Edge protection tools and securing enterprise segments
The focus on communications service providers’ (CSPs) cybersecurity requirements has changed dramatically in recent years. 5G technology has enabled and mandated new business-critical, mission-critical, and security-critical revenue-generating services. However, the benefits of 5G’s higher-speed communications have come with more frequent and powerful threats to mobile networks. This includes distributed-denial-of-service (DDoS) attacks, which are increasing in complexity, disrupting key systems and causing major business losses.
Services offered by nefarious threat actors behind these cyberattacks span network, transport and application layers, and target everything from specific applications and games to bypassing standard DDoS countermeasures. Cybersecurity standards for CSPs are naturally increasing as a result. Therefore, the enterprise and mobile edge segments of their networks require special attention.
Securing enterprise segments
Enterprise segmentation is the process of dividing a network into sections, with the goal of mitigating lateral movement by threat actors within a network and securing critical data and other assets more effectively. It is the enterprise segment of a CSP network where enhanced cybersecurity measures – like rapid detection and protection tools – should be concentrated.
This segment enables communication between internal services, servers, and external applications via the internet, and is what allows subscribers to access external digital applications. Focusing protection tools here will protect the network from emerging DDoS attacks and secure the servers where applications are running.
Cybersecurity within this segment – as well as the perimeter – of the network should encompass all areas of communication, including all services and applications held within a network or hosted externally. This level of security is needed to detect any emerging cyber threats or DDoS attacks caused by subscribers’ connection to the internet or mobile networks.
Ultimately, network traffic never stops, and neither should the cybersecurity solutions put in place to protect it. Instead, security solutions must always be running to identify which services are in use and continuously monitor network traffic from both control and user planes. Moreso, the solution should provide delivery assurance for network services and provide early-warning threat detection for rapid mitigation.
Additionally, the solution should provide full visibility into both security operations teams and overall network operations. To achieve this, CSPs should consider implementing security tools which use a shared source of network-derived data, allowing teams to work together more effectively. In fact, CSPs using assurance and security tools compatible with their existing security ecosystem will, in turn, increase the speed of their return on investment (ROI).
Edge protection tools and what to look out for
Like all enterprise segments, ever-expanding mobile access edge computing (MEC) centres of networks connect to the internet constantly, making them especially vulnerable to external cyber threats as a result. DDoS attacks, for example, pose significant risks to service accessibility - which directly drives service revenue for providers.
In order to mitigate these risks, it is important that the network’s service is always under security and assurance monitoring. Some network edge protection strategies used today require the provider to collect vast amounts of traffic from all over the network and forward it to a “scrubbing centre”. Instead, when looking for network edge protection, more responsive strategies – such as complete or partial mitigation and accurate threat detection – should be considered. In doing so, there are several key factors to consider when looking for modern edge protection tools.
Protection tools that enable a network to defend itself can be greatly beneficial for large networks, particularly those with a dedicated DDoS attack mitigation team. Such a network can identify incoming threats, assess them, and generate instructions on how to block that specific threat across the entire network. The multiple security layers throughout the entire network would then gradually mitigate the attack until the threat is completely alleviated.
CSPs can also build and offer their own DDoS mitigation service to their customers for a further ROI and additional revenue. By doing so, providers can help their customers ensure their network availability and digital applications. Providers considering this option should be sure to look out for tools which can extend protection capabilities to their customer base in order to monetise their investment.
Finally, a virtualised attack solution is another measure to consider as a network protection tool – available as either software or a hardware appliance. Virtualised attack solution capabilities include threat detection, activity monitoring, and malware prevention in software-defined or virtual data centres. With it, CSPs can benefit from the cost-effectiveness and agility of network functions virtualisation (NFV) and software-defined network (SDN) from existing DDoS mitigation tools.
The mobile network’s enterprise edge and core need careful consideration when it comes to finding an effective yet compatible cybersecurity solution. Ultimately, whichever solution is selected, it should provide a genuine ROI and be able to identify and mitigate emerging threats at the edge. Most importantly, the solution must be flexible and compatible with your current cybersecurity environment, and able to scale alongside your network.