F5, an American company that specializes in application services and application delivery networking. F5 focus on the delivery, security, performance, and availability of web applications, including the availability of computing, storage, and network resources. During an interaction with BISInfotech, Sudarshan Sivaperumal, Security Solutions Architect from F5 shares his experiences and future plans about 5G Solutions and security.
Q. Please share your plans for making 5G solutions safer and secure for its users.
As we mark the 25th anniversary of the Internet in India in 2020, we are seeing an increase in economic value and how connectivity is redefined in the urban and rural areas, be it for education, entertainment, or work. We are soon expecting the transition from 4G to 5G happen and telecom providers are now making the necessary infrastructure changes. Networks continue to evolve in the face of ever-growing traffic volume and complexity—as well as the increasing pressure to reduce costs, grow the business faster, and drive profitability. 5G accelerates this transformation of the network. It enables new services and applications, from the radio access network (RAN) to the cloud: connected cars, smart homes, IoT smart meters, and more. With 5G, a host of new business applications are set to come in play, leading to elevated security threat partly because there are more vectors through which adversaries can attack. The technology is set to enable a huge number of connected devices, collectively known as the Internet of Things (IoT). IoT devices are the target for cyber threat actors because they could be taken over to form what’s known as a botnet to perform distributed denial of service, or DDoS attacks to paralyze networks and distrupt application services. We aim to provide end to end solutions for 5G enablement today. We offer service velocity, scale, a unified and easy way to control and manage application services across the network, and the ability to protect network and customers in this era of rapid digital transformation.
Massive scale and performance with the lowest total cost of ownership: 5G networks have ultra-low latency characteristics to handle the growth associated with IoT. To secure future networks, service providers need to increase agility, performance, and security. We aim to offer powerful performance solutions that can scale in concurrent connections and connections per second (CPS) to support the requirements for 5G and IoT.
A comprehensive and integrated portfolio of security solutions: The core networks of service providers face risks from multiple points—devices, networks, applications—while network attacks also affect the DNS, control plane, and signaling (including SIP and Diameter). F5’s combined portfolio of L4–L7 services, including the assimilation of CGNAT, provides end-to-end security and delivers a multi-layered solution to protect the application, control plane, and data plane against Advanced Persistent Threats and DDoS attacks. This enables service providers to protect their brand and keep customers by improving the Quality of Experience for their subscribers while future-proofing their network as they develop their network architectures.
Q. According to you, what will be the demands of 5G in India and how it will work?
5G is expected to form the backbone for the new era of digital economy thereby supporting a much larger range of applications and services, emerging technologies such as the Internet of Things (IoT) and machine to machine communications, including driverless vehicles, telesurgery, and real-time data analytics. The ultra-low latency offered by 5G makes the technology desirable for such use cases. Latency is the amount of time data takes to travel between its source and destination 5G technology, consumers will be able to download data-heavy content such as 8K movies and games with better graphics in just a few seconds. But once 5G becomes commercial in India, users will be required to change their current devices in favor of 5G-enabled ones
As new 5G-enabled services and applications are realized, new jobs will be created and talent upskilled and reskilled. Integration of 5G and several vertical industries, such as manufacturing, energy, and transportation, break the barriers of infrastructure and exposes the network to more risks. In comparison with traditional telecommunications networks, other business verticals have different security regulations and standards, data protection norms, and security evaluation standards. Besides, the assets are diversified. The equipment, platforms, and applications in Multi-access Edge Computing (MEC) have different owners and users and may also require an operation and maintenance system across multiple organizations. It is for this reason that the traditional security measures might not be enough for 5G. The operators need to work on providing sustainable, credible, and secure network services for the users.
Q. How you are going to design security capabilities to protect infrastructure?
Deploying 5G infrastructure will be the most challenging next-gen network rollout ever. Service providers will need to meet extreme end-to-end bandwidth and concurrent connection requirements and deliver highly responsive, low latency connections to a multitude of devices and device types. At the same time, telcos will need to simultaneously reinforce and enhance the existing 4G LTE network that most end-users will continue to use for the near term. Much of this existing network is on old technology platforms that cannot easily scale and cannot support newer 5G technologies.
With the rapid transition to virtualized/cloud-based edge, core, and data networks, F5 delivers one of the industry’s broadest portfolios of Virtual Network Function VNFs, allowing brands to seamlessly transition networks to high-performance VEs (virtual editions) in the data center or the network edge. Service providers can scale and simplify their existing 4G LTE network and evolve to 5G with automation, protocol fluency, and high-performance virtualized software. These solutions will help brands to:-
- Simplify your core network architecture and operations and reduce costs with the integration of STGi-LAN/N6 services into a single platform, deployable as hardware and virtual appliances.
- Support transition from 4G to 5G and services migration through protocol fluency and comprehensive interworking capabilities such as HTTP/2 and Diameter.
