Defending the Mobile Core

News Analysis
Michelle Donegan

2/28/2014

Comment (5)

50%

BARCELONA -- Mobile World Congress 2014 -- Network security specialist Arbor Networks this week launched a traffic analysis product designed to give mobile operators visibility into their packet core networks so that they can detect attacks and prevent potentially widespread service outages.

With the new Peakflow Mobile Network Analysis, the company has extended its Peakflow product line, which tracks and detects anomalies in traffic flows in fixed-line backbone and datacenter networks, to provide the same level of visibility into mobile operators' core networks. And when used together, operators can have visibility and threat detection across their fixed and mobile networks from one management console.

One of the biggest challenges for mobile operators when it comes to network security is the lack of traffic visibility in the packet core and radio access network, as well as real-time insight into the sources of potential attacks, according to Arbor Networks Inc.

The company points to recent research from Heavy Reading which found that 60% of mobile operators have had a network outage or service degradation lasting at least an hour due to malicious attacks. In addition, 60% of respondents said they do not have visibility into their mobile packet core infrastructure.

Heavy Reading senior analyst Patrick Donegan said in a statement: "In today's environment, no one security approach is going to prevent all malicious traffic from reaching the mobile network. And nothing is going to stop the increasingly complex mix of protocols within the network from generating anomalous traffic behaviour. Mobile operators are increasingly looking for new ways to quickly visualize, identify and reduce security risks within the packet core."

Mobile network security is one of a number of key topics that will feature at The Big Telecom Event (BTE), June 17/18 at the Sheraton Chicago Hotel and Towers.

According to Tom Bienkowski, director of product marketing at Arbor, mobile operators' networks are threatened from both sides of the packet core -- that is, network attacks can originate from the fixed-line network over the Gi and SGi interfaces that sit between the packet core and external IP networks/public Internet, or they can come from devices, through malicious malware or non-malicious signalling storms.

"Today, the majority of threats are coming from the fixed-line networks, but the emerging trend is for attacks to come from the other side of the network, through mobile malware," said Bienkowski. "That's why operators need a holistic view."

But traffic anomalies do not always indicate a malicious attack on the network. Sometimes the unusual traffic patterns can be the result of a malfunction in the network or a signalling overload from user devices.

The Peakflow Mobile Network Analysis provides a view of this signalling activity by collecting telemetry from the packet core and reporting operational and security insights. For example, the product provides detailed signalling flow behaviour between the serving GPRS support node (SGSN)/serving gateway (SGW)/ mobility management entity (MME) elements and the gateway GPRS support node (GGSN)/packet gateway (PGW) nodes, for real-time and retrospective analytics. It also detects and alerts operators to signalling message volumes, so that they can quickly identify causes.

"Whether it's malicious or not, a threat is a threat and operators need to stop it," said Bienkowski. He added that Arbor has been doing IP traffic threat detection for 13 years in the fixed-line networks, and now that mobile packet core networks are IP-based, the company can apply its expertise in mobile networks.

The Peakflow Mobile Network Analysis is currently in trials with an operator in Asia-Pacific and will soon start another trial with an operator in the Nordic region, according to Arbor.

For more coverage of these issues, check out our Mobile Security content track.

— Michelle Donegan, contributing editor, special to Light Reading

Want to learn more about this topic? Check out the agenda for The Big Telecom Event (BTE), which will take place on June 17 and 18 at the Sheraton Chicago Hotel and Towers. The event combines the educational power of interactive conference sessions devised and hosted by Heavy Reading's experienced industry analysts with multi-vendor interoperability and proof-of-concept networking and application showcases. For more on the event, the topics and the stellar service provider speaker line-up, see Telecommunication Luminaries to Discuss the Hottest Industry Trends at Light Reading's Big Telecom Event in June.

