Building and Securing 5G Networks of Tomorrow
Written by Ali Amer, Managing Director, Global Service Provider Sales, Cisco Middle East and Africa
While 5G brings the promise of new revenue opportunities for service providers, new infrastructure and use cases will open up new risks. The security of the SP network infrastructure, their business, and their customers will require a holistic approach.
Every new generation of carrier technologies has brought forward new business and consumer use cases. The release of 3G rolled in wireless mobile data communication, while the release of 4G brought in IP wireless data communication. Both combined have made e-commerce, video, gaming, social media, an every-day routine on smartphones and mobile phones.
In essence, 3G and 4G networks enabled mobile broadband for business and consumers. As part of this growth: the world is now mobile; there is huge growth in network access; digitization has become a reality leading to the emergence of the Internet of Things (IoT), and the cloud is now mainstream.
5G is an enabler for a new set of possibilities and capabilities. The growing 5G momentum promises new revenue opportunities for service providers.
To pursue these new untapped opportunities, they will need to ramp up their network capabilities to support future 5G services. As we move closer towards mainstream 5G adoption, mobile networks are increasingly expected to handle more data-intensive applications and deliver low-latency connectivity to more devices. The rollout of 5G networks provides an opportunity for service providers to gain benefits from next-generation cycles in the data centre, networks, mobility, in a multi-vendor environment. Significant changes such as personalized networks are now possible through slicing and other granular functions.
Simultaneously, 5G is about service providers being able to exploit new enterprise use cases and new revenue streams. In parallel, new transient network surfaces raise additional challenges of security and country regulations. Some of the new use cases that 5G will cater to include: autonomous transport, augmented and virtual reality, smart city traffic management, rapid response services, robotics in manufacturing, healthcare and fitness, smart grids and utilities, smart offices, smart homes, industrial automation, machine to machine communications, 3D video and high definition screens, working and play in cloud, amongst others.
5G Enhanced Mobile broadband offers high speed and dense broadband connectivity to users. With the performance of Gigabit speeds, 5G is an alternative to fixed line connectivity services. To support enhanced mobile broadband use cases, the mobile core must support high-density performance, scalability and security.
Ultra-reliable low latency communications focus on mission-critical services such as virtual reality, telesurgery, healthcare, intelligent transportation, industrial automation, manufacturing robotics, and factory automation. Previously delivered through a wired connection, 5G is now an alternative for these use cases.
For millions of sensors and thousands of cars, all on the edge of the network, Massive IoT can support the number of scalable connections required. Service providers can use network slicing technology, to deliver network as a service for businesses.
5G will bridge wireless and wireline networks, forcing a major network architectural change from radio access to the core. This requires a transition to cloud-native applications, monitoring and managing an end-to-end network, including radio access networks and packet core. It also combines and leverages the capability of a variable bandwidth network with mixed and flexible access. On the flip side, this enhanced flexibility increases the surface vulnerable to threats.
Securing 5G networks requires complete visibility of the stack managing a use case and controls to take remedial action. Contrary to traditional carrier networks, 5G networks require visibility from the edge to the cloud platform, to the application, across the extended network, to the end point. Securing the 5G network then requires comparison to the normal baseline behaviour and alerts for any deviation. The key functional aspect is to be able to measure the network so that it can be managed.
Continuous aggregation of near real-time network data allows analyses of the workflow through a security controller. Based on the predefined security policy, remedial action and controls can be triggered. Inbuilt machine learning capability, monitors the remedial actions and its ability to counter threats, as an iterative loop for further improvement and action at a later stage.
Day zero attacks are typically where the signature and fingerprint of the threat actor, exploiting an unknown vulnerability, are seen for the first time. These can be detected by variation from the baseline behaviour of the network, cloud and applications. Remedial action is then initiated by the security controller to identify, isolate, and control the threat.
Day one attacks are previously identified threats, where a series of counter-attacks have already been developed and can be initiated with predictable results. Applying these types of responses in a closed loop process, where both the controller remediation and its results can be monitored and recorded, can help in improving future responses.
Another way of securing 5G networks is the advanced usage of encryption. Half of all Internet traffic today is encrypted and this is expected to increase. Machine learning can be used to build analytics from encrypted Internet traffic increasing the visibility of threats as close to the threat as possible. This reduces the possibility of collateral damage inside the 5G network.
New tools for increasing visibility inside 5G networks include application-level probes and path computation elements. An application probe is an automated cell that travels across the network and benchmarks the application performance at various network points.
A path computation element feeds network characteristics at every point of the network into a near real-time database to simulate the functioning of a network. As an example, remedial responses to a DDoS attack are first simulated using the near real-time network database to assess the impact before initiation.
The nature of the 5G network creates a widely distributed data centre and an expanded attack surface. Such a topology is susceptible to lateral attacks and threats. This can be countered by segmenting the network – right from the edge, across gateways, applications, wireless and wireline networks, backhaul networks and so on. Segment routing is an important tool in network segmentation.
By investing time and money in securing their 5G networks, service providers can be better assured of a predictable return on investment.