Light Reading
Arbor extends its network security reach into the packet core.

Defending the Mobile Core

Michelle Donegan
News Analysis
Michelle Donegan
2/28/2014
50%
50%

BARCELONA -- Mobile World Congress 2014 -- Network security specialist Arbor Networks this week launched a traffic analysis product designed to give mobile operators visibility into their packet core networks so that they can detect attacks and prevent potentially widespread service outages.

With the new Peakflow Mobile Network Analysis, the company has extended its Peakflow product line, which tracks and detects anomalies in traffic flows in fixed-line backbone and datacenter networks, to provide the same level of visibility into mobile operators' core networks. And when used together, operators can have visibility and threat detection across their fixed and mobile networks from one management console.

One of the biggest challenges for mobile operators when it comes to network security is the lack of traffic visibility in the packet core and radio access network, as well as real-time insight into the sources of potential attacks, according to Arbor Networks Inc.

The company points to recent research from Heavy Reading which found that 60% of mobile operators have had a network outage or service degradation lasting at least an hour due to malicious attacks. In addition, 60% of respondents said they do not have visibility into their mobile packet core infrastructure.

Heavy Reading senior analyst Patrick Donegan said in a statement: "In today's environment, no one security approach is going to prevent all malicious traffic from reaching the mobile network. And nothing is going to stop the increasingly complex mix of protocols within the network from generating anomalous traffic behaviour. Mobile operators are increasingly looking for new ways to quickly visualize, identify and reduce security risks within the packet core."


Mobile network security is one of a number of key topics that will feature at The Big Telecom Event (BTE), June 17/18 at the Sheraton Chicago Hotel and Towers.


According to Tom Bienkowski, director of product marketing at Arbor, mobile operators' networks are threatened from both sides of the packet core -- that is, network attacks can originate from the fixed-line network over the Gi and SGi interfaces that sit between the packet core and external IP networks/public Internet, or they can come from devices, through malicious malware or non-malicious signalling storms.

"Today, the majority of threats are coming from the fixed-line networks, but the emerging trend is for attacks to come from the other side of the network, through mobile malware," said Bienkowski. "That's why operators need a holistic view."

But traffic anomalies do not always indicate a malicious attack on the network. Sometimes the unusual traffic patterns can be the result of a malfunction in the network or a signalling overload from user devices.

The Peakflow Mobile Network Analysis provides a view of this signalling activity by collecting telemetry from the packet core and reporting operational and security insights. For example, the product provides detailed signalling flow behaviour between the serving GPRS support node (SGSN)/serving gateway (SGW)/ mobility management entity (MME) elements and the gateway GPRS support node (GGSN)/packet gateway (PGW) nodes, for real-time and retrospective analytics. It also detects and alerts operators to signalling message volumes, so that they can quickly identify causes.

"Whether it's malicious or not, a threat is a threat and operators need to stop it," said Bienkowski. He added that Arbor has been doing IP traffic threat detection for 13 years in the fixed-line networks, and now that mobile packet core networks are IP-based, the company can apply its expertise in mobile networks.

The Peakflow Mobile Network Analysis is currently in trials with an operator in Asia-Pacific and will soon start another trial with an operator in the Nordic region, according to Arbor.

For more coverage of these issues, check out our Mobile Security content track.

Michelle Donegan, contributing editor, special to Light Reading


Want to learn more about this topic? Check out the agenda for The Big Telecom Event (BTE), which will take place on June 17 and 18 at the Sheraton Chicago Hotel and Towers. The event combines the educational power of interactive conference sessions devised and hosted by Heavy Reading's experienced industry analysts with multi-vendor interoperability and proof-of-concept networking and application showcases. For more on the event, the topics and the stellar service provider speaker line-up, see Telecommunication Luminaries to Discuss the Hottest Industry Trends at Light Reading's Big Telecom Event in June.


(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Light Sabre
2/28/2014 | 11:48:26 PM
60%!?!!
Wow.  Those are some statistics, Michelle.  Any information or insight as to how this is impacting cyber insurance policy sales?
Michelle
50%
50%
Michelle,
User Rank: Moderator
2/28/2014 | 3:11:24 PM
Tidy packets
This sounds really impressive. I'm glad to see this kind of progress being made at the packet level. Mobile malware is absolutely growing. I'm curious to know if U.S. carriers plan to take advantage of this technology to defend their networks.
mendyk
50%
50%
mendyk,
User Rank: Light Sabre
2/28/2014 | 2:21:26 PM
Blanket security
In addition to being part of BTE, mobile security actually has two dedicated LR events this year, in May (London) and December (New York). Details are in the "Upcoming Live Events" box in the right-hand column of this page. Patrick Donegan of Heavy Reading is at the forefront of the mobile security awareness movement, and he is leading all LR events in this area. Operators need to find out now what they DON'T know about mobile network security, and from what we've seen so far, they DON'T know a lot.
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
2/28/2014 | 11:04:24 AM
Re: Amazing that there is so little visibilty
I'm not shocked at all - and I don't think it's a simple as a vendor issue. As Michelle's piece points out, the important thing is the holistic view and without the tools to create that, having a lot of information about how your network is performing scattered all around doesn't help you identify anomalies and potential problems/threats. 