Defending the Mobile Core News Analysis Michelle Donegan 2/28/2014 Comment (5) Login 50% 50% Tweet BARCELONA -- Mobile World Congress 2014 -- Network security specialist Arbor Networks this week launched a traffic analysis product designed to give mobile operators visibility into their packet core networks so that they can detect attacks and prevent potentially widespread service outages. With the new Peakflow Mobile Network Analysis, the company has extended its Peakflow product line, which tracks and detects anomalies in traffic flows in fixed-line backbone and datacenter networks, to provide the same level of visibility into mobile operators' core networks. And when used together, operators can have visibility and threat detection across their fixed and mobile networks from one management console. One of the biggest challenges for mobile operators when it comes to network security is the lack of traffic visibility in the packet core and radio access network, as well as real-time insight into the sources of potential attacks, according to Arbor Networks Inc. The company points to recent research from Heavy Reading which found that 60% of mobile operators have had a network outage or service degradation lasting at least an hour due to malicious attacks. In addition, 60% of respondents said they do not have visibility into their mobile packet core infrastructure. Heavy Reading senior analyst Patrick Donegan said in a statement: "In today's environment, no one security approach is going to prevent all malicious traffic from reaching the mobile network. And nothing is going to stop the increasingly complex mix of protocols within the network from generating anomalous traffic behaviour. Mobile operators are increasingly looking for new ways to quickly visualize, identify and reduce security risks within the packet core." Mobile network security is one of a number of key topics that will feature at The Big Telecom Event (BTE), June 17/18 at the Sheraton Chicago Hotel and Towers. According to Tom Bienkowski, director of product marketing at Arbor, mobile operators' networks are threatened from both sides of the packet core -- that is, network attacks can originate from the fixed-line network over the Gi and SGi interfaces that sit between the packet core and external IP networks/public Internet, or they can come from devices, through malicious malware or non-malicious signalling storms. "Today, the majority of threats are coming from the fixed-line networks, but the emerging trend is for attacks to come from the other side of the network, through mobile malware," said Bienkowski. "That's why operators need a holistic view." But traffic anomalies do not always indicate a malicious attack on the network. Sometimes the unusual traffic patterns can be the result of a malfunction in the network or a signalling overload from user devices. The Peakflow Mobile Network Analysis provides a view of this signalling activity by collecting telemetry from the packet core and reporting operational and security insights. For example, the product provides detailed signalling flow behaviour between the serving GPRS support node (SGSN)/serving gateway (SGW)/ mobility management entity (MME) elements and the gateway GPRS support node (GGSN)/packet gateway (PGW) nodes, for real-time and retrospective analytics. It also detects and alerts operators to signalling message volumes, so that they can quickly identify causes. "Whether it's malicious or not, a threat is a threat and operators need to stop it," said Bienkowski. He added that Arbor has been doing IP traffic threat detection for 13 years in the fixed-line networks, and now that mobile packet core networks are IP-based, the company can apply its expertise in mobile networks. The Peakflow Mobile Network Analysis is currently in trials with an operator in Asia-Pacific and will soon start another trial with an operator in the Nordic region, according to Arbor. For more coverage of these issues, check out our Mobile Security content track. — Michelle Donegan, contributing editor, special to Light Reading Want to learn more about this topic? Check out the agenda for The Big Telecom Event (BTE), which will take place on June 17 and 18 at the Sheraton Chicago Hotel and Towers. The event combines the educational power of interactive conference sessions devised and hosted by Heavy Reading's experienced industry analysts with multi-vendor interoperability and proof-of-concept networking and application showcases. For more on the event, the topics