& cplSiteName &

Evolving the Mobile Security Architecture Toward 5G

Patrick Donegan
2/24/2017
100%
0%

The announcement at RSA 2017 of the Cyber Threat Alliance (CTA) -- a non-profit trade association formed by several leading security vendors for sharing cyber threat intelligence -- is timely. It reminds us how much threat intelligence matters. And it reminds us that for large organizations with complex security requirements, such as communications service providers (CSPs), the scope and scale of their security capabilities is increasingly important.

In the mobile network sector, smartphones haven't inflicted attack impacts on the scale inflicted by PCs, servers and workstations. But the momentum in mobile threats is building. Android's vulnerabilities are well known. And with commercial malware discovered in the App Store for the first time in 2015, and a zero-day exploit uncovered in iOS in 2016, even the iPhone's famed security barriers have been found wanting.

As discussed in a new white paper, "Evolving the Mobile Security Architecture Toward 5G," 5G will be the first generation of cellular to launch in an era when the Internet is routinely weaponized. In addition to extending the 2G, 3G and 4G security framework, 5G will generate new security requirements. Think of security within and between different network slices; the threat posed by end devices capable of supporting throughput of up to 100 Mbit/s; and the security controls needed around remote medical procedures.

Operators are heavily reliant on implementing security from within the network. And here, the generally slow pace of network transformation by CSPs compares poorly with the much faster pace of Webscale Internet companies (WICs).

While there are several exceptions among the industry's leaders, most operators haven't made enough progress on virtualizing their networks. As supported by new data in the latest edition of Heavy Reading's Future of Virtualization Indexes -- see "Network Virtualization: The Road Gets Longer" -- most virtual network functions (VNFs) have been implemented in isolation from one another, with very little in the way of infrastructure sharing, automation or orchestration.

From a security standpoint, this matters a lot. Yes, the WICs have a tendency to outpace the CSPs in technology innovation. But so does the attacker community. In addition to being needed for revenue generation and opex reduction in general, the automated network scalability and agility of SDN and NFV are also needed to respond to the threat environment. Network security applications delivered more dynamically and at scale needs to be a primary driver of a more software-programmable approach -- not just an afterthought.

The telecom industry is arriving at a consensus that 5G requires a fully featured NFV Infrastructure (NFVI). The piecemeal virtualization model therefore runs out of road at the 5G inflection point. Given this emerging consensus, operators need to start evolving their networks now in a compatible direction. In that sense, 5G is injecting welcome momentum into software programmability, which can be leveraged to drive a more robust, fit-for-purpose mobile network security architecture as well.

Even as recently as the launch of 4G in 2009, the threat actors lined up against network operators and their customers posed nothing like the risk they posed today. Equally, the type of security artillery needed to protect against those threats has changed in just the last three or four years.

The sharing of threat intelligence by major security vendors in the Cyber Threat Alliance, as previously mentioned, is just one example of how the threat defense landscape is changing. Others include:

  • More software-programmable access controls for allowing differentiated access privileges for employees and partners with respect to corporate applications;

  • Leveraging of anomaly detection, so that malware that has evaded detection by conventional perimeter controls can be identified by its behavior within the network, including by deviations from the norm of a file’s own unique, historical behavior in the network.

  • Intense monitoring, pooling and analysis of DNS-related activity, given how frequently and lethally it is used as an attack vector (including the attacks on Dyn and Deutsche Telekom at the end of last year, leveraging the Mirai botnet).

  • The type of high-end cybersecurity personnel that operators need to design, implement and operate network security are in very short supply.

Convention dictates that operators build out all of their own security infrastructure. Yet changes in the threat and defensive landscapes in upcoming 5G standards, and in cloud networking capabilities, suggest that operators should pause to consider whether self-build is necessarily the right model for the future.

Operators need to reflect on how their own achievements to date compare with state-of-the-art levels of automation and orchestration in the cloud. They need to consider whether their own security resources, supported by multiple third-party security vendors, will be powerful enough to meet emerging security challenges.

Among the options that need to be considered is whether the uniquely critical area of security is one that operators should consider buying in outright from security specialists, by way of an infrastructure-as-a-service (IaaS) model.

IaaS is typically no more controversial to the IT side of an operator's business than it is in the case of any other enterprise. But run IaaS past the network side of the house, and it certainly is controversial. Other than outsourcing backhaul or transport networks to third parties, there isn't much of a precedent for it. However, technology, and technology business models, are evolving rapidly now. The nature of evolving mobile security requirements demands a willingness to think outside the box.

You can learn more about this topic by reading the new white paper, "Evolving the Mobile Security Architecture Toward 5G."

— Patrick Donegan, Contributing Analyst, Heavy Reading

This blog is sponsored by Cisco Systems.

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
More Blogs from Heavy Lifting Analyst Notes
NICs have evolved many times, and the smart NIC is the next step, offering a programmable resource that can be configured to provide additional CPU offload functions for different applications.
Operators are applying artificial intelligence and machine learning technologies to leverage the power of their new programmable, software-based networks.
This year's show evinced healthy interest in effectively using data and analytics to run telecom businesses better, but how well are operators actually doing with it?
FTTx rollouts need a more automated process for collecting and analyzing test results, and analytics could provide the answer.
Driven by web-scale Internet companies, three key trends – disaggregation in terminals, open line systems and 100G+ transponders – are reshaping the DCI market.
Featured Video
From The Founder
Light Reading is spending much of this year digging into the details of how automation technology will impact the comms market, but let's take a moment to also look at how automation is set to overturn the current world order by the middle of the century.
Flash Poll
Upcoming Live Events
November 30, 2017, The Westin Times Square
March 20-22, 2018, Denver Marriott Tech Center
May 14-17, 2018, Austin Convention Center
All Upcoming Live Events
Infographics
SmartNICs aren't just about achieving scale. They also have a major impact in reducing CAPEX and OPEX requirements.
Hot Topics
Nokia Bell Labs & Verizon Stretch Fixed 5G to the Home
Dan Jones, Mobile Editor, 11/13/2017
OEMs: Reliance Jio Wants Only Your Software
Craig Matsumoto, Editor-in-Chief, Light Reading, 11/10/2017
Broadband Fee Fight Gets Messy at the FCC
Mari Silbey, Senior Editor, Cable/Video, 11/10/2017
Animals with Phones
Why Cats Don't Run Tech Support Click Here
Live Digital Audio

Understanding the full experience of women in technology requires starting at the collegiate level (or sooner) and studying the technologies women are involved with, company cultures they're part of and personal experiences of individuals.

During this WiC radio show, we will talk with Nicole Engelbert, the director of Research & Analysis for Ovum Technology and a 23-year telecom industry veteran, about her experiences and perspectives on women in tech. Engelbert covers infrastructure, applications and industries for Ovum, but she is also involved in the research firm's higher education team and has helped colleges and universities globally leverage technology as a strategy for improving recruitment, retention and graduation performance.

She will share her unique insight into the collegiate level, where women pursuing engineering and STEM-related degrees is dwindling. Engelbert will also reveal new, original Ovum research on the topics of artificial intelligence, the Internet of Things, security and augmented reality, as well as discuss what each of those technologies might mean for women in our field. As always, we'll also leave plenty of time to answer all your questions live on the air and chat board.

Like Us on Facebook
Twitter Feed
Partner Perspectives - content from our sponsors
The Mobile Broadband Road Ahead
By Kevin Taylor, for Huawei
All Partner Perspectives