SPONSORED: Heavy Reading's research confirms there is no shortage of 5GC SA-related security concerns to be addressed before commercial launch and that the right mix of security strategy attributes will be vital to minimizing apprehension.

Jim Hodges, Chief Analyst - Cloud and Security, Heavy Reading

December 11, 2020

4 Min Read
Standalone security: Strategic attributes and implementation concerns

As communications service providers (CSPs) take the final steps to deploy their standalone (SA) 5G core (5GC), they are also putting their security strategies to the test. Successful execution of these strategies is vital to ensure not only network performance, but also a positive customer experience.

In order to understand the extensive scope of the security impacts of the introduction of the 5GC SA, Heavy Reading launched the "5G Core Security Market Leadership Study" (MLS) in 3Q20. The survey-based study developed with sponsors A10 Networks, Ericsson, Hewlett Packard Enterprise (HPE) and NetNumber attracted 115 global survey respondents and addressed a broad range of security topics encompassing security investment priorities and threat mitigation strategies.

No shortage of security concerns

As with any major technology introduction, security concerns were anticipated. However, in many respects, the introduction of the 5GC in SA configuration goes well beyond the normal major technical deployment since several new categories of impacts must be considered. These encompass the introduction of ultra-low latency cloud-based services delivered in an edge compute environment and potentially in a slice-based configuration, both of which demand some level of automated policy and security monitoring adoption.

Additionally, the shift to a services-based architecture (SBA) introduces the need to secure API exposure as well as the accompanying software disaggregation model. This will enable microservices to be reused by external API developers to drive 5G service innovation. When we look at the 5GC SA in this context, there are multiple generational impacts that must be addressed in an effective standalone security strategy.

The input from the survey respondents confirmed that these new security requirements were a major source of concerns for at least two-thirds of the survey respondents. For example, as illustrated in the figure below, there was no shortage of "extremely concerned" or "concerned" responses.

Of these, the top fears in the "extremely concerned" category were malware-centric, focusing on the utilization of cross network activation to inject malware into legitimate slices (25%) or the creation of attacker created slice instances (23%). There were even concerns that manual and automated software upgrades to core nodes would facilitate the introduction of malware (22%).

API exposure in core nodes (21%) and automated or manual software upgrades in edge nodes (21%) were very much top of mind as well.

The top three "concerned" responses also related to apprehension that manual or automated software updates in either edge (53%) or core nodes (50%) could facilitate the introduction of malware attacks or other attack vectors. Similarly, API exposure (52%) in core nodes was also a major source of angst.

In contrast, only about a third of respondents indicated they were either only "somewhat concerned" (21–28%) or "not concerned" (4–6%) compared to the approximately two-thirds of "extremely concerned" or "concerned" respondents. Based on this data, it is readily apparent the introduction of API exposure, automation and sliced-based services injects formidable security challenges that CSPs must fully navigate before 5GC commercial implementation.

Figure 1: 5GC security scenarios Question: The 5GC will introduce new requirements. How concerned are you that the following scenarios will impact your ability to secure the 5GC network? (n=110-112) (Source: Heavy Reading) Question: The 5GC will introduce new requirements. How concerned are you that the following scenarios will impact your ability to secure the 5GC network? (n=110–112)
(Source: Heavy Reading)

No shortage of strategic attributes

In order to address these concerns, CSPs must ensure that the key attributes of their security strategies are programmable enough to support core functions such as security monitoring, orchestration and control mechanisms.

The figure below reinforces this requirement. For instance, based on "critical" inputs, attributes such as support of microservices-based security services (34%), ability to monitor traffic and control signals between network functions (33%), management and orchestration (33%), and centralized and customizable network function and service access control (33%) all stood out.

Swappable open platforms that avoid single-vendor lock-in (31%) and centralized data control (31%), as well as other open network-related attributes such as open software and interfaces (24%), also factored prominently into the equation.

Heavy Reading interprets this input as confirming that the attributes of a viable 5GC standalone security strategy must consider the impacts of slices, APIs and automation. At the same time, they must also integrate the bedrock principles of software and hardware openness to provide the requisite level of vendor flexibility that will be crucial to executing standalone security strategies in the commercial world that awaits.

Figure 2: 5GC security strategy attributes Question: Please rate the importance of the following attributes to your 5G core network security strategy. (n=110-112) (Source: Heavy Reading) Question: Please rate the importance of the following attributes to your 5G core network security strategy. (n=110–112)
(Source: Heavy Reading)

Looking for additional information?

Plan to watch this archived version of a recent webinar where we presented more of the research data from this study. You can register here.

Download the accompanying white paper here.

This blog is sponsored by Hewlett Packard Enterprise .

Read more about:

Omdia

About the Author(s)

Jim Hodges

Chief Analyst - Cloud and Security, Heavy Reading

Jim leads Heavy Reading's research on the impact of NFV on the control plane and application layers at the core and edge. This includes the evolution path of SIP applications, unified communications (UC), IP Multimedia Subsystem (IMS), session border controllers (SBCs), Diameter signaling controllers (DSCs), policy controllers and WebRTC. Jim is also focused on the network and subscriber impact of Big Data and Analytics. He authors Heavy Reading's NFV and SDN Market Trackers. Other areas of research coverage include Subscriber Data Management (SDM) and fixed-line TDM replacement. Jim joined Heavy Reading from Nortel Networks, where he tracked the VoIP and application server market landscape and was a key contributor to the development of Wireless Intelligent Network (WIN) standards. Additional technical experience was gained with Bell Canada, where he performed IN and SS7 network planning, numbering administration, technical model forecast creation and definition of regulatory-based interconnection models. Jim is based in Ottawa, Canada.

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like