Telcos gear up to secure new wave of 5G networks

Bart Salaets of F5

A new Heavy Reading survey reveals 5G operators’ priorities as they move to mitigate new threats.Telcos will implement a wide array of measures in 2021 to secure the next wave of 5G connectivity, according to a global survey of service provider employees by Heavy Reading.

As operators begin to rollout standalone 5G networks, they are moving swiftly to secure core network configuration services, such as slice management, which enable 5G operators to provide highly customised connectivity.

By the end of 2021, 71% of respondents expect to have implemented security measures for their core network configuration services and 75% plan to have secured the radio access network (RAN).

Most telcos are also taking steps to secure other key aspects of their 5G networks, with approximately two-thirds of respondents planning to implement security measures for roaming network signalling, network slicing, application programming interfaces (APIs), the Internet of Things (IoT) and edge computing (MEC) by the end of 2021. Not far behind are container security to support microservices (61% of respondents) and enterprise mobility (58%).

“It is heartening to see the speed and urgency with which service providers are moving to secure the many different facets of their 5G networks,” says Bart Salaets, senior director of solutions engineering at F5. “These measures will be critical to the credibility and success of 5G, particularly in the enterprise market, where businesses across a wide variety of industry verticals are looking for 5G connectivity and services that are ubiquitous, flexible and highly secure.”

What needs to be done before commercial launch?

One of the key attributes of 5G networks will be their ability to expose various capabilities to third parties using APIs.

Although the availability of APIs opens up new avenues of attack for malicious actors, there are a number of measures telcos can implement to protect their network. One third of respondents said they will implement network DDoS before commercial launch, while 28% plan to implement identity and access management systems and 22% next-generation firewalls (NG-FWs) before going live.

Within a year of commercial launch, the top three priorities are web application firewalls (44% of respondents), NG-FWs (38%) and application delivery controllers (35%). A significant group (31%) also plan to deploy a dedicated API gateway within this 12-month window.

The research also indicates that it will be important for telcos to fully secure the control plane in their new 5G core networks. In this respect, the top priorities are to implement a network repository function (NRF), which maintains a repository of available network service elements, and a secure edge protection proxy (SEPP), which secures and filters internetwork messaging.

Among the respondents, 27% plan to implement a NRF and a SEPP before commercial launch. The next most popular measure is to implement a network exposure function (NEF) to secure the interactions between network functions and application functions 22% of respondents said they would implement a NEF before commercial launch.

Mixing and matching security platforms

Pragmatically, many telcos plan to employ multiple platforms to implement their 5G security measures. One of the most popular approaches among the survey respondents is to use a mixture of vendor appliances, virtual network functions (VNFs) and cloud native network functions (CNFs). Some 28% selected this option as their preferred approach. The same number of respondents said they prefer to employ VNFs, while CNFs (the most futuristic option) are the preferred approach for 19%. Some 12% chose vendor appliances and 8% SmartNIC-based VNFs/CNFs.

However, all five approaches attracted strong support as “viable secondary options” reflecting a sense of realism among operators; they need to quickly employ the most cost-effective measures to protect each element of their network, rather than taking a one-size-fits all approach.

The survey also found that the concept of a secure access service edge (SASE) is gaining traction among 5G operators. Some 43% of respondents now view SASE as an integral part of their 5G security strategy. The other half are still either formulating a SASE strategy (25% of respondents) or view SASE as independent of their 5G security strategy (24%).

This enthusiasm reflects the position of SASE as the first cloud-native software implementation to combine a number of existing capabilities, such as WAN support, with security capabilities, such as firewall-as-a-service and content inspection.

“This research highlights the judicious and multi-faceted approach telcos are taking to the often-complex task of securing cloud-native 5G networks that rely on microservices, API exposure and sliced-based services,” Salaets concluded.

“Threat mitigation in the rich, diverse and dynamic 5G service arena will be a fine art. But telcos can now call upon a growing range of powerful security tools to secure their 5G networks and services, including WAFs, anti-DDOS, NG-FWs and API gateways to SASE, as well as SEPP and NEF functions. The can be deployed in either VNF or CNF form factors, with some security functions accelerated with SmartNIC technology.”

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow


9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

Nozomi Networks and Tripwire announce strategic partnership

Posted on: September 17, 2021

Nozomi Networks Inc., the provider of OT and IoT security, and Tripwire, a global provider of security and compliance solutions for enterprises and industrial organisations, announced they have partnered to help organisations lower cyber risk with consistent security controls that span their IT, OT and IoT environments.

Read more

RightIndem deploys enterprise-grade conversational AI to simplify customer claims process

Posted on: September 17, 2021

RightIndem, an global insurance technology company, has worked with Bristol-based Amdaris to simplify its customer onboarding process via developing enterprise-grade conversational Artificial Intelligence experiences.

Read more