Light Reading

Defending the Mobile Core

Michelle Donegan
News Analysis
Michelle Donegan
2/28/2014
50%
50%

BARCELONA -- Mobile World Congress 2014 -- Network security specialist Arbor Networks this week launched a traffic analysis product designed to give mobile operators visibility into their packet core networks so that they can detect attacks and prevent potentially widespread service outages.

With the new Peakflow Mobile Network Analysis, the company has extended its Peakflow product line, which tracks and detects anomalies in traffic flows in fixed-line backbone and datacenter networks, to provide the same level of visibility into mobile operators' core networks. And when used together, operators can have visibility and threat detection across their fixed and mobile networks from one management console.

One of the biggest challenges for mobile operators when it comes to network security is the lack of traffic visibility in the packet core and radio access network, as well as real-time insight into the sources of potential attacks, according to Arbor Networks Inc.

The company points to recent research from Heavy Reading which found that 60% of mobile operators have had a network outage or service degradation lasting at least an hour due to malicious attacks. In addition, 60% of respondents said they do not have visibility into their mobile packet core infrastructure.

Heavy Reading senior analyst Patrick Donegan said in a statement: "In today's environment, no one security approach is going to prevent all malicious traffic from reaching the mobile network. And nothing is going to stop the increasingly complex mix of protocols within the network from generating anomalous traffic behaviour. Mobile operators are increasingly looking for new ways to quickly visualize, identify and reduce security risks within the packet core."


Mobile network security is one of a number of key topics that will feature at The Big Telecom Event (BTE), June 17/18 at the Sheraton Chicago Hotel and Towers.


According to Tom Bienkowski, director of product marketing at Arbor, mobile operators' networks are threatened from both sides of the packet core -- that is, network attacks can originate from the fixed-line network over the Gi and SGi interfaces that sit between the packet core and external IP networks/public Internet, or they can come from devices, through malicious malware or non-malicious signalling storms.

"Today, the majority of threats are coming from the fixed-line networks, but the emerging trend is for attacks to come from the other side of the network, through mobile malware," said Bienkowski. "That's why operators need a holistic view."

But traffic anomalies do not always indicate a malicious attack on the network. Sometimes the unusual traffic patterns can be the result of a malfunction in the network or a signalling overload from user devices.

The Peakflow Mobile Network Analysis provides a view of this signalling activity by collecting telemetry from the packet core and reporting operational and security insights. For example, the product provides detailed signalling flow behaviour between the serving GPRS support node (SGSN)/serving gateway (SGW)/ mobility management entity (MME) elements and the gateway GPRS support node (GGSN)/packet gateway (PGW) nodes, for real-time and retrospective analytics. It also detects and alerts operators to signalling message volumes, so that they can quickly identify causes.

"Whether it's malicious or not, a threat is a threat and operators need to stop it," said Bienkowski. He added that Arbor has been doing IP traffic threat detection for 13 years in the fixed-line networks, and now that mobile packet core networks are IP-based, the company can apply its expertise in mobile networks.

The Peakflow Mobile Network Analysis is currently in trials with an operator in Asia-Pacific and will soon start another trial with an operator in the Nordic region, according to Arbor.

For more coverage of these issues, check out our Mobile Security content track.

— Michelle Donegan, contributing editor, special to Light Reading


Want to learn more about this topic? Check out the agenda for The Big Telecom Event (BTE), which will take place on June 17 and 18 at the Sheraton Chicago Hotel and Towers. The event combines the educational power of interactive conference sessions devised and hosted by Heavy Reading's experienced industry analysts with multi-vendor interoperability and proof-of-concept networking and application showcases. For more on the event, the topics and the stellar service provider speaker line-up, see Telecommunication Luminaries to Discuss the Hottest Industry Trends at Light Reading's Big Telecom Event in June.


