& cplSiteName &

Security & Virtualization: 'We Are All Screwed'

Elizabeth Miller Coyne
9/16/2016
50%
50%

DENVER -- NFV & Carrier SDN -- It's really as bad as you think it is when it comes to security in the world of NFV and SDN -- and the problem could get worse as more network functions are virtualized, according to the "Security in the Virtualization Era" panelists at the NFV & Carrier SDN event in Denver this week. In fact, according to Ray Watson, vice president, global technology, Masergy Communications Inc. , "We are all screwed."

After kicking off the panel with that bombshell, he went on to remind the packed house that today there is less time to respond to threats, because the bad guys are much faster to share known exploits and hacking discoveries. "We are tracking attacks in hours, and the day or two service providers used to have to patch breaches are long gone."

Panelist Ron Renwick, senior director of product marketing at Netronome , then threw himself on the identity theft sword and said, "I'm just going to tell you my social security number and get it over with."

In addition to hackers getting smarter by the second, Renwick noted, "It all comes back to a server or switch in a data center, they have to be contained and secure. If anything we are exacerbating the problem with distributed VNFs; we are solving one problem and creating more problems at the same time. How can you secure everything when you don't know where everything is?"

Security Shock Jocks
From left: Ron Renwick, senior director of product marketing, Netronome; Rob Sherwood, CTO, Big Switch Networks; Mike O'Malley, vice president strategy and business development, Radware; Ray Watson, vice president, Global Technology, Masergy; and Gary Sockrider, principal security technologist, Arbor Networks
From left: Ron Renwick, senior director of product marketing, Netronome; Rob Sherwood, CTO, Big Switch Networks; Mike O'Malley, vice president strategy and business development, Radware; Ray Watson, vice president, Global Technology, Masergy; and Gary Sockrider, principal security technologist, Arbor Networks

Indeed, the usual perimeter-based approach to securing service provider networks won't really work when virtual network functions (VNFs) and applications can be anywhere. And in an enterprise environment today, there are on-premise applications and private cloud applications which makes sandbagging the perimeter into the building impossible, said Mike O'Malley, vice president strategy and business development, for Radware Ltd. (Nasdaq: RDWR). "The applications are no longer in the building," said O'Malley.

But wait, there's more. It's now possible that the threats to one VNF are coming from another, housed in the same server, according to Watson.

One of the ongoing problems both network operators and enterprises face, however, is in finding cybersecurity experts: There are 250,000 vacant jobs today and that's expected to grow to 1 million by 2020, says Watson. "There is no indication that it's going to drop off."

The security experts didn't just dwell on the doom and gloom, however, but also discussed solutions to the crisis.

"Advancements being made in machine-to-machine and AI [artificial intelligence] are absolutely essential in fighting bad guys that are getting better," O'Malley said. "Solutions that can get better on the fly -- machine learning, AI -- and agility to deploy counter measures against a thinking enemy is required."

Arbor Networks' Gary Sockrider pointed to the ability to virtualize security as VNFs are created, delivering the right amount of security to fit a given application. And as Rob Sherwood, CTO of Big Switch Networks , said, small security teams with the right tools can be mighty. It's a "fallacy that if you hire more security professionals, you'll be more secure," he noted, adding that Google and Facebook have relatively small security teams.

Renwick added that the gap in skills and job market openings actually allows SDN to prove its worth. "This is where the opportunity of SDN applications with security come to bear," he said. "Having an SDN app that can look at all the probes, and detect and mitigate threats, takes the labor burden off the SOC. The business case around automation makes the service more profitable and solves labor issues."

— Elizabeth Miller Coyne, Managing Editor, Light Reading

(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
VPEngine46792
50%
50%
VPEngine46792,
User Rank: Light Beer
9/16/2016 | 7:44:13 PM
Re: Quelle surprise
Security with regards to SDN/NFV it just doesn't mean spinning up a FW or some other security instance. Security appliances obviously do lot of deep packet lookups and are  way complex than just configuring a security policy. If physicall appliances struggle to keep up with functional interactions then I doubt how well the virtual instances can cope up to. Btw, guess how many default usernames and passwords need to be changed to bringup the openstack controllers/neutron servers :-)

 
Kelsey Ziser
50%
50%
Kelsey Ziser,
User Rank: Blogger
9/16/2016 | 3:27:53 PM
Re: Quelle surprise
Ray delivered an Upskill U course on the changing face of security threats - see Big Data Analytics & Network Security. As you mentioned @Carol, Ray explained that hackers have easy access to very cheap tools but it's very expensive to combat their threats. He noted that "In addition to the challenges around data volume, the level of complexity around attacks has also increased exponentially."
mendyk
50%
50%
mendyk,
User Rank: Light Sabre
9/16/2016 | 1:55:18 PM
Re: Quelle surprise
We'll continue to have problems as long as we use 20th-century ID procedures. We'll still have problems even when we move those procedures into this century, but maybe a little less common.
cnwedit
50%
50%
cnwedit,
User Rank: Light Beer
9/16/2016 | 12:31:41 PM
Re: Quelle surprise
I moderated this panel and the first 15 minutes was pretty scary stuff. It used to be you needed skills to do hacking but now the tools are readily available for the amateur cyber criminal - or you can just outsource the dirty work to someone who is easily hired on the Internet, just like any other outsourcer. 
mendyk
50%
50%
mendyk,
User Rank: Light Sabre
9/16/2016 | 9:56:12 AM
Quelle surprise
In 1880, the number of fatalities worldwide that could be directly attributed to automobiles was exactly zero. But no one wants to go back to those days -- well, almost no one.
From The Founder
Either we perform a complete 'factory reset' on the way the telecom industry creates and deploys virtualization, or we face the consequences.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
LRTV Custom TV
The Urgency of Commercial 5G Services

