Automate Visibility and Harness the Power

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Are mobile network operators concerned about security in their NFV deployments?

According to a recent Heavy Reading survey[1], 62 percent of service providers are very concerned about security for their network function virtualization deployments, out-ranking other well-documented NFV flashpoints such as OSS integration and orchestration. This strong response also reflects the broad industry realization that NFV fundamentally challenges the assumptions of traditional security architecture and requires new approaches to stay ahead of the evolving threat landscape.  In short, new functionality is required to strengthen protection levels, increase agility and visibility, and to automate detection, analysis and response to increased threats today and the network evolves for NFV, 5G and IoT.

We call that capability “automated visibility”, and it is the subject of a recent white paper by Heavy Reading.

The paper, “The Evolution of Security: Harnessing the Power of Automated Visibility,” encompasses four key concepts:

  • Real-time visibility across all network peering points and interfaces.
  • Automation of threat detection and analysis, with updates of signatures propagated in minutes.
  • Automation of threat intelligence collection, through the cloud, from a large base of enterprises, service providers and other threat feeds.
  • Automation of dissemination of security policy and signatures to a vastly distributed network.

With automated visibility, service providers can jump ahead of cybercriminal capability, gain operational efficiency and provide deeper protection to their networks and subscribers.

Other industry organizations have also addressed challenges in security into evolving networks.  The Cloud Security Alliance’s recent “Security Position Paper – Network Function Virtualization” stated “… traditional security models are static and unable to evolve as network topology changes in response to demand. Inserting security services into NFV often involves relying on an overlay model that does not easily coexist across vendor boundaries.”

The perimeter-based security approach in traditional mobile network relies on standards-defined, compartmentalized network elements and interfaces. In contrast, a virtualized network is borderless and based on software. Once malware intrudes into a virtualized network, it can potentially move across VMs and attack other critical functions.

The shift to NFV and 5G, the growth of IoT, as well as the dynamic threat landscape has many implications for service providers in defining their security posture:

Over-provisioning of capacity is no longer effective against DDoS. Botnets can be recruited from multiple service provider networks and millions of lightly protected devices, and attacks drawn from such a large base can quickly exceed provisioned capacity. Software-based functions are even more susceptible to volume overloads. Over-provisioning increases costs.

Scheduled updates of security signatures is not sufficient: Cybercriminals can quickly change malware and weaponized media news in minutes, leveraging the latest automation tools, off-the-shelf malware and public cloud capacity. Manual response processes of any kind are too slow.   Threats need to be immediately identified and then responses uniformly propagated throughout the network.  Manual processes will also diminish the operational efficiency desired from NFV investment.

Service providers can no longer focus on just threats from the “outside”, (i.e,  the internet), as threats can come from inside the subscriber base as well: Attacks can be generated from subscriber devices authenticated within the network, through roaming partners or Wi-Fi. Now all peering points, network interfaces and insertion points are vulnerable. In virtualized, distributed networks, there are many, many more VMs, each representing a pinhole for possible infection.

Automated visibility, with other next-generation security capabilities, is required to address these new challenges, establish an effective security posture and maintain it as the network is virtualized and evolves to support 5G.

Download the white paper now.

[1] Heavy Reading Annual Security and MSSP Market Perception Study

The post Automate Visibility and Harness the Power appeared first on Palo Alto Networks Blog.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Palo Alto Networks
Palo Alto Networks is the next-generation security company maintaining trust in the digital age by helping tens of thousands of organizations worldwide prevent cyber breaches. With our deep cybersecurity expertise, commitment to innovation, and game-changing Next-Generation Security Platform, customers can confidently pursue a digital-first strategy and embark on new technology initiatives, such as cloud and mobility. This kind of thinking and know-how helps customer organizations grow their business and empower employees all while maintaining complete visibility and the control needed to protect their critical control systems and most valued data assets. Our platform was built from the ground up for breach prevention, with threat information shared across security functions system-wide, and designed to operate in increasingly mobile, modern networks. By combining network, cloud and endpoint security with advanced threat intelligence in a natively integrated security platform, we safely enable all applications and deliver highly automated, preventive protection against cyberthreats at all stages in the attack lifecycle without compromising performance. Customers benefit from superior security to what legacy or point products provide and realize a better total cost of ownership.
Promoted Content
Unit 42 Report - Ransomware: Unlocking the Lucrative Criminal Business Model
Ransomware, specifically cryptographic ransomware, has quickly become one of the greatest cyber threats facing organizations around the world. This criminal business model has proven to be highly effective in generating revenue for cyber criminals in addition to causing significant operational impact to affected organizations. It is largely victim agnostic, spanning across the globe and affecting all major industry verticals. Small organizations, large enterprises, individual home users – everyone is a potential target. Ransomware has existed in various forms for decades, but in the last several years criminals have perfected the key components of these attacks. This has led to an explosion of new malware families and has drawn new actors into participating in these lucrative schemes.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?