and the stellar service provider speaker line-up, see Telecommunication Luminaries to Discuss the Hottest Industry Trends at Light Reading's Big Telecom Event in June. (5) \| Comment \| Email This \| Print \| RSS Comments Newest First \| Oldest First \| Threaded View [close this box] Login 50% 50% Joe Stanganelli, User Rank: Light Sabre 2/28/2014 \| 11:48:26 PM 60%!?!! Wow. Those are some statistics, Michelle. Any information or insight as to how this is impacting cyber insurance policy sales? Reply \| Post Message \| Messages List \| Start a Board Login 50% 50% Michelle, User Rank: Moderator 2/28/2014 \| 3:11:24 PM Tidy packets This sounds really impressive. I'm glad to see this kind of progress being made at the packet level. Mobile malware is absolutely growing. I'm curious to know if U.S. carriers plan to take advantage of this technology to defend their networks. Reply \| Post Message \| Messages List \| Start a Board Login 50% 50% mendyk, User Rank: Light Sabre 2/28/2014 \| 2:21:26 PM Blanket security In addition to being part of BTE, mobile security actually has two dedicated LR events this year, in May (London) and December (New York). Details are in the "Upcoming Live Events" box in the right-hand column of this page. Patrick Donegan of Heavy Reading is at the forefront of the mobile security awareness movement, and he is leading all LR events in this area. Operators need to find out now what they DON'T know about mobile network security, and from what we've seen so far, they DON'T know a lot. Reply \| Post Message \| Messages List \| Start a Board Login 50% 50% Carol Wilson, User Rank: Blogger 2/28/2014 \| 11:04:24 AM Re: Amazing that there is so little visibilty I'm not shocked at all - and I don't think it's a simple as a vendor issue. As Michelle's piece points out, the important thing is the holistic view and without the tools to create that, having a lot of information about how your network is performing scattered all around doesn't help you identify anomalies and potential problems/threats. Sometimes it's shocking there haven't been more problems... Reply \| Post Message \| Messages List \| Start a Board Login 50% 50% Ray@LR, User Rank: Blogger 2/28/2014 \| 8:22:00 AM Amazing that there is so little visibilty I am shocked at the lack of visibiity into the mobile packet core.... shouldn't this have been addressed by te IP router vendors? Reply \| Post Message \| Messages List \| Start a Board		Educational Resources sponsor supplied content Huawei CaaS - Monetizing Your Network Capabilities Monetizing Network Capabilities With CaaS: Riding The Service Exposure Revenue Wave CaaS Offers Operators Open Communication Capabilities Educational Resources Archive Flash Poll All Polls LRTV Video Reports Custom Videos A New Security Paradigm in SDN/NFV (0) Sprint's Network Evolution (0) The Software-Defined Operator (1) Numbers Are In: LR's 2014 Salary Survey (7) Driving the Network Transformation (0) Distributed NFV-Based Business Services ... (0) MRV â€“ Accelerating Packet Optical Convergence (0) NFV-Enabled Ethernet for Generating New ... (0) Symkloud NVF-Ready Video Transcoding, Big ... (0) The Evolving Role of Hybrid Video for ... (0) How CSPs Leverage Big Data in the Digital ... (2) Accelerator for Digital Business â€“ Future ... (0) LRTV Custom TV A New Security Paradigm in SDN/NFV 7\|28\|14 \| 02:54 \| (0) comments Paul Shaneck, Global Director Network Solutions for Symantec, discusses the evolving virtualized network, explaining how Symantec is leading the security discussion as it relates to SDN and NFV, and helping to ensure the network is protected and compliant. LRTV Documentaries Sprint's Network Evolution 7\|24\|14 \| 14:59 \| (0) comments Sprint's Jay Bluhm gives a keynote speech at the Big Telecom Event (BTE) about Sprint's network and services evolution strategy, including Spark. LRTV Documentaries BTE Keynote: The Software-Defined Operator 7\|24\|14 \| 18:43 \| (1) comment Deutsche Telekom's Axel Clauberg explains the concept of the software-defined operator to the Big Telecom Event (BTE) crowd. Light Reedy Numbers Are In: LR's 2014 Salary Survey 7\|24\|14 \| 1:25 \| (7) comments Our fourth annual Salary Survey paints a picture of who's hiring, firing, earning, and yearning for a change in the telecom industry. LRTV Custom TV Driving the Network Transformation 7\|23\|14 \| 4:29 \| (0) comments Intel's Sandra Rivera discusses network transformation and how Intel technologies, programs, and standards body efforts have helped the industry migration