The old address-defined networking paradigm of blindly networking everything is problematic at best… unless you’re a hacker. But now, there’s a better way. One that’s HIP to be precise!
HIP—which stands for Host Identity Protocol—moves beyond the old way of networking. Instead, HIP only networks devices with provable host identities. And it does so in a way that shuts out hackers, while making it easy for devices to automatically join a HIP-based network.
HIP protocol separates the end-point identifier and locator roles of IP addresses, which fixes the broken trust model and introduces the more flexible and secure Host Identity Namespace. The implications of this on the networking world are huge. With HIP, you can move beyond routing and embrace the concept of orchestration. With orchestration, you’re able to define network trust relationships by identity, at the device level, while still using traditional IP addressing for location across the Internet. And, thanks to built-in encryption and authentication, HIP is resistant to denial-of-service (DoS) and man-in-the-middle attacks.
With HIP, IP addresses are only used to locate hosts, not to identify them, which enhances resource mobility. By assigning every device – or endpoint on a network – a unique cryptographic identity, the Identity Defined Networking (IDN) solution effectively cloaks vulnerable, high-value systems from hacker reconnaissance, as well as north-south AND east-west traffic.
In addition to the HIP protocol making networking more secure, it actually makes it easier to implement and manage devices, resources, and endpoints. It’s operationally much simpler than IP-based networking because there is less reliance on traditional solutions and approaches such as VLANs, nebulous firewall rules, and ACLs—all of which can add to the overall complexity and difficulty of networking.
HIP helps eliminate myriad problems of IP addressing, such as when devices move to different networks, or when machines share the same IP address. Consider trying to connect two servers in separate homes—already a difficult networking task. The task is made exponentially more difficult if they’re both using the IP address 192.168.0.1. But if they’re both equipped with HIP software and HIPrelay—with its mobile Global IP and cryptographic identities—they can overcome the IP obstacle and easily connect with a few clicks.
The HIP protocol makes it possible to connect and cloak systems that typically aren’t able to directly connect, whether it’s two laptops on different networks or hundreds of thousands of IoT devices spread throughout the world. And HIP makes it possible to do so securely.
We think that’s pretty HIP!