Sometimes it's shocking there haven't been more problems...
Ray@LR
50%
50%
Ray@LR,
User Rank: Blogger
2/28/2014 | 8:22:00 AM
Amazing that there is so little visibilty
I am shocked at the lack of visibiity into the mobile packet core.... shouldn't this have been addressed by te IP router vendors?
Flash Poll
LRTV Custom TV
A New Security Paradigm in SDN/NFV

7|28|14   |   02:54   |   (0) comments


Paul Shaneck, Global Director Network Solutions for Symantec, discusses the evolving virtualized network, explaining how Symantec is leading the security discussion as it relates to SDN and NFV, and helping to ensure the network is protected and compliant.
LRTV Documentaries
Sprint's Network Evolution

7|24|14   |   14:59   |   (0) comments


Sprint's Jay Bluhm gives a keynote speech at the Big Telecom Event (BTE) about Sprint's network and services evolution strategy, including Spark.
LRTV Documentaries
BTE Keynote: The Software-Defined Operator

7|24|14   |   18:43   |   (1) comment


Deutsche Telekom's Axel Clauberg explains the concept of the software-defined operator to the Big Telecom Event (BTE) crowd.
Light Reedy
Numbers Are In: LR's 2014 Salary Survey

7|24|14   |   1:25   |   (7) comments


Our fourth annual Salary Survey paints a picture of who's hiring, firing, earning, and yearning for a change in the telecom industry.
LRTV Custom TV
Driving the Network Transformation

7|23|14   |   4:29   |   (0) comments


Intel's Sandra Rivera discusses network transformation and how Intel technologies, programs, and standards body efforts have helped the industry migration to SDN and NFV.
LRTV Custom TV
Distributed NFV-Based Business Services by RAD

7|18|14   |   5:38   |   (0) comments


With the ETSI-approved Distributed NFV PoC running in the background, RAD's CEO, Dror Bin, talks about why D-NFV makes compelling sense for service providers, and about the dollars and cents RAD is putting behind D-NFV.
LRTV Custom TV
MRV – Accelerating Packet Optical Convergence

7|15|14   |   6:06   |   (0) comments


Giving you network insight to make your network smarter.
LRTV Custom TV
NFV-Enabled Ethernet for Generating New Revenues

7|15|14   |   5:49   |   (0) comments


Cyan's Planet Orchestrate allows service providers and their end-customers to activate software-based capabilities such as firewalls and encryption on top of existing Ethernet services in just minutes.
LRTV Custom TV
Symkloud NVF-Ready Video Transcoding, Big Data

7|9|14   |   3:41   |   (0) comments


Kontron and ISV partner Vantrix demonstrate high-performance video transcoding and data analytic solutions on same 2U standard platform that is ready for SDN and NFV deployments made by mobile, cable and cloud operators.
LRTV Huawei Video Resource Center
The Evolving Role of Hybrid Video for Competitive Success

7|4|14   |   4:09   |   (0) comments


At Huawei's Global Analysts Summit in Shenzhen, China, Steven C. Hawley from TV Strategies speaks to us about the evolving role of hybrid video for competitive success.
LRTV Huawei Video Resource Center
How CSPs Leverage Big Data in the Digital Economy

7|4|14   |   4:48   |   (2) comments


Justin van der Lande from Analysys Mason shares with us his views on how telecom operators can leverage customer asset monetization with big data. His discusses the current status of big data applications and the challenges and opportunities for telecom operators in the digital economy era.
LRTV Huawei Video Resource Center
Accelerator for Digital Business – Future Oriented BSS

7|4|14   |   3:08   |   (0) comments


Mobile and internet are becoming intertwined; IT and CT are integrating; and leading CSPs have begun to transform to information service and entertainment providers. How should the BSS system evolve to enable this transformation? Karl Whitelock, an analyst at Frost & Sullivan, shares his views.
Upcoming Live Events!!
September 16, 2014, Santa Clara, CA
September 16, 2014, Santa Clara, CA
October 29, 2014, New York City
November 6, 2014, Santa Clara
November 11, 2014, Atlanta, GA
December 9-10, 2014, Reykjavik, Iceland
June 9-10, 2015, Chicago, IL
Infographics
Packet Design asks network professionals how they handle the cloud, SDN, and network management.
Today's Cartoon
Vacation Special Caption Competition Click Here
Latest Comment
Hot Topics
Is Windstream Boldly Setting a New Trend?
Carol Wilson, Editor-at-large, 7/29/2014
Sprint, T-Mobile: The Price War's On
Sarah Reedy, Senior Editor, 7/30/2014
Pics From Comic-Con -- Honest!
Mitch Wagner, West Coast Bureau Chief, Light Reading, 7/30/2014
If Not Muni Networks, Then What?
Carol Wilson, Editor-at-large, 7/28/2014
Utilities Drive Connected Cars Into the Smart Grid
Jason Meyers, Senior Editor, Utility Communications/IoT, 7/31/2014
Like Us on Facebook
Twitter Feed