The pace of 5G network rollouts continued to accelerate in 2020, but the strongest level of growth is yet to come. A key component of this future growth will be driven by the deployment of the 5G core (5GC) paired with the 5G RAN deployed in a standalone (SA) configuration. Implementing this SA configuration is a key factor in the 5G monetization equation since it enables the support of new capabilities, including high value slice-based services. In parallel, support of these new services and capabilities necessitates that communications service providers (CSPs) review their current security strategies.

In order to understand the security impacts of the introduction of the 5GC SA, Heavy Reading launched the 5G Core Security Market Leadership Study (MLS) in 3Q20. The survey-based study developed with sponsors A10 Networks, Ericsson, Hewlett Packard Enterprise (HPE), and NetNumber attracted 115 global survey respondents and addressed a broad range of security topics encompassing security investment priorities and threat mitigation strategies.

Slice-based services a key driver

One of the key takeaways from the study was that CSPs ranked access to slice-based services as a primary driver to migrate to the 5GC SA architecture. Additionally, as captured in the figure below, these same CSPs pragmatically believe that their enterprise customers will expect slices to be fully secured.

Survey respondents were asked to rank security slice capabilities based on customer expectations that these capabilities would be supported. According to the "extremely important — most customers will demand this be supported in slices" responses, all four of the options presented scored well.

Of these, automated lifecycle management achieved the highest ranking (38%), followed by slice hardening, automated and AI trust management (both 28%), and availability of protocols and authentication mechanisms such as mutual TLS (mTLS; 26%). These same capabilities attained even higher scores based on "important — some customers will demand this feature be support in slices" input. Slice hardening (60%) and authentication mechanisms such as mTLS (59%) led the way.

The message here is indisputable: Many enterprise customers expect that 5G security slices will be fully hardened and automated as 5GCs are commercialized.

Figure 1: 5GC security slices customer benefits Question: How important are the following potential 5GC network slicing-related security benefits to your customers? (n=111-112)
(Source: Heavy Reading)

TCO top of mind as vendor selection criterion

As with any new major mobile technology deployment decision, CSPs will need to assess current vendor relationships when making 5GC purchasing decisions. This process includes relationships with security vendors. The figure below explores this thread in more detail, focusing specifically on the factors that CSPs assess when choosing between best-of-breed or single-vendor security solutions for cloud-native 5GC or edge deployments.

When asked to rank specific purchasing criteria, total cost of ownership (TCO) is clearly the top-of-mind consideration based on "Ranking 1" inputs. TCO achieved a "Ranking 1" score of 65% compared to other attributes such as multi-vendor ecosystem support (32%), operational complexity (30%) and lifecycle management cost (29%).

This input validates the delicate balance that CSPs must maintain in purchasing security products. While CSPs recognize the need to minimize operational complexity and simplify onboarding/testing of security services in an expanded vendor ecosystem, the bottom line looms large. Thus, they need to be vigilant about the long-term financial implications of making single versus multiple vendor decisions. CSPs must consider not only the price they pay for security products, but also the cost to operate these products as they scale and monetize their 5GC.

Figure 2: Figure: 5GC vendor selection criteria Question: On a scale of 1 to 4 where 1 is most important and 4 is least important, please rank the importance of the following considerations when choosing between best-of-breed or single-vendor security solutions for cloud-native 5GC or edge deployments. (n=107-108)
(Source: Heavy Reading)

Looking for additional information?

Plan to watch this archived version of a recent webinar where we presented more of the research data from this study. You can register here: www.lightreading.com/webinar.asp?webinar_id=1638.

Download the accompanying white paper here: www.lightreading.com/lg_redirect.asp?piddl_lgid_docid=765482.

— Jim Hodges, Chief Analyst, Cloud & Security, Heavy Reading

This blog is sponsored by Ericsson.