(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Light Sabre
2/28/2014 | 11:48:26 PM
60%!?!!
Wow.  Those are some statistics, Michelle.  Any information or insight as to how this is impacting cyber insurance policy sales?
Michelle
50%
50%
Michelle,
User Rank: Moderator
2/28/2014 | 3:11:24 PM
Tidy packets
This sounds really impressive. I'm glad to see this kind of progress being made at the packet level. Mobile malware is absolutely growing. I'm curious to know if U.S. carriers plan to take advantage of this technology to defend their networks.
mendyk
50%
50%
mendyk,
User Rank: Light Sabre
2/28/2014 | 2:21:26 PM
Blanket security
In addition to being part of BTE, mobile security actually has two dedicated LR events this year, in May (London) and December (New York). Details are in the "Upcoming Live Events" box in the right-hand column of this page. Patrick Donegan of Heavy Reading is at the forefront of the mobile security awareness movement, and he is leading all LR events in this area. Operators need to find out now what they DON'T know about mobile network security, and from what we've seen so far, they DON'T know a lot.
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
2/28/2014 | 11:04:24 AM
Re: Amazing that there is so little visibilty
I'm not shocked at all - and I don't think it's a simple as a vendor issue. As Michelle's piece points out, the important thing is the holistic view and without the tools to create that, having a lot of information about how your network is performing scattered all around doesn't help you identify anomalies and potential problems/threats. 

Sometimes it's shocking there haven't been more problems...
Ray@LR
50%
50%
Ray@LR,
User Rank: Blogger
2/28/2014 | 8:22:00 AM
Amazing that there is so little visibilty
I am shocked at the lack of visibiity into the mobile packet core.... shouldn't this have been addressed by te IP router vendors?
Flash Poll
From The Founder
Last week I dropped in on "Hotlanta," Georgia to moderate Light Reading's inaugural DroneComm conference – a unique colloquium investigating the potential for drone communications to disrupt the world's telecom ecosystem. As you will see, it was a day of exploration and epiphany...
LRTV Documentaries
Verizon's Emmons: SDN Key to Cost-Effective Scaling

5|22|15   |   03:53   |   (0) comments


For Verizon and other network operators to ramp up available bandwidth cost effectively, they need to move to SDN and agree on how to do that.
LRTV Documentaries
Lack of Universal SDN a Challenge

5|21|15   |   04:51   |   (3) comments


Heavy Reading Analyst Sterling Perrin talks about how uncertainty about SDN standards and approaches may be slowing deployment.
LRTV Custom TV
Steve Vogelsang Interview: Carrier SDN

5|20|15   |   05:02   |   (0) comments


Sterling Perrin speaks to Steve Vogelsang, Alcatel-Lucent CTO for IP Routing & Transport business, about the new Carrier SDN-enabling Network Services Platform and the operator challenges it solves.
LRTV Custom TV
Carrier SDN: On-Demand Networks for an On-Demand World

5|20|15   |   20:52   |   (0) comments


Steve Vogelsang, Alcatel-Lucent CTO for IP Routing & Transport business, talks about requirements and benefits of Carrier SDN during the keynote address at the Light Reading Carrier SDN event May 2015.
LRTV Documentaries
The Security Challenge of SDN

5|19|15   |   02:52   |   (0) comments


CenturyLink VP James Feger discusses concerns that virtualization could create new vulnerabilities unless network operators build in safeguards.
LRTV Custom TV
NFV Elasticity – Highly Available VNF Scale-Out Architectures for the Mobile Edge

5|18|15   |   5:50   |   (0) comments


Peter Marek and Paul Stevens from Advantech Networks and Communications Group talk about their NFV Elasticity initiative and the company's latest platforms for deploying virtual network functions at the edge of the network. Packetarium XL and the new Versatile Server Module: 'designed to reach parts of the network that other servers cannot reach.'
LRTV Huawei Video Resource Center
Bay Area Spark Meetup 2015

5|14|15   |   3:54   |   (0) comments


Developed in 2009, Apache Spark is a powerful open source processing engine built around speed, ease of use and sophisticated analytics. This spring, Huawei hosted a meetup for Spark developers and data scientists in Santa Clara, California. Light Reading spoke with organizers and attendees about Huawei's code contributions and long-term commitment to Spark.
LRTV Custom TV
The Transport SDN Buzz

