Citrix Octoblu patentOctoblu is a leader in the rapidly evolving Internet of Things (IoT) marketplace.

While security in most IoT platforms and IoT devices seems to be an after-thought, Octoblu designed layers of security into the core of Citrix’s Integration of Everything platform. Our approach to IoT security was so novel, in fact, that we were recently issued a patent to protect it.

As a reminder, Octoblu enables companies to create IoT and integration services with secure real-time exchange of data. The Octoblu services are built on an open communications and management platform that supports a variety of protocols for physical devices to communicate seamlessly with each other, people, legacy applications, and cloud services such as Citrix’s Workspace Cloud, NetScaler, ShareFile, XenMobile, and the rest of the Xen family.

Through public, private, and/or hybrid Octoblu clouds users can connect, design, process, and analyze the flow of information across devices, services, and networks. All services have been designed through a robust security and right management architecture. Let’s walk through Octoblu’s IoT security layers:

  1. Authentication – Every device, service, mesh networking node, automation flow, and user has a strong, alpha-numeric 36-character UUID and 36-character token. These keys serve as credentials for these “things” to join and interoperate within the Octoblu mesh network known as Meshblu. These credentials are also used throughout our API services for discovering, messaging, and configuring “things.”
  2. Authorization & Role Management – Octoblu uses an extensible Linux-like roles permission structure for each UUID (remember that everything connected to Octoblu is represented as a UUID). Each UUID has a set of whitelist and blacklist arrays consisting of UUIDs that can or cannot (respectively) discover, message, subscribe, or configure it. Here’s a detailed walk-through of this security feature.
  3. Message Encryption – There are two layers of encryption for every message on our IoT platform.
    1. All machine-to-machine instant messages and messages between devices and services are sent over TLS encryption at the transport layer for all protocols supported. Today we support HTTPS, secure websockets, secure MQTT, and secure CoAP. Other Octoblu supported protocols such as BLE and AllJoyn are securely bridged into Meshblu via our Gateblu software gateway via one of our secure first-class protocols listed above.
    2. Message payloads can also be independently encrypted via AES public / private keys controlled by the users and “things” sending the messages. Checkout our detailed post and source code and secure chat messaging demo for more details.
  4. Service Tokens – As you authorize various API web services such ShareFile, NetScaler, StoreFront, etc to use within Octoblu flow automations, you must first authenticate each of these services through Octoblu. These services return a secure token which is also encrypted within your Octoblu user vault.  These tokens allow these services to run in your Octoblu automations as you.

Here’s an example of adding a discovery whitelist to a registered device on Octoblu’s Meshblu mesh network:

Octoblu Device Security

Now, let’s give you a real world example of Citrix Octoblu enhancing your network’s security infrastructure in realtime. Octoblu can now reconfigure a NetScaler and notify a datacenter if or when a cyber threat on your network is detected by Splunk. Splunk now has Octoblu built into its Alert Action Framework, allowing you to kick off an Octoblu workflow automation that takes actions like these:

  • block a port or IP address on your NetScaler(s)
  • send an SMS notification to your SOC (Security Operations Center) team
  • turn on a siren for 30 seconds in your datacenter to get attention
  • open a trouble ticket for further analysis
  • Chromecast the information about the attack to monitors in your SOC and datacenter

What if we told you that you could automate these processes in three easy steps without programming? With Citrix Octoblu, you can today and we’ll show you how!

Octoblu Splunk / Netscaler Automation

Stay tuned for more posts demonstrating how Citrix Octoblu can automate more workflows involving XenApp, XenDesktop, XenMobile, ShareFile and NetScaler! In the mean time, please feel free to signup for Octoblu services and start automating your business processes today!