How SASE Enables and Secures 5G Networks

The buzz has been growing around 5G MEC (multi-access edge computing) as the new networking standard that promises faster speeds, greater bandwidth and optimized mobility as the technology has moved from concept to reality. 5G network edges are designed to support various use cases that will prove extremely important to organizations across the board, including video analytics, location services, internet of things (IoT), augmented reality (AR), optimized local content distribution and more.

As more organizations consider their own rollouts and environments, there are important deployment and security considerations they must address. 5G introduces a whole host of security threats and vulnerabilities such as kernel bypass, DDOS attacks on 5G service interfaces and exploitation of software or hardware vulnerabilities leading to zero-day exploits. With 5G, it is extremely important for organizations to consider security solutions that can enforce consistent security posture across public cloud, hybrid cloud and on-premises deployments, or any combination of these environments. 

5G is Here, And So Are Its Security Risks

The demand for an enhanced digital experience along with the increase in personal and IoT devices as well as workload transition to the cloud have driven the need for 5G. While still a fairly new technology, adoption rates of 5G have increased significantly; currently they are three times that of 4G. It is well-documented that 5G comes with promising advancements: Greater speeds, higher bandwidth, improved connectivity and lower latency, all while capable of handling millions—even billions—of devices. 

However, along with these advantages, 5G also introduces new security challenges. In addition to some of the specific exploits mentioned above, 5G not only increases the number of devices but the types of devices organizations need to protect, including IoT devices, sensors, cameras, virtual assistants, etc. This expands the network’s attack surface, resulting in more network vulnerabilities and holes for attackers to exploit. 

5G Accelerates SASE Adoption 

5G is advertised to accelerate user connectivity. Combining secure SD-WAN, a secure access service edge (SASE) component and network slicing guarantees that SLAs are met and provides end-to-end security, including UTM, IDS/IPS, antivirus and more. 

SASE is crucial to a successful 5G environment by enabling improved services and performance, increased security and faster infrastructure rollout and management. SASE works together with 5G network slicing to guarantee aggressive SLAs with end-to-end security and enables flexible implementation of Gi-LAN services in various form factors. SASE delivers end-to-end security, visibility and telemetry for 5G infrastructure and services and enforces compliance through a consistent security posture across public cloud, hybrid cloud, on-premises and MEC. SASE can also enable automated 5G rollout of thousands of devices with true zero-touch using a SASE orchestrator and leverages elastic autoscaling and network intelligence to meet real-time capacity demands.

Deployment and Environment Considerations

For all organizations, security breaches, power outages or any incidents that result in downtime can be extremely costly. Whether it’s an elementary school with lean IT or a large global enterprise, ensuring a rapid 5G rollout is crucial for agile IT and meeting the new networking and security requirements of users. 5G solutions built with automation capabilities such as zero-touch provisioning can help enable rapid deployment. 

Furthermore, organizations can dramatically lower capex and opex of their 5G networks by choosing:

  • A single-pass parallel architecture for maximum performance and lowering latency. This approach has the advantage of needing to decrypt a data packet only once, which is important for optimal security. In a traditional mobile architecture, there are silos of point and dedicated appliances that have different functions. However, this type of fragmented architecture simply can’t scale in the new era of 5G. As seen above, 5G comes with very aggressive SLA demands and organizations must change their current infrastructure to meet these demands.A single-pass architecture ensures that the majority of services are performed in the same cloud-service stack, at the same location and at the same time. This architectural approach is important because the requirement to open, parse, re-encrypt and forward traffic happens only once. This approach avoids expensive, high-latency packet copying and service inconsistency, therefore ensuring that 5G SLAs are adhered to.
  • A multi-tenant uCPE architecture. This approach delivers the advantages of centralized management, reducing appliance sprawl and improving adaptability. One of the key use cases for 5G is to enable multiple virtual network operators’ (MVNOs) use of a shared 5G infrastructure. This is done to provide differentiated services based on the application requirement (or network slice requirement) while keeping overall costs low. One of the core components to its success is multi-tenancy. Advanced solutions deliver complete segregation of control plane, data plane and management plane for each of its tenants. Each tenant can have multi-level role-based access control (RBAC) to manage the network based on the roles and responsibilities with full segmented security.
  • A solution with options for software and hardware-accelerated encryption and decryption capabilities that provide faster processing and tamper-resistant key storage. The solutions should also support chaining the services that are running on different nodes, including third-party service functions. All of these directly tie into the 5G vision of providing unparalleled application and user performance without compromising security.
  • A solution with a single management interface to manage, configure and monitor complete 5G and SASE services such as secure SD-WAN and the host of additional security services mentioned above. 

Preparing for and supporting 5G networks can seem daunting. With the right tools in place, including secure SD-WAN and other SASE functions, organizations are prepared to best take advantage of all the benefits 5G has to offer while addressing new security threats.

Avatar photo

Michael Wood

Michael Wood is CMO at Versa Networks.

michael-wood has 1 posts and counting.See all posts by michael-wood