Securing the 5G edge

November 11, 2021 | 130 views

5G_edge
The rollout of 5G networks coupled with edge compute introduces new security concerns for both the network and the enterprise. Security at the edge presents a unique set of security challenges that differ from those faced by traditional data centers. Today new concerns emerge from the combination of distributed architectures and a disaggregated network, creating new challenges for service providers.
Many mission critical applications enabled by 5G connectivity, such as smart factories, are better off hosted at the edge because it's more economical and delivers better Quality of Service (QoS). However, applications must also be secured; communication service providers need to ensure that applications operate in an environment that is both safe and provides isolation. This means that secure designs and protocols are in place to pre-empt threats, avoid incidents and minimize response time when incidents do occur.

As enterprises adopt private 5G networks to drive their Industry 4.0 strategies, these new enterprise 5G trends demand a new approach to security. Companies must find ways to reduce their exposure to cyberattacks that could potentially disrupt mission critical services, compromise industrial assets and threaten the safety of their workforce. Cybersecurity readiness is essential to ensure private network investments are not devalued.

The 5G network architecture, particularly at the edge, introduces new levels of service decomposition now evolving beyond the virtual machine and into the space of orchestrated containers. Such disaggregation requires the operation of a layered technology stack, from the physical infrastructure to resource abstraction, container enablement and orchestration, all of which present attack surfaces which require addressing from a security perspective. So how can CSPs protect their network and services from complex and rapidly growing threats?

Addressing vulnerability points of the network layer by layer

As networks grow and the number of connected nodes at the edge multiply, so do the vulnerability points. The distributed nature of the 5G edge increases vulnerability threats, just by having network infrastructure scattered across tens of thousands of sites. The arrival of the Internet of Things (IoT) further complicates the picture: with a greater number of connected and mobile devices, potentially creating new network bridging connection points, questions around network security have become more relevant.

As the integrity of the physical site cannot be guaranteed in the same way as a supervised data center, additional security measures need to be taken to protect the infrastructure. Transport and application control layers also need to be secured, to enable forms of "isolation" preventing a breach from propagating to other layers and components. Each layer requires specific security measures to ensure overall network security: use of Trusted Platform Modules (TPM) chipsets on motherboards, UEFI Secure OS boot process, secure connections in the control plane and more. These measures all contribute to and are integral part of an end-to-end network security design and strategy.

Open RAN for a more secure solution

The latest developments in open RAN and the collaborative standards-setting process related to open interfaces and supply chain diversification are enhancing the security of 5G networks. This is happening for two reasons. First, traditional networks are built using vendor proprietary technology – a limited number of vendors dominate the telco equipment market and create vendor lock-in for service providers that forces them to also rely on vendors' proprietary security solutions. This in turn prevents the adoption of "best-of-breed" solutions and slows innovation and speed of response, potentially amplifying the impact of a security breach.

Second, open RAN standardization initiatives employ a set of open-source standards-based components. This has a positive effect on security as the design embedded in components is openly visible and understood; vendors can then contribute to such open-source projects where tighter security requirements need to be addressed.

Aside from the inherent security of the open-source components, open RAN defines a number of open interfaces which can be individually assessed in their security aspects. The openness intrinsically present in open RAN means that service components can be seamlessly upgraded or swapped to facilitate the introduction of more stringent security characteristics, or they can simultaneously swiftly address identified vulnerabilities.

Securing network components with AI

Monitoring the status of myriad network components, particularly spotting a security attack taking place among a multitude of cooperating application functions, requires resources that transcend the capabilities of a finite team of human operators. This is where advances in AI technology can help to augment the abilities of operations teams. AI massively scales the ability to monitor any number of KPIs, learn their characteristic behavior and identify anomalies – this makes it the ideal companion in the secure operation of the 5G edge. The self-learning aspect of AI supports not just the identification of known incident patterns but also the ability to learn about new, unknown and unanticipated threats.

Security by design

Security needs to be integral to the design of the network architecture and its services. The adoption of open standards caters to the definition of security best practices in both the design and operation of the new 5G network edge. The analytics capabilities embedded in edge hyperconverged infrastructure components provide the platform on which to build an effective monitoring and troubleshooting toolkit, ensuring the secure operation of the intelligent edge.

Spotlight

Multivision, Inc.

