5G networks are popping up all over the globe. Customers are eager to take advantage of the faster speeds and lower latency made possible by the 5G architecture, which abandons the traditional monolithic packet core approach in favor of the Mobile Edge Computing or Multi-Access Edge Computing (MEC) model.
Telco service providers want to move as quickly as possible to take advantage of the new revenue-generating opportunities. Delivering on the promise of 5G requires hosting applications and services at every MEC. Rather than shouldering the responsibility themselves, many telco service providers are shortening the time to market by working with former competitors: cloud service providers.
For example, Verizon and AT&T announced partnerships with Amazon Web Services (AWS) and Microsoft Azure, respectively, to bring cloud applications to the MEC. Vodafone is working with AWS as well for its business customers.
In this uncharted new world, the question that telco service providers must now answer is which entity is responsible for securing the applications hosted at the MECs? When your brand is built on delivering near perfect 99.999% reliability, how much trust should service providers put in their application partners?
Learning From the Past
In the 5G landscape, the partnerships between telco service and cloud providers make sense. Operators like Vodafone, Verizon and AT&T are all experts on what is needed to quickly and reliably deliver ultrahigh bandwidth to enterprises. Cloud providers such as AWS and Azure understand how to host and scale applications, and they can leverage built-in relationships with the application owners.
However, telco service providers may be a bit hesitant to turn over the keys to their kingdoms to cloud providers. Not-too-distant memories from the 2000s linger when service providers did all the heavy lifting on 4G LTE but ceded application value, and therefore all the valuation, to companies like Apple and Google.
Two decades later, the companies that pushed over-the-top (OTT) content and applications over the service providers’ infrastructure have seen their market valuations jump dramatically. Telco service providers failed to capitalize in the same way.
What’s possible with 5G networks will make the applications running on 4G LTE seem quaint. Live-streamed 8K virtual reality concerts, remote surgeries performed by surgeons via video game controller and manipulation of industrial robots from overseas with no delays are just a few examples of what enterprises will be able to do. How will telco service providers avoid the mistakes of the past to benefit from their infrastructure investments?
A New World
What is the revenue split between the telco service providers and the cloud companies for applications used in the MEC? The way in which the revenue is divided will determine who manages the service for customers, who takes the initial customer call when there’s an issue and how fast new MECs are built and deployed.
Cloud providers are already moving ahead marketing and selling the value of their cloud applications and have the opportunity to get closer to customers with 5G. At its recent Microsoft Ignite conference, Microsoft presented on the value that Azure brings to its 5G customers by combining flexible, low-latency and high-speed wireless networks.
Conversely, at the recent Consumer Electronic Show (CES), Verizon focused on the value of Verizon 5G for enterprise customers. Verizon says that it is building the infrastructure for the eight currencies of 5G — throughput, service deployment, mobility, connected devices, energy efficiency, data volume, latency and reliability.
Securing the Customer Experience
If cloud services and application are managed by the cloud providers, will AWS and Azure provide infrastructure and application security? Will it be the same as or different from the telco service providers’ security architectures that already exist on the network? Would Verizon or AT&T have visibility into the cloud providers’ security operations centers (SOC) to monitor threats on the MEC?
This appears to be a “belt and suspenders” moment.
Telco service providers need to secure the MEC from both a network and application perspective, protecting traffic as it moves north and south, in and out of the MEC cloud. In conjunction with superfast 5G MEC applications, service providers can market baseline security services to generate additional revenues and to ensure their brand promise of connectivity, reliability and security.
In addition, cloud service providers need to provide their own application security on individual applications (perhaps via Openstack or Kubernetes) within the MEC cloud. In this scenario, cloud applications are protected from other applications in the cloud, East and West. Security protection for cloud applications can be a new revenue stream for the cloud and telco service providers to split.
Both entities in the partnership should be responsible for securing services to eliminate vulnerabilities and meet customers’ expectations for performance and protection. Additionally, if the partnership breaks up, both parties are prepared.
This dual approach protects the reputations and brands of both the telco service and cloud providers and provides revenue-generating opportunities for security services. Telco service providers will be able to leverage their existing security architectures and best-in-class technologies to make MEC security part of their holistic management of the network by the SOC.
The cloud providers will be able to sell the value of security to the end customers, protect from east-west attacks within the cloud and negotiate a business relationship with the telco service provider for this incremental revenue on the applications.
When telco service and cloud providers both assume responsibility for securing services and applications, everyone wins. Customers get reliable, fast network performance for their mission-critical applications. Telco service providers are able to confidently move forward with profitable 5G services. Cloud providers are able to boost performance by hosting applications closer to their customers.
Note: A version of this article first appeared in Light Reading’s The 5G Connection.
Read “5G & IoT: Real-World Rollouts Launch New Opportunities and Security Threats” to learn more.
*** This is a Security Bloggers Network syndicated blog from Radware Blog authored by Mike O'Malley. Read the original post at: https://blog.radware.com/serviceprovider/2020/03/forging-a-5g-partnership-benefits-both-telcos-cloud-service-providers/