TCG Members Infineon Technologies and Juniper Networks Demonstrate
How to Secure Network Equipment with TPM at Mobile World Congress
PORTLAND, Ore.–(BUSINESS WIRE)–Trusted
Computing Group (TCG) today announced new guidance and an architects
guide to secure
network equipment. At Mobile World Congress Feb. 26-March 1, TCG
Technologies and Juniper
Networks will demonstrate these recommendations in Stand 6C4, Hall 6.
Recent attacks such as CherryBlossom and Marai have exposed some
networks and data, resulting in significant data loss and impact to
business. TCG’s new
guidance and architects guide, developed with input from network
equipment makers and their suppliers, offer designers and developers of
network equipment, including routers, switches and firewalls, specific
recommendations and best practices to secure against compromise. Strong
hardware security enabled by the Trusted
Platform Module (TPM) ensures that equipment is tamper-resistant and
protected against a variety of attacks.
World Congress demo will showcase the Juniper Networks® SRX320
Services Gateway protected with the Infineon
OPTIGA™ TPM. The TPM prevents physical and logical tampering of the
router and securely stores an encrypted hash. If the router
configuration is updated but not authorized, the router will not boot,
thereby preventing a potential attack. This is just one of the 12 use
cases described in the guidance document. The companies also will
discuss implementation of the guidance and TPM in a webcast
on Feb. 21, 2018.
TCG recognizes that network equipment is shipped as a closed embedded
system with security provided by the unit as a whole; equipment must
boot and operate without manual intervention; and the equipment itself
typically should not have the ability to hide or mask its own identity.
As with many embedded and industrial systems, network equipment
typically has a long life cycle. Recommendations offered by TCG and
- Devices should use a TPM as a hardware-based root of trust
Devices should provide a cryptographic device identity based on IEEE
802.1AR and use the TPM to protect keys. Cryptographic identity can
provide a reliable way to identify remote devices for applications
involving device management, configuration and authentication
The TPM can be used to protect confidential data, such as VPN keys in
TPM-based attestation can offer assurance to the integrity of software
running on network equipment
Use of the TPM’s random number generator can enhance the strength of
cryptographic protocols by providing additional entropy
Implementing these recommendations can raise the bar for network
equipment security and substantially increases the difficulty for
attackers who want to undermine this security.
TCG (@TrustedComputin) is a not-for-profit organization that develops,
defines and promotes open, vendor-neutral, global industry standards,
supportive of a hardware-based root of trust, for interoperable trusted
computing platforms. More information about TCG is available at www.trustedcomputinggroup.org.
Follow TCG on Twitter and
Brands and trademarks are the property of their respective owners.
Tweet this: See new way to secure network equipment blocking attacks,
malware, protecting data #TPM #MWC18 @TrustedComputin @Infineon
@JuniperNetworks Stand 6C4, Hall 6 http://ow.ly/GXHa30iidhO