Frequently Asked Questions (FAQ)
What does MUD stand for?
Manufacturer Usage Description.
What problem is MUD trying to solve?
MUD attempts to solve two key problems:
- What type of device is this?
- What sort of network policies should be applied to it?
What is the open standard associated with MUD?
The MUD standard is due for approval by the Internet Engineering Task Force (IETF) very soon, and will be issued as an RFC. The IETF is open for all to participate. All IETF documents are free for anyone to retrieve. For more information about the IETF, see https://www.ietf.org. For more information about the MUD standard, see https://datatracker.ietf.org/doc/draft-ietf-opsawg-mud/.
Does making MUD an open standard mean that I can operate MUD even if I do not have Cisco gear in my network?
Cisco has made available relevant Intellectual Property Rights (IPRs) so that other vendors may implement MUD. For more information see: https://datatracker.ietf.org/ipr/search/?submit=draft&id=draft-ietf-opsawg-mud.
Why did Cisco decide to make MUD an open standard and not intellectual property?
We want as many manufacturers as possible to implement MUD so that we, as an industry, can do a better job at protecting IoT devices. To facilitate this, we have developed an open industry standard.
Is MUD available? If not, when will it be?
MUD itself is an open standard, and the technology is available for anyone to use. For Cisco's part, we will support MUD through a Limited Availability release of Cisco ISE in July 2018.
I am an IoT Device manufacturer. How can MUD help me, and how can I participate?
As an IoT Device maker who has adopted MUD, you will be able to expose your device type and information about its normal operation to the network that your device connects to. This would differentiate you from the competition. You can participate by embedding a MUD-URL in your device's firmware and host a MUD File Server on the Internet. Details can be found in the MUD Developer Guide.
I am a System Integrator. How can MUD help me, and how can I participate?
As a System Integrator, choosing MUD-enabled devices will help you secure the network that you integrate and/or set up. Choosing MUD-enabled component devices for the network will not only enhance the security posture of the network, but it will also reduce incident management costs.
I am an Enterprise that owns a network with IoT Devices connected to it. How can MUD help me, and how can I participate?
In the final analysis, the Enterprise network owner stands to lose the most in the event of a data breach. Therefore, insisting that System Integrators adopt MUD is as much a top-down imperative as a bottom-up business differentiator for manufacturers. Educating yourself and your IoT suppliers about this technology is a good starting point.
What Cisco technologies support MUD today?
With the imminent Limited Release of MUD, a branch of Cisco ISE will host the MUD Controller, and therefore support the MUD architecture. Furthermore, the Network Access Points that are capable of receiving and processing the embedded MUD URL are initially restricted to the Cisco Catalyst series of switches. Support for the Industrial portfolio, Digital Building Switches, and Wireless Access Points is slated for the future.