\tPARTNER CONTENT: Operators are hard at work planning for future 5G use cases, but failure to make appropriate security preparations could compromise the performance of next generation networks, an expert from Juniper Networks warned.<\/p>\n
\u201cNew technologies, new architecture come with new attack surfaces. Without proper counter measures in place, 5G networks would be more vulnerable to exploitation than 3G and 4G,\u201d Irene Zhang, senior product marketing manager for Juniper\u2019s service provider security solutions, told Mobile World Live.<\/p>\n
Zhang said security was \u201cnot top of mind until recently,\u201d as the industry focused on RAN and core innovation. However, attention is finally turning toward security strategies as the risks of not protecting the network become more apparent.<\/p>\n
\u201cImagine what would happen if 5G security is not adequately addressed and hackers can remotely gain access to and control the connected vehicles on the road,\u201d she said.<\/p>\n
Zhang added: \u201cEveryone has responsibility for 5G security. It takes a village. Standard bodies need to provide guidance. Operators need to invest and implement. Vendors need to provide solutions for operators that align with the standard bodies\u2019 guidance.\u201d<\/p>\n
Without such broad participation and careful preparation, she warned service providers could face an inability to effectively mitigate growing and emerging threats.<\/p>\n
Scale and performance
\nAmong the key factors providers need to take into account in their security assessments are scale and performance.<\/p>\n
Zhang explained current 4G security systems performance won\u2019t be able to keep up with the demands of 5G networks, which will require higher throughput and more session scale to support a surge in data traffic and number of connections. In order to deliver the necessary performance, many of today\u2019s 4G security systems such as SEG (security gateway), Gi\/SGi firewall and Gp\/S8 roaming firewall will require both hardware and software upgrades to add necessary performance.<\/p>\n
Another area that must be addressed is distributed denial-of service (DDoS) attacks. Due to their often-limited security capabilities, IoT devices are a favourite target for hackers to leverage as botnets.<\/p>\n
Zhang noted traditional DDoS defences \u2013 like the \u201cdetect and redirect\u201d method using scrubbing centres \u2013 will be unsustainable in the face of increasingly sophisticated attacks since it will easily become capacity overloaded, too costly to maintain and too slow to react before damage occurs.<\/p>\n
New attack surfaces
\nAdditionally, hardware-based security alone won\u2019t be sufficient in a world of cloud architecture and virtualised network functions.<\/p>\n
Physical Network Functions (PNFs) and Virtual Network Functions(VNFs) for security will likely co-exist for a long time. Zhang stressed the importance of a holistic approach with system-wide visibility to manage both physical and digital network security elements from a single point. Without such a system, she warned threat responses will likely be slower.<\/p>\n
\u201cIt doesn\u2019t work well if the physical security has one console, and the virtual security has another console.\u201d<\/p>\n
She also pointed out a shift to multi-access edge computing (MEC) and network slicing will open new attack vectors, which will need to be protected.<\/p>\n
Providers will likely run MEC applications on the same physical platform as some VNFs in order to gain efficiencies.<\/p>\n
However, the use of third-party applications could create a new opening for attackers, sparking concerns that a malicious app could exhaust network resources needed by other slices and functions if it is not properly isolated.<\/p>\n
Proper preparation
