What Keeps Service Providers Awake at Night?

Service providers are experiencing tremendous growth in traffic. They feel pressure to scale their networks to meet demand while maintaining profitable business models. As the networks scale up and out, their operators face increasing security threats.

A February 2016 survey and subsequent report on The Future of Mobile Service Delivery, authored by Jim Hodges, senior analyst for Heavy Reading, explores how service providers address security concerns as they prepare for a 5G world.

Security is a major concern for operators. Hodges points out that the top concern is denial-of-service issues, including distributed denial-of-service (DDoS) and botnet attacks and network configuration errors. This fear is followed by threats related to system integrity in which traffic is manipulated by external attackers while spoofing a user’s identity.

Service providers recognize that security threats exist across their network domains, with the top areas of concern at data centers. But devices, the RAN, the EPC, the IMS, and the Gi-LAN must all be protected.

Service providers have already put into place basic requirements to protect against top threats. These include DDoS protection or mitigation, web and DNS firewall applications, and anti-fraud measures such as DNS tunnel detection. But networks are still vulnerable in other areas, including service function chaining, roaming network policy enforcement, DNSSEC, S1 security gateways, and Gi firewalls. These areas are especially critical as VoLTE, video, network functions virtualization (NFV), and Internet of Things (IoT) deployments are expected to reach a critical mass within two years.

Operators are split on which approach is best for managing DDoS threats. The top preferred approach is inline DDoS applications, followed closely by a combination of both inline and out-of-band methods.

The threats clearly indicate that service providers need comprehensive security across their networks, from the device through the core to the Gi-LAN and applications in data centers. Most importantly, operators need to secure and scale their networks to handle the surge of millions to billions of DNS requests per second that may impact performance and availability. The inevitable spikes in network signaling, and attacks on signaling protocols such as SIP and Diameter, could cause signaling storms, potentially bringing down the network. To optimize performance and improve the quality of user experience, service providers need tools to manage traffic priority and steer it based on the device type, its current application, and associated signaling.

As noted in Hodges’ report, service providers also view the DNS domain as a key area of vulnerability. Read more about the detailed DNS security challenges that service providers face.

See a snapshot of additional survey results, view Hodges’ full Heavy Reading report, or find out how F5 helps service providers meet security challenges with carrier-grade firewall, access control, and security solutions.