Multivision Inc. is one of the fastest growing information technology (IT) solutions provider and a recognized authority in innovative workforce development training. With our strong track record of successfully executing IT projects and IT consulting, we guarantee efficiency, simplification and transformation of your business. Multivision will help you increase your productivity and ROI, improve your business processes and expertise, and enhance your customer experience. All of this, we provide at a reasonable cost to your company.

OTHER ARTICLES
APPLICATION INFRASTRUCTURE

A new era of automation with Cisco ACI and the Citrix ADC Manager app

Article | July 16, 2022

Since it was first available, Citrix has worked with Cisco Application Centric Infrastructure (ACI) to integrate Citrix ADC with the Cisco Application Policy Infrastructure Controller (APIC). As a valued technology partner, Citrix has a device package — a software module — that enables users to configure the Citrix ADC directly from a Cisco APIC. This setup has run in many customer production environments over the years. Let’s consider one of those customers — Jim. He was the first to deploy the integrated solution in his data center. The solution gave him the automation he needed and a single view to configure, deploy, and manage applications. However, his application admins preferred to use the Citrix ADC user interface to manage L4-L7 services.

Read More
APPLICATION INFRASTRUCTURE

Storage made simple for hybrid multicloud: the new IBM FlashSystem family

Article | December 15, 2021

In part one of this blog post series, we discussed IBM’s approach for delivering innovation while simplifying your storage infrastructure, reducing complexity, and cutting costs. Now let’s take a closer look at the details of the new IBM FlashSystem family, a single platform designed to simplify your storage infrastructure, reduce complexity and cut costs, while continuing to deliver extensive innovation for your enterprise class storage solutions and your hybrid multicloud environments.

Read More
APPLICATION INFRASTRUCTURE

We Need to Talk About ‘Cloud Neutrality’

Article | December 20, 2021

We spent a lot of years talking about net neutrality the idea that the companies that provide access to the internet shouldn’t unfairly block, slow down, or otherwise interfere with traffic even if that traffic competes with their services. But there’s an even bigger issue brewing, and it’s time to start talking about it: cloud neutrality. “While its name sounds soft and fluffy,” Microsoft president and general counsel Brad Smith and coauthor Carol Ann Browne write in their recent book, Tools and Weapons: The Promise and the Peril of the Digital Age, “in truth the cloud is a fortress.” Their introduction describes the modern marvel of the data center: a 2 million-square-foot, climate-controlled facility made up of colossal electrical generators, diesel fuel tanks, battery arrays, and bulletproof doors

Read More

Why enterprises are going all-in on hyperscale

Article | February 10, 2020

Cloud computing continues to dominate the technology space, with cloud migration yielding a rain of opportunities and benefits. To date, achieving massive scale in computing power and data storage is a priority for organizations looking to mature in digital transformation. Hyperscale infrastructure is designed exclusively for that purpose, and it offers increasingly relevant features such as high levels of performance and high tolerance and room for error as well as redundancy. A recent report showed enterprises are leaning towards hyperscalers for cloud services as compared to second-tier providers.

Read More

Spotlight

Multivision, Inc.

Multivision Inc. is one of the fastest growing information technology (IT) solutions provider and a recognized authority in innovative workforce development training. With our strong track record of successfully executing IT projects and IT consulting, we guarantee efficiency, simplification and transformation of your business. Multivision will help you increase your productivity and ROI, improve your business processes and expertise, and enhance your customer experience. All of this, we provide at a reasonable cost to your company.

Related News

HYPER-CONVERGED INFRASTRUCTURE, APPLICATION INFRASTRUCTURE

cPacket Makes cCloud™ Visibility Suite Available in the Microsoft Azure Marketplace

