How greenfield 5G network operators like DISH are ushering in a new era of cybersecurity

In the world of telecom, a greenfield service provider is one where the deployment and configuration of its network are entirely new – where none existed before.

In the USA, DISH is getting a lot of attention for its greenfield deployment of the nation’s first cloud-native, Open RAN-based 5G network.

As Fierce Wireless recently pointed out, “Not only is [DISH] undertaking a Herculean task to build an infrastructure-based network across the vast United States, but it needs to do it on an incredibly tight time-line.”

On top of this impressive rollout, DISH has designed their network for an unprecedented level of security.


How is DISH planning to lead the industry in 5G security?

From the outset of network deployment, DISH sought vendors that would help them in the quest to build a 5G network with unprecedented security measures.

In a whitepaper published by DISH, they discuss the reasoning behind their new partnerships with Nokia, Palo Alto Networks, and Allot, and the strengths each company is contributing to the rollout of the new 5G network.

Specifically, to meet the company’s ambitious goals, there was a need to go beyond the level of security offered by traditional networks. They sought a specialized solution that would prevent and block DDoS attacks and protect 5G services, helping them to deliver new, game-changing apps and services that millions of potential customers in the USA expect to enjoy from 5G.


Why is security such an important issue for 5G networks?

5G was designed to bring faster speeds & lower latency for new business applications, such as autonomous cars, AR/VR, eHealth, and more. But 5G also brings the possibility of an expanded attack surface & a more vulnerable distributed architecture, threatening the ability to deliver the high-speed, low-latency performance these services require.

Communication service providers (CSPs) need a new approach to network security that will keep pace with modern, multi-stage cyberattacks. Attackers constantly challenge the distributed 5G network, seeking to exploit hidden vulnerabilities and maximize the impact of their attacks. The threat landscape will grow exponentially larger due to massive deployment of IoT, the growth in potential points of attack (1000s of MECs), and the increased throughput per connection (1Gb/device). 5G CSPs must evolve and adopt a layered approach, like that used by Allot 5G NetProtect, to block attackers at every stage.

A common misconception about DISH’s openRAN-based network is that its openness makes it more vulnerable to security risks and attacks. In reality, DISH’s open network allows the company to “turn the lights on,” meaning they can see an attack coming and prepare before it strikes. In contrast, traditional, closed networks operate in the dark. They have to preemptively arm themselves against possible attacks, and are left to hope their defense mechanisms are sufficient. Many times, they don’t realize there has been a security breach until it’s too late. Alternatively, DISH 5G — with the help of Allot and its other foundational security partners — can better defend itself against DDoS and botnet attacks.


The right solution to empower the best of 5G

Leveraging Allot’s world-class technologies and expertise, DISH will provide customers with a comprehensive, secured mobile service.

Greenfield, standalone networks, like the one DISH is building, are pure 5G and cloud native from the start, rather than retrofitting a 4G core with modern security. Because of that, our cloud-native 5G NetProtect solution is perfectly suited for integration and scaling throughout the network, as needed.

Allot 5G NetProtect secures DISH’S network user plane from DDoS and botnet attacks. Its cloud native implementation meets requirements derived from 5G network scale, latency, and expanded threat landscape. Allot 5G NetProtect employs a multi-layer threat prevention strategy that detects and blocks the latest and most evasive DDoS and botnet attacks initiated from both within and outside the network, assuring network Quality of Experience (QoE). It uses machine learning artificial intelligence to automatically detect and block zero-day attacks, and is built upon an industry-leading inline network intelligence (DPI) engine with field-proven, ultra-low latency, 5G-scale performance.

To learn more, check out the news release about our new partnership with DISH.

*** This is a Security Bloggers Network syndicated blog from Allot Blog authored by Moshe Moran. Read the original post at: