Is Your Security Architecture up to the Challenge?

on Posted on Reading Time: 3 minutes

The slow pace of digital transformation has logarithmically accelerated due to the pandemic, which is still a big part of our lives. As a result, there has been an increase in consumption of digital entertainment from our homes due to being “stuck” inside with access to gaming, videos on-demand, and other digital avenues of entertainment.

This has put a heavy demand on how service providers, application developers, and cloud service providers build their service offerings. The services are now an integrated set of service chains that connect the mobile network, cloud, security, and application development methods, together with requiring a high level of collaboration and assurance among themselves.

Out of the many possible service chains out there, one of the top chains for any service provider that hopes to survive in this industry is the SECURITY service chain.


Let’s Take a Look at the Security Service Chain 

You might say “We already know this!” However, have you considered that a 5-millisecond budget is an ideal delay for a hardcore cloud gamer, and that they will pay for this assured quality.

What happens if this service is disrupted due to a breach that bypasses the traditional firewall, intrusion detection system (IDS), intrusion prevention system (IPS), or other perimeter security barriers? Now, let’s add into the mix the fact that 5G is based on a distributed service architecture.

What we see are operators, vendors, and ISVs that need to work together to address not only the SLAs, but also go beyond the perimeter security provisioning of their network zones. They need ways to identify how cybersecurity can be built in as part of their service or product and the data flow that is part of the service offering. This will secure the communications between devices or components along the entire network and service chain path, without opening up any vectors for attack.

5G Brings New Opportunities for Hackers (As if They Weren’t Enough of a Concern Already)

Many of the challenges for security in 5G will be inherited by those threats and threat surfaces already posed by 4G security challenges. On top of that, 5G brings some additional considerations due to the new services, architectures, and technologies to the mobile networks, especially at the edge. With 5G and the new cloud-based distributed service architecture, we need to carefully consider that each edge location now becomes a new threat domain that needs to be managed properly.

In 4G, we wanted to ensure the integrity, availability of the networks, and data flow, in addition to the confidentiality of the packets traversing the network. Security needs to be considered in the following:

  • The new split access architecture
  • The new distributed network mesh, MEC, and cloud
  • The service and application slice security
  • User and user-based application security
  • End-to-end service-based architecture (SBA) and related domain(s)

Network security must continuously evolve to cover new security risks that can come from the new distributed service model to empower service providers and their networks (not only 5G) to be able to stand firm against new potential security threats that can impact their service offerings and as a result their revenues.

Get Ready to Defend against Modern-Day Threats

Organizations will need to turn to a complementary combination of perimeter security plus identifying possible perimeter breaches in near real-time through analysis of your network traffic or network traffic analysis.

The combination of these two methods (especially where network traffic analysis can be made part of the overall security architecture) will ensure that both internal threats and external breaches can be detected proactively before the end user or a customer is fully impacted.

Here is an example: A sustained gaming service that provides a maximum of a 5ms delay is the ideal delay for a hardcore cloud gamer. A security breach that is part of the data traffic and has already evaded the perimeter will result in poor QoE for the customer and loss of revenue!

In summary, as the network becomes more distributed and complex, network traffic analysis is critical in order to assure that all service edge locations are secure as part of the service chain, and an overall cyber resiliency strategy and framework has become an essential factor.

It’s all about keeping your customers’ QoE assured and your network secure—for both your own organization and your suppliers.


Learn More

Learn more about MEF’s work in cybersecurity (SASE and Zero Trust) and 5G.

About Accedian

Accedian is the leader in performance analytics, cybersecurity threat detection, and end user experience solutions, dedicated to providing our customers with the ability to assure and secure their digital infrastructure, while helping them to unlock the full productivity of their users.

We are committed to empowering our customers with the ability to see far and wide across their IT and network infrastructure and a microscopic ability to dive deep and understand the experience and security of every user, helping them to delight and protect their own customers each and every time.

Accedian has been delivering solutions to high profile customers globally for over 15 years. Learn more at accedian.com.

Tags:

Hakan Emregul

Director Solutions Engineering - Strategic Partnerships | Accedian

In his role as Director Solutions Engineering – Strategic Partnerships, Hakan is responsible for being the strategic bridge between customers and Accedian’s sales, R&D, product management, and executive teams. He draws on a strong technical, solutions, and management background in the mobile, telecom, service provider, and IT industries, with a focus on customer-centric, practical and value-added solutions development. Prior to joining Accedian, Hakan held various senior roles (in network planning, virtualization strategies, and analytics, among other areas) at Turkcell and Superonline Turkey. He holds two Bachelor’s degrees in information technology from Monash University and computer sciences at Eastern Mediterranean University.