businesswire | March 31, 2023

cPacket Networks and Microsoft have partnered to provide comprehensive cloud observability. The cPacket cCloud Visibility Suite is a feature-rich, multi-cloud solution that enables enterprises and cloud providers to build highly secure, reliable, and scalable hybrid networks. cCloud Visibility Suite provides a range of network packet-data-based services for end-to-end observability and security, giving always-on network intelligence for the IT network and security operations teams. The proprietary cCloud solution has advanced processing features which capture, pre-process, and deliver accurate network packet data in real-time to security, performance management, analytics, and AIOps solutions, simplifying overall network observability. This integrated solution provides several benefits for organizations looking to accelerate their cloud migration by enabling faster deployment of virtual appliances, increased scalability, service agility, enhanced user experience, and strengthened security and compliance postures. “A cloud-smart strategy is crucial to enterprises as they drive their digital transformation and AI initiatives. I am excited that cPacket Networks and Microsoft have taken our partnership forward. Through the Microsoft Azure Marketplace, our customers around the globe can easily access and acquire cCloud with increased scalability, streamlined licensing, and unparalleled visibility of their cloud network infrastructure.” – Dennis Carpio, Head of Business Development and Alliances, cPacket Networks. The Azure Marketplace is an online market for buying and selling cloud solutions certified to run on Microsoft Azure. All cPacket hybrid-cloud observability products are orderable today in the Azure marketplace and in production across many high-profile customer environments in the financial services, technology, government, and healthcare sectors. You can also use qualified MACC (Microsoft Azure Consumption Commitment) dollars to purchase cCloud for an even more streamlined process. Visit cCloud Azure Marketplace today or see it in action. About cPacket Networks cPacket Networks powers hybrid-cloud observability through its Intelligent Observability Platform. It reduces service outages through network-centric application analysis, strengthens cyber security through high-resolution network data for threat detection, and accelerates incident response through network forensic analysis. The result is increased service agility, experience assurance, and transactional velocity for the business.

Read More

APPLICATION INFRASTRUCTURE, WINDOWS SERVER MANAGEMENT

Lattice ORAN Enables Secure Synchronization for Deployments

Lattice Semiconductor | March 01, 2023

On February 28, 2023, the leader in low-power programmable semiconductors, Lattice Semiconductor, expanded its Lattice ORANTM solution stack to assist flexible, secure synchronization and timing for Open Radio Access Network (ORAN) implementations. Lattice ORANTM now supports tight synchronization for ORAN fronthaul interfaces adherence with critical ITU (International Telecommunication Union) profiles and IEEE (Institute of Electrical and Electronics Engineers) standards. This enhances the stack's ability to accelerate and secure current and next-generation customer applications. The latest Lattice ORANTM solution stack (v 1.1) has built-in mutual authentication for secure synchronization and support for IEEE Standards, including IEEE Std 1588™-2019 (default profile) and IEEE Std 802.1AS™-2020, made for Time Sensitive Networks (TSN). ITU-T Telecom Profiles, which includes frequency synchronization (G.8265.1), Phase/time synchronization with incomplete timing support (G.8275.2) and Phase/time synchronization with complete timing support (G.8275.1). ITU-T Timing Characteristics of T-BC and T-TSC Class C (G.8273.2) In addition, a Lattice FPGA-based development platform has been incorporated into the Lattice ORANTM stack. FPGA stands for Field Programmable Gate Array, and it is an integrated circuit (IC) that facilitates the rapid prototyping and final system design of custom logic. The Secure Timing and Synchronization Kit are intended to simplify the testing, exhibition, and creation of novel telecommunications applications. About Lattice Semiconductor Lattice Semiconductor is a global leader in low-power programmable solutions, providing cutting-edge technology to meet customers' needs in various markets. Its commitment to world-class support allows customers to quickly and easily unleash innovation to create an innovative, secure, and connected world. Its innovations include the Field Programmable Gate Array (FPGA), an integrated circuit that enables the development of custom logic for rapid prototyping and final system design. The company is headquartered in Hillsboro, Oregon, with major operations in San Jose, California; Shanghai, China; and Manila, Philippines.

Read More

HYPER-CONVERGED INFRASTRUCTURE, APPLICATION INFRASTRUCTURE

Cyxtera and Dell Collaborate to Accelerate Infrastructure Deployments

Cyxtera Technologies | March 02, 2023

On March 01, 2023, Cyxtera, a leading company in interconnection and data center colocation services, announced a strategic partnership with Dell Technologies to boost the infrastructure deployments of their customers by combining Dell's infrastructure with Cyxtera's colocation and network technologies. Using Cyxtera's global network of colocation facilities as well as Digital Exchange network fabric, the companies will offer full stack infrastructure as a service to international enterprises of all sizes, as well as federal, local, and state government bodies. This includes server and rack unit-specific compute infrastructure, colocation space, network connectivity, and power. These capabilities enable a cloud-like deployment experience for workloads requiring performance, security, and control of dedicated infrastructure and colocation. Within a Cyxtera data center, the Cyxtera Dell Experience Lab allows consumers to interact with Dell Technologies across various consumption models. Through Cyxtera's robust Command Center interface, participants in the Experience Lab can visualize how to construct an on-demand data center using Dell Technologies. Clients can: Use Cyxtera's Marketplace to gain access to hundreds of providers. Deploy and manage Dell PowerEdge servers colocated within a Cyxtera SmartCab. Deploy Dell PowerEdge server infrastructure with Cyxtera's Enterprise Bare Metal service as needed. Manage the Enterprise Bare Metal and colocated solutions' core networking and Layer 2 interconnections. Establish dynamic connections to the public cloud, public internet, and enterprise WAN providers. Chief Revenue Officer of Cyxtera, David Keasey, shared, "We're focused on providing rapid, seamless access to the technologies our customers need to support their unique business demands," He added, "By offering on-demand access to Dell infrastructure via our Enterprise Bare Metal offering, we will enable organizations of all sizes to harness the power of raw compute resources via a cloud-like delivery model across our global data center footprint." (Source – Business Wire) About Cyxtera Technologies Cyxtera is a leading provider of colocation and interconnection services based in Coral Gables (Florida), offering a network of more than 60 data centers across over 30 markets. With a focus on providing customers with cloud-like infrastructure solutions that are both flexible and scalable, it can help businesses achieve their strategic objectives and maintain a competitive edge. With a customer base of over 2,300 enterprises and government organizations, the company is committed to delivering innovative technology solutions that enable customers to scale faster and achieve their financial goals.

Read More

HYPER-CONVERGED INFRASTRUCTURE, APPLICATION INFRASTRUCTURE

cPacket Makes cCloud™ Visibility Suite Available in the Microsoft Azure Marketplace

businesswire | March 31, 2023

cPacket Networks and Microsoft have partnered to provide comprehensive cloud observability. The cPacket cCloud Visibility Suite is a feature-rich, multi-cloud solution that enables enterprises and cloud providers to build highly secure, reliable, and scalable hybrid networks. cCloud Visibility Suite provides a range of network packet-data-based services for end-to-end observability and security, giving always-on network intelligence for the IT network and security operations teams. The proprietary cCloud solution has advanced processing features which capture, pre-process, and deliver accurate network packet data in real-time to security, performance management, analytics, and AIOps solutions, simplifying overall network observability. This integrated solution provides several benefits for organizations looking to accelerate their cloud migration by enabling faster deployment of virtual appliances, increased scalability, service agility, enhanced user experience, and strengthened security and compliance postures. “A cloud-smart strategy is crucial to enterprises as they drive their digital transformation and AI initiatives. I am excited that cPacket Networks and Microsoft have taken our partnership forward. Through the Microsoft Azure Marketplace, our customers around the globe can easily access and acquire cCloud with increased scalability, streamlined licensing, and unparalleled visibility of their cloud network infrastructure.” – Dennis Carpio, Head of Business Development and Alliances, cPacket Networks. The Azure Marketplace is an online market for buying and selling cloud solutions certified to run on Microsoft Azure. All cPacket hybrid-cloud observability products are orderable today in the Azure marketplace and in production across many high-profile customer environments in the financial services, technology, government, and healthcare sectors. You can also use qualified MACC (Microsoft Azure Consumption Commitment) dollars to purchase cCloud for an even more streamlined process. Visit cCloud Azure Marketplace today or see it in action. About cPacket Networks cPacket Networks powers hybrid-cloud observability through its Intelligent Observability Platform. It reduces service outages through network-centric application analysis, strengthens cyber security through high-resolution network data for threat detection, and accelerates incident response through network forensic analysis. The result is increased service agility, experience assurance, and transactional velocity for the business.