4|26|17   |     |   (0) comments


The progress of 5G has been closely monitored in the industry. At the 2017 Brooklyn 5G Summit, the sense of urgency for a commercial 5G launch had started to surface among operators.
Women in Comms Introduction Videos
How Diversity Helps Comcast Mirror Its Customer Base

4|26|17   |   2:55   |   (0) comments


Diversity brings innovation, creative ideas and a way to reflect the broad spectrum of your customer base, Comcast Director of Customer Experience Jenelle Champlin says.
LRTV Huawei Video Resource Center
Mobile Operators & Video

4|25|17   |     |   (0) comments


Ovum's Ed Barton discusses the latest mobile operator strategies for mobile video.
LRTV Custom TV
Infinera Introduces Instant Network

4|20|17   |     |   (1) comment


Mike Capuano, vice president of marketing at Infinera, discusses the advancement from Instant Bandwidth to new Instant Network capabilities, which include Bandwidth License Pools, Moveable Licenses and Automated Capacity Engineering (ACE).
Women in Comms Introduction Videos
Vodafone's Eubank on Sponsors, Mentors & Moving On Up

4|19|17   |   4:25   |   (0) comments


Vodafone America's Head of Operations Kimberly Eubank breaks down the difference between a sponsor and a mentor and shares why both made a big difference in her career.
LRTV Custom TV
NYC Auto Show: Are We Smart Yet?

4|18|17   |     |   (0) comments


The auto industry is facing some big transformations as electric vehicles, autonomous technology and connected cars are seen as the future of the industry. During the much-anticipated NY international auto show, there was an emergence of new technology and mobility service on the show floor. Aside from performance, brands like Lincoln, Hyundai, Honda, Mercedes and ...
LRTV Huawei Video Resource Center
The Impact of Video

4|18|17   |     |   (0) comments


David Mercer from Strategy Analytics discusses the impact of video on current strategies.
LRTV Custom TV
Pardeep Kohli Discusses Network Transformation & the Market Opportunity for the 'New' Mavenir Systems

4|13|17   |     |   (0) comments


In a brief discussion at MWC 2017, Heavy Reading analyst Adi Kishore talks to Pardeep Kohli, CEO, Mavenir Systems about the creation of the 'new Mavenir' and some of the key challenges facing operators in today's market. A key theme of the discussion centers around operator need for software-only, virtualized solutions and how they will need to adapt to ...
Women in Comms Introduction Videos
Tech Maverick Shares Her Tips for Gender Inclusivity

4|12|17   |   7:28   |   (0) comments


Wendy Hall Bohling, a corporate escapee, author and gender exclusivity consultant, tells her story of sexism, bias and progress along the road to gender equality in the workforce.
LRTV Huawei Video Resource Center
Huawei at MWC 2017

4|11|17   |     |   (0) comments


At Mobile World Congress 2017, the biggest mobile industry gathering of the year, Huawei showcased its new innovations and solutions with the theme "Open Road," which focuses on cloud, 5G, operation transformation, videos and consumer-oriented products. Its campaign has been recognized by three awards given by GSMA.
LRTV Custom TV
China Telecom NFV Infrastructure on RSD

4|6|17   |     |   (0) comments


Lynn Comp, senior director of market development of Intel, is joined by Chong Zhang, storage engineer at Inspur and Ou Li Yan, architect for technology strategies of China Telecom, for a discussion of what NFV brings.
LRTV Custom TV
Nokia's IMPACT Software Demo

4|6|17   |     |   (0) comments


Khamis Abulgubein of IoT market development at Nokia demonstrates IMPACT (intelligent management platform for all connected things), a software solution with a horizontal approach to managing any device on any application.
Upcoming Live Events
May 15-17, 2017, Austin Convention Center, Austin, TX
May 15, 2017, Brazos Hall - Austin, TX
May 15, 2017, Austin Convention Center - Austin, TX
June 6, 2017, The Joule Hotel, Dallas, TX
All Upcoming Live Events
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
Surprise! AT&T Markets 4G Advances as '5G Evolution'
Dan Jones, Mobile Editor, 4/25/2017
Did Verizon Outbid AT&T for Straight Path?
Dan Jones, Mobile Editor, 4/25/2017
First Year TIPs the Scale Toward Success
Denise Culver, 4/24/2017
Netflix Set to Enter China
Mari Silbey, Senior Editor, Cable/Video, 4/25/2017
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
One of the nice bits of my job (other than the teeny tiny salary, obviously) is that I get to pick and choose who I interview for this slot on the Light Reading home ...
TEOCO Founder and CEO Atul Jain talks to Light Reading Founder and CEO Steve Saunders about the challenges around cost control and service monetization in the mobile and IoT sectors.
Live Digital Audio

Playing it safe can only get you so far. Sometimes the biggest bets have the biggest payouts, and that is true in your career as well. For this radio show, Caroline Chan, general manager of the 5G Infrastructure Division of the Network Platform Group at Intel, will share her own personal story of how she successfully took big bets to build a successful career, as well as offer advice on how you can do the same. We’ll cover everything from how to overcome fear and manage risk, how to be prepared for where technology is going in the future and how to structure your career in a way to ensure you keep progressing. Chan, a seasoned telecom veteran and effective risk taker herself, will also leave plenty of time to answer all your questions live on the air.