Is your security architecture up to the challenge of 5G service-based distributed architectures?

In the last 12–18 months, in every area of the industry that touches technology in one way or another, the way that we consume technology and our expectations from a business perspective has started to change.

The slow pace of digital transformation has logarithmically accelerated due to the pandemic, which is still a big part of our lives. As a result of this, businesses are seeing the value of working from home. Another aspect has been the increased consumption of digital entertainment from our homes due to being ‘stuck’ inside with access to gaming, videos on-demand, and other digital avenues of entertainment.

Many initiatives have accelerated because of the increase in the consumption of digital goods and services. The new services being offered by service providers, via 5G technologies and the cloud, have opened many new revenue opportunities and added value to consumable services, such as AR/VR, health telemetry, ‘at-home movie theaters’, and many more.

This has put a heavy demand on how service providers, application developers, and cloud service providers build their service offerings. The services are now an integrated set of service chains that connect the mobile network, cloud, security, and application development methods, together with requiring a high level of collaboration and assurance among themselves.

Out of the many possible service chains out there, one of the top chains for any service provider that hopes to survive in this industry is the SECURITY service chain.

Let’s take a look at the security service chain

You might say that ‘we already know this!’ However, have you considered that a 5 millisecond budget is an ideal delay for a hardcore cloud gamer, and that they will pay for this assured quality – $190 billion dollars in 2019 to be exact!!

So ask yourself, what happens if this service is disrupted due to a breach that bypasses the traditional firewall, IDS, IPS, or other perimeter security barriers?

Now, let’s add into the mix the fact that 5G is based on a distributed service architecture. For example, the application or service may reside in a different edge service location, and the end user may even be mobile, requiring the service to be extended beyond the ‘physical’ boundaries of the service provider, i.e. into the cloud environment.

What we see are operators, vendors, and ISVs that need to work together to address not only the SLAs, but also go beyond the perimeter security provisioning of their network zones. They need ways to identify how cybersecurity can be built in as part of their service or product and the data flow that is part of the service offering. This will secure the communications between devices or components along the entire network and service chain path, without opening up any vectors for attack.

5G brings new opportunities for hackers – as if they weren’t enough of a concern already

The new 5G distributed architecture and the abundance of new devices opens up new opportunities for hackers to exploit more devices, new services and an increased number of data traffic paths in the ever-expanding security perimeter. This not only impacts the “perimeter wall” of the security architecture, but the service itself from a data communication perspective once a vulnerability has been exploited.

With these new opportunities to exploit an organization’s expanding perimeter, the focus turns to a complimentary combination of perimeter security plus identifying possible perimeter breaches in near real-time through analysis of your network traffic, or network traffic analysis.

The combination of these two methods (especially where network traffic analysis can be made part of the overall security architecture) will ensure that both internal threats and external breaches can be detected proactively before the end user or a customer is fully impacted.

Here is another example: a sustained gaming service that provides a maximum of a 5ms delay is the ideal delay for a hardcore cloud gamer. A security breach that is part of the data traffic and has already evaded the perimeter will result in poor QoE for the customer and loss of revenue from the $190 billion dollars market that we discussed earlier!

In summary, as the network becomes more distributed and complex, network traffic analysis is critical in order to assure that all service edge locations are secure as part of the service chain, and an overall cyber resiliency strategy and framework has become an essential factor.

It’s all about your customers’ QoE assured and your network secure – for both your own organization and your suppliers’. To learn how behavior-based intrusion detection can help you, read more here – or you can request a free security posture assessment and let us help you vanquish the threats in your network.