SDN & NFV Amplify Security Threat – Allot

Iain Morris
6/17/2015
50%
50%

The use of SDN and NFV technologies could further expose telecom networks to cyber attacks, according to a senior executive from Israel's Allot Communications.

Jay Klein, Allot Ltd. (Nasdaq: ALLT)'s CTO, has issued a stark warning that SDN could "amplify" the security problem by "creating lots of stupid nodes reporting back to a central location."

"The central location has better visibility of what's happening on the complete network but if you attack that central location you can kill off the network," he told attendees gathered at Light Reading's recent Big Telecom Event in Chicago.

The Allot executive blamed the introduction of software components for exposing networks to attack and said that infrastructure would be more "physically protected" if these technologies were not used.

Klein's comments are controversial given the growing interest in SDN and NFV technologies, which operators around the world are deploying to improve their service agility and efficiency.

Moreover, some players believe these New IP technologies will actually help them to address their security concerns.

"We see the ability for SDN to be able to interconnect the security platform with the network to improve SLAs [service level agreements]," said Joseph Dahan, the vice president of global business development at Compass Networks (formerly known as Compass-EOS), who was speaking on the same panel session as Klein at BTE. "Japan's Olympics chair says the single biggest problem is cyber attacks and the Japanese are looking at SDN to do something about it."

Japan is set to host the 2020 Olympic Games in the capital city of Tokyo and the country's telecom operators are investing heavily in next-generation technologies to support coverage of the event.


Want to know more about the emerging SDN market? Check out our dedicated SDN content channel here on Light Reading.


Speaking more broadly about the cyber-security issue, Dahan said that distributed denial of service (DDoS) attacks represented "the single biggest threat on the Internet right now," noting the high-profile attack on GitHub, a coding site, that took place in March this year.

Experts reckon the Chinese government may have been behind the DDoS attack on GitHub, which was hosting an activist website that is banned in China.

Similar attacks may also have led to revenue losses for companies including Sony Corp. (NYSE: SNE) and Microsoft Corp. (Nasdaq: MSFT).

In December last year, Sony's PlayStation store and Microsoft's Xbox Live network both suffered disruption because of DDoS attacks.

Even so, Dave Ostertag, the global investigation manager for US operator Verizon Communications Inc. (NYSE: VZ), thinks the industry has so far been doing a good job of countering the cyber security threat despite a surge in volumes.

"We're seeing volumes like never before," he told BTE attendees. "But while they are massive in nature they don't last long -- if there is disruption it tends to be short."

Nevertheless, Dahan insists the industry is poorly equipped to deal with an escalation in DDoS attacks. "The biggest attack we have seen was 400 Gbit/s -- that is massive and routers just cannot cope," he said. "A big problem is that enterprises are complaining about a lack of resources and being tasked to do more with less, so how do they manage?" (See BTE 2015: Spare a Thought for the Network Security Team.)

Earlier this year, software company Arbor Networks said there had recently been a return to the use of such "big volumetrics" among cyber criminals who were previously focused on much stealthier application-layer attacks. (See Anti-Spoofing Decline 'Bad News' for Security.)

According to Arbor, cyber criminals have been exploiting a widespread lack of anti-spoofing filters, which prevent attackers from faking IP addresses to carry out attacks using so called reflection/amplification techniques.

— Iain Morris, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profile, News Editor, Light Reading

(2)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
bosco_pcs
50%
50%
bosco_pcs,
User Rank: Light Sabre
6/18/2015 | 6:56:43 PM
But security should be part of the consideration
That is why people go with one-stop shops like Cisco ($CSCO) or deploy specialists like Ixia ($XXIA)
iainmorris
50%
50%
iainmorris,
User Rank: Blogger
6/17/2015 | 11:56:36 AM
Software invites attacks
Allot's Jay Klein has written to us to elaborate on and clarify his points. He says:

"'Software' invites attacks. Changing a known network topology to something new (for the right reason) invites attacks. Claiming that what was good in the 'old' days will be good for the future has proven more than once wrong with security issues. With NFV the situation is even worse as for sure we will have virtual OS exploits which will be used to allocate resources until exhaustion. For example, no one anticipated in the past that a JPG file can carry malware until some dynamic memory allocation bug was used as the infection mechanism. The bottom line -- we cannot assume that we (operators, equipment manufacturers) evolve and hackers just will be lagging behind staying at their 'primitive' state re-using all already known infection/attacks tricks. I'm not stating that NFV or SDN won't work. We just need to be cautious and less errogant with our bullet proof assumptions."
Featured Video
Flash Poll
Upcoming Live Events
September 17-19, 2019, Dallas, Texas
October 1-2, 2019, New Orleans, Louisiana
October 10, 2019, New York, New York
October 22, 2019, Los Angeles, CA
November 5, 2019, London, England
November 7, 2019, London, UK
December 3, 2019, New York, New York
December 3-5, 2019, Vienna, Austria
March 16-18, 2020, Embassy Suites, Denver, Colorado
May 18-20, 2020, Irving Convention Center, Dallas, TX
All Upcoming Live Events