With the 2016 Mobile World Congress now underway, we see more than ever how the industry is looking ahead to what the future brings. There is a great deal of energy all around the show as everyone is eying a future 5G connected world with new devices, new apps, and new services that are eclipsing our collective imaginations ... it’s not a surprise that the theme for this year is “Mobile is Everything.”
One topic that is certainly getting a lot of attention at the show is security. That’s no surprise since it is affecting users and service providers alike; and as the industry continues to evolve with its explosive growth and change, so too will security threats. Cisco’s Visual Networking Index (VNI) report1 predicts that IP traffic will triple between 2014 and 2019, and according to the report, that means ‘enhanced security and intelligence [will be] required’ to deal with all the new devices that will be connecting to networks.
It’s not just the devices: as the networks themselves are re-architected, new threats will emerge. And as the new networks emerge, develop, and scale, service providers will also have to scale their security architectures to keep up with the threats. The two simply have to go hand in hand. So it’s scaling, performing, and providing security at the same time.
The nature of security approaches is changing rapidly, from being perimeter-oriented with well-defined borders to protect to now being more dynamic in nature with granular requirements across the network, the devices, and the applications. The simplistic approach of placing a security appliance in front of defined perimeter is a thing of the past.
As networks evolve, as they become more virtualised, they will also get more “open” and network services will continue to become more dispersed. The next generations of devices will also have much greater capabilities and different usage characteristics – where increased connections to the network will be accompanied by exponentially higher connections per second. This will impact the scaling of security architectures like never before as devices will be launching multiple sessions that are going to touch different domains of the network at increasing rates. Next-generation networks need to support these different traffic models and different security solutions will also be needed in order to accommodate all of this.
However, the issue lies with the fact that many security platforms on the market were not designed to meet the security requirements of 4G or 5G, with the sheer volume of data that will be flowing across networks and the frequency of application access and connection rates.
With these new networks, service providers will need to secure all points of the network in real time and on a dynamic basis. They will need to mitigate DDoS attacks and device-oriented attacks, and absorb high volumes of traffic while quickly detecting and shedding bad traffic.
And as networks evolve and become much more dispersed, they will also have to quickly detect threats and dynamically push out IP denylisting and other mitigation techniques upstream to other network and security elements. So if threats are detected in one portion of the network, a mitigation policy can dynamically be pushed out to other points on the network, so you don’t have to rely on someone having to first detect and then manually push that policy out, which could take days, weeks or even months.
It really is a new security paradigm that service providers will be facing; high performing solutions that can offer a multi-domain and multi-layer set of services that can be deployed across the network. Ultimately, as service providers evolve to 4G and 5G where they will be deploying incredibly high-performing networks, they also will need incredibly high-performing security solutions.
Reference:
1Cisco Visual Networking (VNI) Index:
http://www.cisco.com/c/en/us/solutions/service-provider/visual-networking-index-vni/index.html
About the Author
Related Blog Posts
The everywhere attack surface: EDR in the network is no longer optional
All endpoints can become an attacker’s entry point. That’s why your network needs true endpoint detection and response (EDR), delivered by F5 and CrowdStrike.
F5 NGINX Gateway Fabric is a certified solution for Red Hat OpenShift
F5 collaborates with Red Hat to deliver a solution that combines the high-performance app delivery of F5 NGINX with Red Hat OpenShift’s enterprise Kubernetes capabilities.
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.