5|12|15   |   06:01   |   (1) comment


Sterling Perrin, senior analyst at Heavy Reading, speaks with Peter Ashwood-Smith of Huawei and Guru Parulkar of ON.Lab about the evolution of transport SDN and the integration of technologies.
LRTV Custom TV
Next-Generation CCAP: Cisco cBR-8 Evolved CCAP

5|5|15   |   04:49   |   (0) comments


John Chapman, Cisco's CTO of Cable Access Business Unit and Cisco Fellow, explained the innovation design of Cisco's cBR-8, the industry's first Evolved CCAP, including DOCSIS 3.1 design from ground-up, distributed CCAP with Remote PHY and path to virtualization. Cisco's cBR-8 Evolved CCAP is the platform that will last through the transitions.
LRTV Custom TV
Meeting the Demands of Bandwidth & Service Group Growth

5|1|15   |   5:35   |   (0) comments


Jorge Salinger, Comcast's Vice President of Access Architecture, explains how DOCSIS 3.1 and multi-service CCAP can meet the demands of the bandwidth and service group growth.
LRTV Custom TV
DOCSIS 3.1: Transforming Cable From Hardware-Defined Network to Software-Defined Network

4|29|15   |   03:48   |   (0) comments


John Chapman, Cisco's CTO of Cable Access Business Unit and Cisco Fellow, explains how DOCSIS 3.1 can transform cable HFC network to a more agile software-defined network.
LRTV Huawei Video Resource Center
Predicting Traffic Patterns for Quality Mobile Broadband

4|29|15   |   6:45   |   (0) comments


Accessing information ubiquitously creates complexity and creates heavy traffic onto the network, especially at large-scale events like sporting events or festivals. In this video, Huawei's Mohammad Hussain speaks to experts about how to predict traffic and improve user experience during periods of heavy traffic.
Upcoming Live Events
June 8, 2015, Chicago, IL
June 9, 2015, Chicago, IL
June 9-10, 2015, Chicago, IL
June 10, 2015, Chicago, IL
September 29-30, 2015, The Westin Grand Müchen, Munich, Germany
October 6, 2015, The Westin Peachtree Plaza, Atlanta, GA
October 6, 2015, Westin Peachtree Plaza, Atlanta, GA
All Upcoming Live Events
Infographics
Network functions virtualization (NFV) is not the easiest of topics to take on board, so here's a Light Reading infographic, developed following conversations with the folks at HP, that helps make sense of where NFV is taking the industry.
Hot Topics
Verizon Saves 60% Swapping Copper for Fiber
Sarah Thomas, Editorial Operations Director, 5/19/2015
Choosing a Technology Supplier? Consider Changing Your Selection Criteria
Steve Saunders, CEO and founder, Light Reading, 5/18/2015
10 Alternate Uses for Tablets
Eryn Leavens, Copy Desk Editor, 5/22/2015
Chattanooga Charts Killer Gigabit Apps
Mari Silbey, Senior Editor, Cable/Video, 5/20/2015
Bidding War for TWC Looks Likelier
Alan Breznick, Cable/Video Practice Leader, 5/22/2015
Like Us on Facebook
Twitter Feed
Webinar Archive
BETWEEN THE CEOs - Executive Interviews
With 200 customers in 60 countries, Stockholm-based Net Insight has carved out a solid leadership position in one of the hottest vertical markets going in comms right now: helping service providers and broadcasters deliver video and other multimedia traffic over IP networks. How has Net Insight managed to achieve this success in the face of immense competition from the industry giants?
My ongoing interview tour of the leading minds of the telecom industry recently took me to Richardson, Texas, where I met with Rod Naphan, CTO and SVP, Solutions, ...
I recently popped down to Texas to chat with CEO Eric L. Pratt about his company, Taqua.
Cats with Phones