Read More

APPLICATION INFRASTRUCTURE, WINDOWS SERVER MANAGEMENT

Lattice ORAN Enables Secure Synchronization for Deployments

Lattice Semiconductor | March 01, 2023

On February 28, 2023, the leader in low-power programmable semiconductors, Lattice Semiconductor, expanded its Lattice ORANTM solution stack to assist flexible, secure synchronization and timing for Open Radio Access Network (ORAN) implementations. Lattice ORANTM now supports tight synchronization for ORAN fronthaul interfaces adherence with critical ITU (International Telecommunication Union) profiles and IEEE (Institute of Electrical and Electronics Engineers) standards. This enhances the stack's ability to accelerate and secure current and next-generation customer applications. The latest Lattice ORANTM solution stack (v 1.1) has built-in mutual authentication for secure synchronization and support for IEEE Standards, including IEEE Std 1588™-2019 (default profile) and IEEE Std 802.1AS™-2020, made for Time Sensitive Networks (TSN). ITU-T Telecom Profiles, which includes frequency synchronization (G.8265.1), Phase/time synchronization with incomplete timing support (G.8275.2) and Phase/time synchronization with complete timing support (G.8275.1). ITU-T Timing Characteristics of T-BC and T-TSC Class C (G.8273.2) In addition, a Lattice FPGA-based development platform has been incorporated into the Lattice ORANTM stack. FPGA stands for Field Programmable Gate Array, and it is an integrated circuit (IC) that facilitates the rapid prototyping and final system design of custom logic. The Secure Timing and Synchronization Kit are intended to simplify the testing, exhibition, and creation of novel telecommunications applications. About Lattice Semiconductor Lattice Semiconductor is a global leader in low-power programmable solutions, providing cutting-edge technology to meet customers' needs in various markets. Its commitment to world-class support allows customers to quickly and easily unleash innovation to create an innovative, secure, and connected world. Its innovations include the Field Programmable Gate Array (FPGA), an integrated circuit that enables the development of custom logic for rapid prototyping and final system design. The company is headquartered in Hillsboro, Oregon, with major operations in San Jose, California; Shanghai, China; and Manila, Philippines.

Read More

HYPER-CONVERGED INFRASTRUCTURE, APPLICATION INFRASTRUCTURE

Cyxtera and Dell Collaborate to Accelerate Infrastructure Deployments

Cyxtera Technologies | March 02, 2023

On March 01, 2023, Cyxtera, a leading company in interconnection and data center colocation services, announced a strategic partnership with Dell Technologies to boost the infrastructure deployments of their customers by combining Dell's infrastructure with Cyxtera's colocation and network technologies. Using Cyxtera's global network of colocation facilities as well as Digital Exchange network fabric, the companies will offer full stack infrastructure as a service to international enterprises of all sizes, as well as federal, local, and state government bodies. This includes server and rack unit-specific compute infrastructure, colocation space, network connectivity, and power. These capabilities enable a cloud-like deployment experience for workloads requiring performance, security, and control of dedicated infrastructure and colocation. Within a Cyxtera data center, the Cyxtera Dell Experience Lab allows consumers to interact with Dell Technologies across various consumption models. Through Cyxtera's robust Command Center interface, participants in the Experience Lab can visualize how to construct an on-demand data center using Dell Technologies. Clients can: Use Cyxtera's Marketplace to gain access to hundreds of providers. Deploy and manage Dell PowerEdge servers colocated within a Cyxtera SmartCab. Deploy Dell PowerEdge server infrastructure with Cyxtera's Enterprise Bare Metal service as needed. Manage the Enterprise Bare Metal and colocated solutions' core networking and Layer 2 interconnections. Establish dynamic connections to the public cloud, public internet, and enterprise WAN providers. Chief Revenue Officer of Cyxtera, David Keasey, shared, "We're focused on providing rapid, seamless access to the technologies our customers need to support their unique business demands," He added, "By offering on-demand access to Dell infrastructure via our Enterprise Bare Metal offering, we will enable organizations of all sizes to harness the power of raw compute resources via a cloud-like delivery model across our global data center footprint." (Source – Business Wire) About Cyxtera Technologies Cyxtera is a leading provider of colocation and interconnection services based in Coral Gables (Florida), offering a network of more than 60 data centers across over 30 markets. With a focus on providing customers with cloud-like infrastructure solutions that are both flexible and scalable, it can help businesses achieve their strategic objectives and maintain a competitive edge. With a customer base of over 2,300 enterprises and government organizations, the company is committed to delivering innovative technology solutions that enable customers to scale faster and achieve their financial goals.

Read More

Events