As communications service providers (CSPs) take the final steps to deploy their standalone (SA) 5G core (5GC), they are also putting their security strategies to the test. Successful execution of these strategies is vital to ensure not only network performance, but also a positive customer experience.
In order to understand the extensive scope of the security impacts of the introduction of the 5GC SA, Heavy Reading launched the "5G Core Security Market Leadership Study" (MLS) in 3Q20. The survey-based study developed with sponsors A10 Networks, Ericsson, Hewlett Packard Enterprise (HPE) and NetNumber attracted 115 global survey respondents and addressed a broad range of security topics encompassing security investment priorities and threat mitigation strategies.
No shortage of security concerns
As with any major technology introduction, security concerns were anticipated. However, in many respects, the introduction of the 5GC in SA configuration goes well beyond the normal major technical deployment since several new categories of impacts must be considered. These encompass the introduction of ultra-low latency cloud-based services delivered in an edge compute environment and potentially in a slice-based configuration, both of which demand some level of automated policy and security monitoring adoption.
Additionally, the shift to a services-based architecture (SBA) introduces the need to secure API exposure as well as the accompanying software disaggregation model. This will enable microservices to be reused by external API developers to drive 5G service innovation. When we look at the 5GC SA in this context, there are multiple generational impacts that must be addressed in an effective standalone security strategy.
The input from the survey respondents confirmed that these new security requirements were a major source of concerns for at least two-thirds of the survey respondents. For example, as illustrated in the figure below, there was no shortage of "extremely concerned" or "concerned" responses.
Of these, the top fears in the "extremely concerned" category were malware-centric, focusing on the utilization of cross network activation to inject malware into legitimate slices (25%) or the creation of attacker created slice instances (23%). There were even concerns that manual and automated software upgrades to core nodes would facilitate the introduction of malware (22%).
API exposure in core nodes (21%) and automated or manual software upgrades in edge nodes (21%) were very much top of mind as well.
The top three "concerned" responses also related to apprehension that manual or automated software updates in either edge (53%) or core nodes (50%) could facilitate the introduction of malware attacks or other attack vectors. Similarly, API exposure (52%) in core nodes was also a major source of angst.
In contrast, only about a third of respondents indicated they were either only "somewhat concerned" (21–28%) or "not concerned" (4–6%) compared to the approximately two-thirds of "extremely concerned" or "concerned" respondents. Based on this data, it is readily apparent the introduction of API exposure, automation and sliced-based services injects formidable security challenges that CSPs must fully navigate before 5GC commercial implementation.
No shortage of strategic attributes
In order to address these concerns, CSPs must ensure that the key attributes of their security strategies are programmable enough to support core functions such as security monitoring, orchestration and control mechanisms.
The figure below reinforces this requirement. For instance, based on "critical" inputs, attributes such as support of microservices-based security services (34%), ability to monitor traffic and control signals between network functions (33%), management and orchestration (33%), and centralized and customizable network function and service access control (33%) all stood out.
Swappable open platforms that avoid single-vendor lock-in (31%) and centralized data control (31%), as well as other open network-related attributes such as open software and interfaces (24%), also factored prominently into the equation.
Heavy Reading interprets this input as confirming that the attributes of a viable 5GC standalone security strategy must consider the impacts of slices, APIs and automation. At the same time, they must also integrate the bedrock principles of software and hardware openness to provide the requisite level of vendor flexibility that will be crucial to executing standalone security strategies in the commercial world that awaits.
Looking for additional information?
Plan to watch this archived version of a recent webinar where we presented more of the research data from this study. You can register here.
Download the accompanying white paper here.
This blog is sponsored by Hewlett Packard Enterprise .