to SDN and NFV. LRTV Custom TV Distributed NFV-Based Business Services by RAD 7\|18\|14 \| 5:38 \| (0) comments With the ETSI-approved Distributed NFV PoC running in the background, RAD's CEO, Dror Bin, talks about why D-NFV makes compelling sense for service providers, and about the dollars and cents RAD is putting behind D-NFV. LRTV Custom TV MRV â€“ Accelerating Packet Optical Convergence 7\|15\|14 \| 6:06 \| (0) comments Giving you network insight to make your network smarter. LRTV Custom TV NFV-Enabled Ethernet for Generating New Revenues 7\|15\|14 \| 5:49 \| (0) comments Cyan's Planet Orchestrate allows service providers and their end-customers to activate software-based capabilities such as firewalls and encryption on top of existing Ethernet services in just minutes. LRTV Custom TV Symkloud NVF-Ready Video Transcoding, Big Data 7\|9\|14 \| 3:41 \| (0) comments Kontron and ISV partner Vantrix demonstrate high-performance video transcoding and data analytic solutions on same 2U standard platform that is ready for SDN and NFV deployments made by mobile, cable and cloud operators. LRTV Huawei Video Resource Center The Evolving Role of Hybrid Video for Competitive Success 7\|4\|14 \| 4:09 \| (0) comments At Huawei's Global Analysts Summit in Shenzhen, China, Steven C. Hawley from TV Strategies speaks to us about the evolving role of hybrid video for competitive success. LRTV Huawei Video Resource Center How CSPs Leverage Big Data in the Digital Economy 7\|4\|14 \| 4:48 \| (2) comments Justin van der Lande from Analysys Mason shares with us his views on how telecom operators can leverage customer asset monetization with big data. His discusses the current status of big data applications and the challenges and opportunities for telecom operators in the digital economy era. LRTV Huawei Video Resource Center Accelerator for Digital Business â€“ Future Oriented BSS 7\|4\|14 \| 3:08 \| (0) comments Mobile and internet are becoming intertwined; IT and CT are integrating; and leading CSPs have begun to transform to information service and entertainment providers. How should the BSS system evolve to enable this transformation? Karl Whitelock, an analyst at Frost & Sullivan, shares his views. A New Security Paradigm in SDN/NFV (0) Driving the Network Transformation (0) Distributed NFV-Based Business Services ... (0) MRV â€“ Accelerating Packet Optical Convergence (0) NFV-Enabled Ethernet for Generating New ... (0) Symkloud NVF-Ready Video Transcoding, Big ... (0) The Evolving Role of Hybrid Video for ... (0) How CSPs Leverage Big Data in the Digital ... (2) Accelerator for Digital Business â€“ Future ... (0) Orange Tunisia Discusses Multi-Band ... (0) How Telefonica Spain Considers Antenna ... (0) dtac Thailand: Multi-band Antenna & ... (0) LRTV Custom TV A New Security Paradigm in SDN/NFV 7\|28\|14 \| 02:54 \| (0) comments Paul Shaneck, Global Director Network Solutions for Symantec, discusses the evolving virtualized network, explaining how Symantec is leading the security discussion as it relates to SDN and NFV, and helping to ensure the network is protected and compliant. LRTV Custom TV Driving the Network Transformation 7\|23\|14 \| 4:29 \| (0) comments Intel's Sandra Rivera discusses network transformation and how Intel technologies, programs, and standards body efforts have helped the industry migration to SDN and NFV. LRTV Custom TV Distributed NFV-Based Business Services by RAD 7\|18\|14 \| 5:38 \| (0) comments With the ETSI-approved Distributed NFV PoC running in the background, RAD's CEO, Dror Bin, talks about why D-NFV makes compelling sense for service providers, and about the dollars and cents RAD is putting behind D-NFV. LRTV Custom TV MRV â€“ Accelerating Packet Optical Convergence 7\|15\|14 \| 6:06 \| (0) comments Giving you network insight to make your network smarter. LRTV Custom TV NFV-Enabled Ethernet for Generating New Revenues 7\|15\|14 \| 5:49 \| (0) comments Cyan's Planet Orchestrate allows service providers and their end-customers to activate software-based capabilities such as firewalls and encryption on top of existing Ethernet services in just minutes. LRTV Custom TV Symkloud NVF-Ready Video Transcoding, Big Data 7\|9\|14 \| 3:41 \| (0) comments Kontron and ISV partner Vantrix demonstrate high-performance video transcoding and data analytic solutions on same 2U standard platform that is ready for SDN and NFV deployments made by mobile, cable and cloud operators. LRTV Huawei Video Resource Center The Evolving Role of Hybrid Video for Competitive