The focus on security for Communications Service Providers (CSPs) has changed over the past few years. 5G technology has enabled and mandated new business-, mission-, and security-critical revenue-generating services. However, with the high-speed communications benefits of 5G come a corresponding increase in the range of threats to mobile networks.
Distributed Denial of Service (DDoS) Attacks Aren’t New, But They’re on the Rise complexity, disrupting key systems and causing significant business losses. And recently, entry barriers for attackers have been eliminated. DDoS services for rent now allow users to test basic DDoS attacks before buying.
The range of “services” offered by these nefarious platforms span the network, transport and application layers and target everything from specific apps and games to methods of circumventing standard anti-DDoS measures. Cybersecurity standards for CSPs are naturally increasing, and as a CSP, the business and moving edge segments of your network require special attention.
Securing your business segment
The enterprise part of the mobile network enables communication with internal servers and services or external applications on the Internet, using client IP to server IP communication. This is where your servers are associated with a specific service offering and where your subscribers connect to the internet to access any externally hosted applications.
In this part of your network, detection and protection is necessary to secure the servers on which applications run, as well as to protect your entire network against DDoS attacks – which could be initiated by subscribers connected to the mobile network or from the Internet. When considering the security of this part of your network, you will want access to network forensics and investigations from the heart of the business.
Security within the enterprise portion of a CSP network should cover all communications – all applications and services hosted on your network or hosted externally on the Internet. Additionally, you will need perimeter protection for your corporate network to detect threats or volumetric DDoS attacks initiated from your subscribers or from the internet to your network.
Since network traffic doesn’t sleep, your defense can’t sleep either. Your security solutions should always be enabled, continuously monitor your control and user plane traffic, identify the services being used, and not only provide delivery assurance for those services, but also enable their security with early detection of threats for rapid mitigation.
Your solution should provide total network visibility to both your network operations and security operations teams. Security tools that use a common source of network-derived data will allow these teams to collaborate more effectively. Security and assurance tools that integrate with your existing security ecosystem will accelerate your return on investment (ROI). For example, can the network information collected by your tool be exported to your SIEM or SOAR platforms to increase your risk visualization? Can the tool be deployed in any type of network environment – on-premises, cloud or hybrid? If you don’t already have all three environments, you most likely will in the future, and your network security tools should be able to grow with your network.
The mobile edge of your network
Because ever-expanding and increasingly important mobile access edge computing (DUDE) in your network also communicate with the Internet, similar to your IP enterprise segment, so they are open to external threats and also require ongoing security and assurance monitoring. DDoS attacks are a major risk to service availability, and it is the area of your network that drives the service revenueso you need to know exactly What is happening here. Accurate threat detection and full or partial mitigation at the edge is a more agile strategy than collecting massive amounts of traffic across your entire network and forwarding it to a “cleaning center”. Moreover, the attenuation load can be spread over many devices.
So what are some of the things you want to look for in edge protection tools?
A stateless online security appliance deployed at the network perimeter can automatically detect and shut down inbound threats and outbound communications from compromised internal hosts, essentially acting as the first and last line of defense for organizations. Stateless packet processing technology may terminate TCP state exhaustion attacks that target and impact stateful devices such as next-generation firewalls (NGFW). If your device receives a continuous signal updated threat intelligence feed, it will be immediately ready for any new threat on the horizon. Can your edge protection work in conjunction with a washing center if it detects a large-scale DDoS attack that requires additional mitigation? This kind of hybrid DDoS Protection is an industry best practice. You will want to make sure that any edge protection tool you consider can integrate with your existing security stack and process.
If your network is very large and you have an experienced DDoS attack mitigation team, you might consider a tool that can enable a vigilante network by seeing a threat, analyzing it, and then giving instructions to the rest of the network on how to deal with the attack. An attack would then be mitigated in multiple layers across the entire network. As mitigation is distributed across the network, comprehensive reporting becomes increasingly granular and important.
Additionally, a solution that provides a network peering analysis can help determine what traffic can be shifted from expensive transit links to free peering or even generate revenue as a new customer. Again, this is an important consideration for ROI.
You can also consider a virtual fix that will allow you to take advantage of the agility and cost savings of Software Defined Networking (SDN) and Network Functions Virtualization (NFV) from your DDoS protection tools.
Finally, ask yourself if you want to build a DDoS service offer for your customers for additional revenue and ROI. Offering DDoS service to your customers can help them ensure the availability of their networks and applications. Look for a tool that can extend protection to your customer network and make your investment profitable.
The core and edge of your corporate network require special attention, and your solutions for their security must be:
- Always on
- Leverage smart data for end-to-end visibility
- Detect and mitigate threats at the edge
- Flexible and scalable, able to adapt to your current security ecosystem and grow with your network
- Offer a real return on investment
We can help you with everything this side.
Find out more about the tools for securing your mobile network:
Copyright © 2022 IDG Communications, Inc.