Router based securing of internet of things devices on local area networks

摘要

IoT devices are secured on multiple local area networks. Each local network contains a router which monitors activities of IoT devices, and transmits corresponding information to a backend server. The backend amalgamates this information, calculates dynamic reputation scores, and determines expected authorized activities for specific IoT devices. Based thereon, the backend creates a constraint profile for each IoT device, and transits the constraint profiles to the routers for enforcement. Enforcing a constraint profile can include creating multiples VLANs with varying levels of restricted privileges on a given local area network, and isolating various IoT devices in specific VLANs based on their reputation scores. Constraint profiles can specify to enforce specific firewall rules, and/or to limit an IoT device's communication to specific domains and ports, and/or to specific content. The backend continues to receive monitored information concerning IoT devices from multiple routers over time, and periodically updates constraint profiles.