& cplSiteName &

Broad Threats Require Network-Based Security

Carol Wilson
12/22/2015
50%
50%

As last week's news clearly shows, there are constantly new threats to the telecom network and the technology on which it's built. The most serious of those seems to be the compromise of Juniper Networks' ScreenOS, but even as that was happening, there was also a massive cyberattack on a core part of the Internet infrastructure, its domain name servers (DNS).

In both cases, the vendor community reported the problem. Juniper Networks Inc. (NYSE: JNPR) alerted its customers and provided a patch, which it urgently requested its customers apply. Because ScreenOS is used to deliver secure VPNs, that particular hack is being investigated by multiple federal agencies and is suspected to be the work of a foreign government. (See FBI Investigating Juniper VPN Hack.)

The DNS attack's existence was made public by Nominum Inc. , which specializes in protection of Domain Name Servers. The vendor reported a 500% increase in the number of what are called random subdomain DNS attack queries, essentially designed to overwhelm critical servers by making them work harder, says Bruce VanNice, product manager. In making the attack public, the company also was able to highlight the fact that its ISP customers weren't being impacted because Nominum has automated the process of identifying the problem and shutting down the bad traffic without also blocking the legitimate traffic headed for the same servers.

The DNS attack could be the work of almost anyone and could be intended to disrupt Internet commerce at a peak moment, VanNice noted.

Network as protector
Both of these attacks only underscore what telecom service providers already know -- they are facing a growing and increasingly sophisticated set of threats from global players with varying motives that drive their remarkable innovation. That reality is driving an approach to security that is more comprehensive -- or as AT&T Inc. (NYSE: T)'s Chief Security Officer Ed Amoroso said last month, it's really all about architecture. (See Accedian Lands Global Deal at Telefónica .)

In his keynote at Light Reading's Carrier Network Security Strategies event, Amoroso said the fundamental architecture of network security has to change if network operators will be able to address the reality of today's threats. He also acknowledged the fact that "architecture" isn't sexy enough to attract venture capitalists and thus isn't on the road map of many security vendors. (See AT&T's Amoroso: Build Botnets of Security and AT&T's Amoroso: Taking Security to the Cloud.)

As Heavy Reading Chief Analyst Patrick Donegan notes, Amoroso's focus on architecture fits in nicely with his other emphasis on virtualization and distribution of the security features, so they are not all huddled behind a point-based solution or allegedly secured perimeter. Instead security is distributed along with content or other features that need to be secured. (See In Defense of the Security Team.)

What has emerged within telecom is a network-based approach that builds on analytics and other tools, including automation, as well as virtualization, to deliver the kind of security service enterprises are seeking, that is protection for threats before they hit the enterprise and the ability to anticipate problems, as well as react to them.

"We are seeing this pop up in some places, like Japan, where network operators are asking, 'How can I operate a safer network in general?'" says Sam Curry, chief technology and security officer of Arbor Networks "They are changing the notion of what telcos do for the wider community, in the sense of how to provide a safer network in general."

As a result, he says, network operators are looking for greater insight into their own network traffic, so they can become the primary point at which traffic is collected for examination and threat insights are detailed.

In some cases, they are using automated tools such as Nominum's, which responds to the DNS attacks by identifying the bad traffic and protecting the good traffic to mitigate the impact of the massive spikes, says VanNice.

But they are also going beyond individual tools. Verizon Communications Inc. (NYSE: VZ) has noted its growing customer expectations and one of its responses is to be more aggressive in going after the bad guys, says Dave Ostertag, chief investigations manager. "They are telling us very clearly that we expect you to do more outside our perimeter to protect us," he says. "We are having to invest heavily, we are having to expand those groups within Verizon that look to identify the criminal infrastructure, and we have people hunting for the bad guys -- working with federal law enforcement in a lot of different countries under the appropriate court orders to be able to go after that infrastructure and even be able to follow the net flow, the metadata on the net flow, to identify the different points."

Next page: Virtualization's Role

(2)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Lisa Ray
50%
50%
Lisa Ray,
User Rank: Light Beer
12/26/2017 | 1:44:47 AM
I agree with DHagar
Absolutely right!!! I appreciate your statement that the future architectures will be smarter and clever from today. 

Regards: cheap modafinil
DHagar
50%
50%
DHagar,
User Rank: Light Sabre
12/23/2015 | 1:51:37 PM
Re: Broad Threats Require Network-Based Security
Carol, excellent perspective and this truly makes sense.  Both the technical capabilities and the economies of scale are best served under a network base.

It appears increasingly, that the "glue" that makes things work and truly effective (i.e., virtualization, IoT, etc.) are new architectures that support networks and provide a platform to effectively deliver the value of the technology,  It appears to require new thinking.  I believe the future architectures will be very different from the current.
Featured Video
From The Founder
John Chambers is still as passionate about business and innovation as he ever was at Cisco, finds Steve Saunders.
Flash Poll
Upcoming Live Events
June 26, 2018, Nice, France
September 12, 2018, Los Angeles, CA
September 24-26, 2018, Westin Westminster, Denver
October 9, 2018, The Westin Times Square, New York
October 17, 2018, Chicago, Illinois
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
NFV Is Down but Not Out
Iain Morris, News Editor, 5/22/2018
Trump Denies ZTE Deal, Faces Senate Backlash
Dan Jones, Mobile Editor, 5/22/2018
What VeloCloud Cost VMware
Phil Harvey, US News Editor, 5/21/2018
5G in the USA: A Post-BCE Update
Dan Jones, Mobile Editor, 5/23/2018
Vanquished in Video, Verizon Admits OTT Defeat
Mari Silbey, Senior Editor, Cable/Video, 5/23/2018
Animals with Phones
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed