Securing 5G Networks: The Commercial & Technical Realities
The focus on business readiness that I took away from the halls of the Fira Gran Via exhibition center served to reinforce the importance of fully addressing the business of security requirements. Heavy Reading investigated this topic in a recently completed "5G Security Market Leadership Study (MLS)," a study-based survey developed with F5 Networks, Fortinet, NetNumber and Palo Alto Networks. This survey attracted 103 global respondents and included several questions related to use case-specific business models, technical challenges and preferred commercial architectures.
5G is service disruptive
One of the reasons a business focus is so important is that 5G is disruptive from a both a business and technical perspective. This was strongly reinforced in the MLS survey on several levels. For example, as illustrated in the figure below, 63% of the service provider respondents agreed that 5G would disrupt existing services models, including the delivery of managed security services. Moreover, this disruption would happen on multiple levels and drive a greater focus on both business-to-business (B2B) and business-to-consumer (B2B) models.
The need to focus on both is crucial, with 95% of the respondents agreeing in a B2B context and 76% agreeing in a B2C context. These inputs are also consistent with another trend I saw at MWC19: 5G will be a foundation enabler for both B2B- and B2C-based Internet of Things (IoT) services that are also rapidly maturing. In turn, IoT will introduce new managed security service opportunities, given IoT devices introduce new security concerns associated with identity management and policy enforcement -- especially when supported in a slice.
NSA has an edge
I specifically referenced slicing because 5G slicing is key to service delivery but also drives the need to introduce new security capabilities that typically run on the next-generation core (NGC) network. Therefore, as captured in the figure below, we investigated which 5G-specific use cases would be supported at commercial launch via 5G standalone mode (SA). The latter mode utilizes both the NGC network paired with 5G New Radio (NR) instead of utilizing the non-standalone (NSA) mode architecture, which pairs 5G NR with the existing 4G core. The information captured in the figure confirms a generally greater interest in launching 5G security services utilizing NSA. This translates into 55% to 65% of service providers planning to launch a common set of security use cases using the NSA option. While this does simplify security, it also limits the security service reach and business model richness of a number of these services.
This is one factor why I believe there is such a strong initial focus on cloud radio access network (RAN) security (65%) and core network signaling security capabilities (63%), which must be supported in any configuration. A secondary consideration is that it simplifies and pushes out the requirement to support 5G roaming on IP exchange (IPX) networks if the original core is used for launch. Additionally, the adoption of NSA translates into less initial complexity for evolving enterprise managed security services.
However, it's also important to document that a significant number of the service provider survey respondents (in the 35% to 45% range) plan to support a broad range of security use cases via SA mode. Thus, there is substantial interest in SA architecture to facilitate the support of advanced security services beyond the core and RAN.
Looking for more information? Plan to attend the Securing 5G Networks: Service Provider Perspectives webinar on March 19 or view the archived version, where we will present more of the research data from this survey.
— Jim Hodges, Principal Analyst, Cloud and Security, Heavy Reading This blog is sponsored by Fortinet.