Over the last six years, solution architects have been designing the transformation of Service Provider’s networks to significantly reduce the timing of service and feature deployment lifecycles, standardizing on real-time service provisioning, consumption and end user autonomy. This challenge has been in parallel to delivering highly scalable and cost effective solutions.
These solutions, along with automation, are addressing emerging security challenges while extending tailored outcomes to individual lines of business and customers. The result is better security, user experiences and a broader addressable market.
So how does this hard work improve our execution of 5G transformations?
All About Those Apps
First, the fully automated software delivery model allows us to address the complexity of a widely distributed architecture in a repetitive model. Network and security alignment improves resource allocation while optimizing consumption-based delivery from edge systems.
The “edge” may have more than one meaning in this discussion, as service delivery platforms are no longer constrained to a single autonomous system. This flexibility leads Service Providers to a new era of content management and monetization as applications are deployed across numerous computing platforms to minimize latency.
It is important to appreciate that these capabilities are all made possible because of application-to-application dialog that transpire over APIs. Traditionally, application and API exposure had been constrained to IDC infrastructure. This meant that a secure DC or security gateway framework was used to harden the exposure of numerous applications in the same physical location. All of these applications communicated to the internet via a common path. In the scope of security design, this was a relatively easy problem to address.
Now, take a step back to the previous ideology of 5G and it jumps out at you that API and application protections become a key component in modern edge security.
From Security Zones to Network Slices
It is also interesting to recognize that traditional volumetric defense for infrastructure protection is changing rapidly.
Anomalous traffic easily evading netflow detection has been eroding precious core resources for too long. When security functions are built into the network, attacks are automatically addressed locally, avoiding back-hauling attacks and driving efficiency back into the core. This highly scalable infrastructure protection strategy also serves as a point of escalation for more sophisticated or persistent attacks seen in gateways, applications and APIs.
As we transition from security zones to network slices, this multi-tiered approach further lends itself to the decomposition of highly intelligent machine learning algorithms deployed contextually for the relevant protocols and applications.
As an example, IoT anomaly detection on the access edge requires very different algorithms than used for detecting attacks from the internet thru the peering edge. When we speak about application and API protection, protecting a mobile application requires entirely different techniques than addressing behavioral analysis for fraudulent account abuse. Having the ability to protect, adapt and optimize attack lifecycle management in cooperation with the orchestration layer for end-to-end security has been our greatest achievement in modern security design.
The Modern Landscape
Maybe the punchline is becoming obvious at this point but addressing end-to-end security with the ability to escalate application abuse to the edge of the system in a widely distributed architecture has become a modern landscape requirement.
Automation is working on our behalf to drive agility into engineering, provisioning, billing and operations. With predefined workflows, analysts enjoy alert-driven processes and/or fully automated protection strategies designed to meet the high availability demands throughout a complex system.
If you track my work at all, you will appreciate that I have dedicated the last twenty years designing highly adaptive services. If you are curious how you too can maximize security revenue across multiple lines of business, please reach out in the comment section below; service creation is one of my favorite points of discussion.
Read “Creating a Secure Climate for your Customers” today.
Travis Volk is the Technical Vice President of Global Business Development and Carrier Sales for Radware. Before joining our team in 2004, he served as a lead architect at AT&T for companies like Washington Mutual Bank, General Motors, American Express, Siemens and Sun Microsystems.
An award-winning architect and thought leader, Travis has been architecting and deploying global systems with advanced services for the last fifteen years. He has been directly involved in first to market campaigns for VOD, IP Advertising, Social Media, IMS, CDNs, Cloud Services, LTE, SDN, NFV for the largest Service Providers globally.
Working collaborative designs with customers and partners, Travis has been leading the process to develop, harden, and commercialize next-generation services and products ranging from virtualized core applications (Cloud Data Center) to personalized gateway services (Mobile Edge). Travis has expertise in both Wireline and Wireless systems for end-to-end content and application delivery, performance and security.
*** This is a Security Bloggers Network syndicated blog from Radware Blog authored by Travis Volk. Read the original post at: https://blog.radware.com/serviceprovider/2019/05/5g-security-in-an-api-driven-economy/