Q. What kind of offerings you will provide to make 5G more successful in India?
According to the Global Risk Report 2019, released by the World Economic Forum – India had faced the largest data breach in the world due to “lax cybersecurity protocols” resulting in a breach of records of more than 1.1 billion citizens. With agility, technological prowess, and innovation being non-negotiable criteria for any successful business in today’s time, it is crucial for organizations to proactively reassess their security strategies. Ensuring cybersecurity in a digital world should be every leader’s priority and they need to build ‘risk management’ as an integral part of their growth agenda.
With F5, organizations can simplify the complete lifecycle management of VNF services, unlocking essential scale and automation for newly virtualized networks without burdensome complexity. F5 offers packaged solutions that are simple to purchase, deploy, manage, and upgrade in a “use before you buy” model with subscription and perpetual licensing options. This approach is an ideal fit for mobile operators and service providers looking to software-based infrastructures as part of their network evolution. The offerings will boost telcos with:-
- Optimize the network – Simplify and scale your existing 4G LTE network while transitioning to 5G, leveraging automation, protocol fluency, and high performance virtualized software solutions.
- Monetize new solutions- Accelerate the time-to-market of new, compelling, and differentiated 5G services to your enterprise customers and consumer base
- Secure the platform – Protect your 5G network at a massive scale at every layer and for multiple threats.
Q. Please share your experience with the cyber-attacks and its solutions.
To give you an example, while one of our customer had put security measures in place to discover vulnerabilities and the risk of penetration,the operator also had to factor in the high-volume traffic with stealthy, application-targeted techniques. With F5’s Advanced WAF, we were able to empower our customer’s websites and digital solutions with comprehensive and advanced protection to secure their digital universe against data breaches and vulnerability scans, application-layer Denial-of-Service (dos) attacks. The solution also protected the operator against automated attacks by creating a baseline of normal application traffic behavior, monitoring, and blocking any anomalous traffic patterns or malicious bots, without any human intervention. Through the consistent monitoring of server health and security, our customer now has greater web attack visibility, providing enhanced safety and high service quality to customers.
Q. How is your company helping to overcome risk for IoT devices which can create a flood of cyber-attacks to take down critical systems?
The 5G infrastructure exposes both mobile operators and subscribers to significant security threats due to the number and type of connected devices. Besides, 5G’s high bandwidth capabilities combined with new software-driven network elements can significantly increase security vulnerabilities. These 5G security vulnerabilities will have an impact on service revenues as well as subscriber performance. It is critical to provide improved network security with the launch of your 5G network capabilities. To survive and thrive in the evolving 5G/IoT ecosystem, service providers must deliver connectivity and become “Value Added Services Providers” through partnerships and tight integration of solutions. To handle the diverse number of IoT devices, coupled with requirements such as an ultra-low latency for certain use cases, the prioritization of each device, and corresponding requirements for IoT applications, service providers need to deploy secure, scalable, available, and high-performance solutions across their networks—from the device to the applications in data centers. Service providers will need signaling conformance and security solutions that will protect against protocol-specific attacks targeting protocols such as CoAP, MQTT, SIP, and Diameter. Finally, the network must be able to prioritize which device, corresponding applications, and associated signaling messages have access to the network with application-aware intelligence to optimize performance and improve the quality of experience for users.
Q. What security trends do you foresee as India’s digital landscape spurs helping develop next-gen networks?
India’s digital landscape is all set to speed up with the ongoing push to develop 5G infrastructure by 2020. India’s new leadership considers the digital economy as a major growth enabler, particularly when Prime Minister Narendra Modi strategically listed “Digital India” among the top priorities for the new central government. It is believed that India’s digital economy has the potential to reach US$1 trillion by 2025 due to the proliferation of smartphones, increased Internet penetration, growth of mobile broadband, growth of data, and social media. Here are a couple of security trends that will shape the next generating networks:
Deploying End-to-End App Security Solution: Digital transformation efforts often result in hundreds of apps hosted across multiple clouds and on-premises. Modern architectures include distributed microservices, containers, and APIs. Combined, these have radically changed the attack surface for applications. Simultaneously, CI/CD workflows make it critical for security to be addressed throughout the life of an app, as the cycle time for moving apps from development to production is declining rapidly. The challenge, then, is how to manage security policies across multiple environments with both consistent controls and operational efficiencies.F5 is poised to incorporate machine learning and AI into its offerings at a much deeper level. The aim is to provide customers superior application protection that can adapt according to organization needs.
Training and upskilling workforce in cybersecurity skills: The biggest cybersecurity challenge faced by Indian organizations is the shortage of adequately skilled cybersecurity professionals. In fact according to F5 SOAS report, 56% of security roles pointed to app security as their biggest skills deficit. Realizing the growing gap between demand and availability of cybersecurity professionals, organizations will be proactive with their reskilling and upskilling programs. Organization may have to consider managed security services to help bridge the gap during this transition.