\nWithout critical upgrades, outdated systems could hinder both security efforts and overall network performance. But Zhang outlined several steps providers can take to ensure their security setups are 5G ready.<\/p>\n
As a first step, she encouraged them to upgrade their existing hardware, including firewalls. On the virtual side of the house, Zhang said providers should also aim to implement baseline-level security across all network slices rather than just some, to prevent attackers from targeting slices with lower levels of security.<\/p>\n
Additionally, adequate separation should be maintained between slices for an added layer of protection, so attackers cannot easily move between slices.<\/p>\n
If done right, providers can turn security into a point of differentiation and even a revenue opportunity.<\/p>\n
Providers which can adequately address the concerns of different 5G verticals, such as energy, utilities, healthcare and manufacturing, have the potential to open new revenue streams by offering security as a service, Zhang said. The rapidly growing enterprise IoT segment is particularly ripe for such value-added services, she added.<\/p>\n
\u201cWhile consumer IoT is interesting and gets a lot of attention, the real money will be mostly spent by enterprise implementing IoT projects.\u201d<\/p>\n
For a deeper dive into 5G security considerations and recommendations, read Juniper\u2019s whitepaper here [1] or watch its recent webinar on the subject here [2].<\/p>\n[1] https:\/\/junipernetworks.lookbookhq.com\/c\/whitepaper-2000743-en?x=S2ZZH5&form_name=GLBL_DTC_2019_GEN_MUL_DTC-Landing-Page&utm_campaign=GLBL_DTC_2019_GEN_MUL_DTC-Landing-Page&cid=7013c000001Qu9q&showForm=true&assetsourceurl=https:\/\/www.juniper.net\/assets\/us\/en\/local\/pdf\/whitepapers\/2000743-en.pdf&srcurl=https:\/\/junipernetworks.lookbookhq.com\/c\/whitepaper-2000743-en?x=S2ZZH5&asseturl=whitepaper-2000743-en&assetTier=&form_name=GLBL_DTC_2019_GEN_MUL_DTC-Landing-Page&showForm1=true&assetsourceurl=https:\/\/www.juniper.net\/assets\/us\/en\/local\/pdf\/whitepapers\/2000743-en.pdf&srcurl=https:\/\/junipernetworks.lookbookhq.com\/c\/whitepaper-2000743-en?x=S2ZZH5&form_name=GLBL_DTC_2019_GEN_MUL_DTC-Landing-Page&utm_campaign=GLBL_DTC_2019_GEN_MUL_DTC-Landing-Page&cid=7013c000001Qu9q&showForm=true&assetsourceurl=https:\/\/www.juniper.net\/assets\/us\/en\/local\/pdf\/whitepapers\/2000743-en.pdf&srcurl=https:\/\/junipernetworks.lookbookhq.com\/c\/whitepaper-2000743-en?x=S2ZZH5&asseturl=whitepaper-2000743-en&assetTier=&asseturl=whitepaper-2000743-en&assetTier=1
\n[2] https:\/\/junipernetworks.lookbookhq.com\/c\/sp-strategy-webinar?x=S2ZZH5&form_name=GLBL_DTC_2019_GEN_MUL_DTC-Landing-Page&utm_campaign=GLBL_DTC_2019_GEN_MUL_DTC-Landing-Page&cid=7013c000001Qu9q&showForm=true&assetsourceurl=https:\/\/www.juniper.net\/assets\/us\/en\/local\/pdf\/whitepapers\/2000743-en.pdf&srcurl=https:\/\/junipernetworks.lookbookhq.com\/c\/whitepaper-2000743-en?x=S2ZZH5&asseturl=whitepaper-2000743-en&assetTier=&form_name=GLBL_DTC_2019_GEN_MUL_DTC-Landing-Page&showForm1=true&assetsourceurl=https:\/\/www.juniper.net\/assets\/us\/en\/local\/pdf\/whitepapers\/2000743-en.pdf&srcurl=https:\/\/junipernetworks.lookbookhq.com\/c\/whitepaper-2000743-en?x=S2ZZH5&form_name=GLBL_DTC_2019_GEN_MUL_DTC-Landing-Page&utm_campaign=GLBL_DTC_2019_GEN_MUL_DTC-Landing-Page&cid=7013c000001Qu9q&showForm=true&assetsourceurl=https:\/\/www.juniper.net\/assets\/us\/en\/local\/pdf\/whitepapers\/2000743-en.pdf&srcurl=https:\/\/junipernetworks.lookbookhq.com\/c\/whitepaper-2000743-en?x=S2ZZH5&asseturl=whitepaper-2000743-en&assetTier=&asseturl=whitepaper-2000743-en&assetTier=1<\/p>\n","protected":false},"excerpt":{"rendered":"
PARTNER CONTENT: Operators are hard at work planning for future 5G use cases, but failure …<\/p>\n
The post Security critical to 5G planning<\/a> appeared first on Mobile World Live<\/a>.<\/p>\n