Success 7\|4\|14 \| 4:09 \| (0) comments At Huawei's Global Analysts Summit in Shenzhen, China, Steven C. Hawley from TV Strategies speaks to us about the evolving role of hybrid video for competitive success. LRTV Huawei Video Resource Center How CSPs Leverage Big Data in the Digital Economy 7\|4\|14 \| 4:48 \| (2) comments Justin van der Lande from Analysys Mason shares with us his views on how telecom operators can leverage customer asset monetization with big data. His discusses the current status of big data applications and the challenges and opportunities for telecom operators in the digital economy era. LRTV Huawei Video Resource Center Accelerator for Digital Business â€“ Future Oriented BSS 7\|4\|14 \| 3:08 \| (0) comments Mobile and internet are becoming intertwined; IT and CT are integrating; and leading CSPs have begun to transform to information service and entertainment providers. How should the BSS system evolve to enable this transformation? Karl Whitelock, an analyst at Frost & Sullivan, shares his views. LRTV Huawei Video Resource Center Orange Tunisia Discusses Multi-Band Antenna With EasyRET Solution 7\|4\|14 \| 2:45 \| (0) comments As new site acquisition becomes more difficult, Orange Tunisia has requested multi-band antenna to support UMTS and LTE innovation. Some things considered include reducing the cost of antenna maintenance and having high reliability antenna and EasyRET solution. LRTV Huawei Video Resource Center How Telefonica Spain Considers Antenna Selection for LTE Network Deployment 7\|4\|14 \| 2:19 \| (0) comments Tony Conlan, Global CTO of RAN, Telefonica, shares his opinion on antennas in LTE network deployment: Tower space is the premier requirement on antennas; reliability is important to reduce OPEX; and EasyRET solution will be helpful for antenna maintenance. LRTV Huawei Video Resource Center dtac Thailand: Multi-band Antenna & Capacity Solution for a Better MBB Experience 7\|3\|14 \| 3:45 \| (0) comments With the development of LTE, tower space and load are limited for new antenna, but users' capacity requirements are growing fast. To provide a better MBB experience, Panya Vechbanyongratana from dtac Thailand shared his experiences and antenna requirements. All LRTV Videos Upcoming Live Events!! NFV & the Data Center September 16, 2014, Santa Clara, CA Women in Telecom Breakfast @ NFV & the Data Center September 16, 2014, Santa Clara, CA Optimizing & Monetizing WiFi - Website Coming Soon! September 23, 2014, Denver, CO Backhaul Strategies for Mobile Operators October 29, 2014, New York City Next-Generation Network Components November 6, 2014, Santa Clara OSS in the Era of SDN & NFV: Evolution vs. Revolution- Website Coming Soon! November 6, 2014, London Telecom Analytics World - Website Coming Soon! November 11, 2014, Atlanta, GA The Future of Cable Business Services - Website Coming Soon! December 2, 2014, New York City Mobile Network Security Strategies - Website Coming Soon! December 3, 2014, New York City 2020 Vision December 9-10, 2014, Reykjavik, Iceland Cable Next-Gen Technologies & Strategies - Website Coming Soon! March 25, 2015, Denver, CO Big Telecom Event 2015 - Website Coming Soon! June 9-10, 2015, Chicago, IL Slideshows Pics From Comic-Con -- Honest! Post a Comment \| Read (13 comments) Pics: Cisco's IoT Fog Rolls Into Chicago (5) Photo Gallery: The Big Telecom Event Does the Loco-Motion (8) More Slideshows Infographics Management Needs in an Age of Network Change Packet Design asks network professionals how they handle the cloud, SDN, and network management. Post a Comment \| Read (0) App-Centric Mobile Operators on the Rise VoLTE in a Hybrid Network World Infographic Archive Today's Cartoon Vacation Special Caption Competition Click Here Latest Comment "Don't worry, we'll upgrade. The vacation continues!" Cartoon Archive Hot Topics Is Windstream Boldly Setting a New Trend? Carol Wilson, Editor-at-large, 7/29/2014 20 Sprint, T-Mobile: The Price War's On Sarah Reedy, Senior Editor, 7/30/2014 17 Pics From Comic-Con -- Honest! Mitch Wagner, West Coast Bureau Chief, Light Reading, 7/30/2014 13 If Not Muni Networks, Then What? Carol Wilson, Editor-at-large, 7/28/2014 13 Utilities Drive Connected Cars Into the Smart Grid Jason Meyers, Senior Editor, Utility Communications/IoT, 7/31/2014 12 Like Us on Facebook Twitter Feed Tweets about "from:Light_Reading OR #Light_Reading OR @Light_Reading" Upcoming Webinars August 27, 2014 Harnessing the Value of Predictive Orchestration in Today's Multivendor WAN Webinar Archive