementing robust OT security measures, organizations can ensure the reliability, availability, and safety of their essential operational environments.

IPS safeguards your device by actively monitoring and blocking potential threats in real-time, preventing unauthorized access and attacks. It enhances security by detecting and stopping malicious activities before they can cause harm, ensuring continuous uptime and protecting sensitive data.

DLP systems ofers safeguarding sensitive information by monitoring, detecting, and blocking data breaches or unauthorized transmission of data. DLP ensure that your IoT devices and networks remain secure against data theft or leakage, protecting both user privacy and intellectual property.

Content filtering for IoT and OT environments involves the use of technologies to monitor, restrict, and control the type of content that can be accessed or transmitted through IoT and OT devices and networks. This is crucial for preventing the exposure to malicious websites, phishing attacks, and unwanted content that could compromise the security and integrity of critical infrastructure and connected devices. Implementing content filters helps in maintaining the operational efficiency, security, and compliance of IoT and OT systems by ensuring only approved content is accessible.

ATP is a comprehensive security solution designed to detect, prevent, and respond to complex and evolving cyber threats across diverse environments. It employs a variety of defense mechanisms, including but not limited to, threat intelligence, malware protection, and incident response strategies to safeguard systems. Additionally, our ATP capability extends to protecting 55 different IoT/OT protocols with over 1,850 application signatures through virtual patching, ensuring robust defense against vulnerabilities without requiring immediate physical updates. (read more)

To provide protection in the age of IoT, network operators need solutions that can:

1. See and profile every device on the network to understand what IoT devices are being deployed
2. Control access to the network, both connecting to the network and determining where devices can access
3. Monitor the devices on the network to ensure that they are not compromised and to take automatic and immediate action if they are

nets360 provides these capabilities through our core network. Fully integrated into the security fabric, nets360 delivers the visibility, control, and automated response needed to provide security in a world of IoT devices.

Virtual Patching

What is Virtual Patching?
Patching is an update provided by a developer for an application, operating system, or firmware code designed to fix a discovered vulnerability and prevent it from being exploited. For a patch to work, it must be deployed on individual assets. Virtual patching is similar to a patch released by a vendor because it provides protection against a specific exploit. But in this case, this type of patch is deployed at the network level using an IPS rule rather than on the device itself. It is sometimes also referred to as a proximity control because it stops a threat before it reaches its intended target.

How Does Virtual Patching Work?
An IPS system is designed to inspect traffic and look for and block malicious activities. And with the right signature, it can also be used to identify and stop attempts to exploit specific vulnerabilities. Because any exploit has to take a defined network path for execution, being able to identify a specific threat makes it is possible to interrupt or block the exploit by modifying the network rules. These specific IPS signatures, or virtual patches, can be deployed at the network level using the intrusion prevention (IPS) functionality built into an NGFW or a traditional standalone IPS appliance.

– Virtual patches offer enterprises a critical level of coverage until a vendor releases a software patch to cover a new vulnerability.

– Many large enterprises using traditional patch management strategies do not deploy the patches immediately. For example, many IT teams need to validate whether or not a patch will introduce new problems in environments where lots of applications and workflows need to interact. This validation testing introduces additional delays once a vendor releases software patch. Virtual patching provides critical coverage during the initial “warm” phase of an active malware campaign to protect known vulnerabilities from exploitation while the enterprise is testing the patch from the vendor.

– Virtual patching is even more critical for mission-critical assets which require significant planning and downtime for a traditional patch to be put in place. These can include systems that are deployed remotely, such as a pipeline monitoring system; devices running sensitive systems that play a critical role in, say, a manufacturing environment (for example, monitoring a valve or thermostat on a vat containing thousands of gallons of caustic materials); or even critical infrastructure such as electrical grids or hydroelectric dams that cannot be taken down.

Protocol-based security for IoT and OT

nets360 provides combined application control and IPS signatures specifically designed for IoT/ OT based on FortiGuard Industrial Security Service. This provides the ability to detect and protect against threats at the network level while providing comprehensive insights into industrial applications. The FortiGate IPS engine can identify over 55 different OT-specific network protocols (e.g. Modbus TCP, BACnet, OPC) with more than 1,850 unique application control signatures within these protocols for specific security policy rules that can be applied to the various IoT/OT systems communicating on the network. By combining these capabilities with FortiGuard Labs’ IoT/OT-specific threat intelligence, IoT/OT operators can identify and monitor the types of traffic flowing on their networks and apply granular control over the use of protocol functions and values that restrict the flow of data in their environments.

List of currently supported ICS/OT protocols with Application Control and Virtual Patching

Consulting

From standard solutions to completely customized solutions, nets360 offers you the right platform for your IoT environment. In addition, we offer support in designing and building a secure, complete IoT network.

Connectivity

Reliable high speed connectivity with multi-network coverage via 2G, 3G, 4G, 5G, NB-IoT, and LTE-M. Local break-outs backed by 600+ commercial operator relationships worldwide.

Security

High security through closed nets360 network and optionally available nets360 cloud firewall solution with IPS, IDS, NAC, etc.

Operation

In-house, multilingual Network Opperation Center with up to Fully managed SLA 24/7/365. Predictive monitoring of all systems and regular system maintenance.

IoT connectivity suitable for

More nets360 IoT solutions

Extended Secure IoT Gateway

All-in-one infrastructure as a service solution

Recommendations

Existing Infrastructure Management

Maintenance for your existing infrastructure

Get started with nets360

We deliver all over Europe and speak several languages.
Let’s talk about your solution.