CAIRO, Egypt, 19th April, 2015: Service
Providers in Egypt today are putting a lot of investments into two technology
areas – Security and Cloud Computing.
Cherif Sleiman, General Manager, Middle East at Infoblox provides
his insights on the two areas that telecom service providers in the country
need to put solutions into place in order to ensure business continuity and
operational efficiencies.
The DNS Server- a Frequent Target of DoS and other
Attacks
On the security front, the bottom line is that attackers, in the era of the internet now called
cyber criminals, will always look at new ways to breach IT systems.
Unfortunately, even the most robust security technologies cannot guarantee 100%
protection. That being said, we've done a good job as an industry- we've
fortified the desktop with endpoint security solutions, then we moved to the
network and built our firewalls and intrusion prevention systems, and now as
the attack vectors have moved into the application layer, we've seen an
entirely new security industry emerge with web-application firewalls, next-generation
firewalls etc.
Recently, the
weak-point being exploited- independent of the region and the specific
technologies that have been deployed- has been the foundation of the internet
itself. And if we look at this foundation, we're talking about Domain Name
Service (DNS). DNS fundamentally allows people and organizations to
communicate, transact and conduct business in the most intuitive way possible.
Because of its critical role in establishing all forms of connectivity across
the internet, DNS traffic is always allowed to pass through firewalls. This has
not escaped the attention of criminal elements who increasingly are exploiting
the lack of defences for DNS infrastructure In the
past 18 months, DNS has become the latest target and has rapidly become one of
the most severe points of exposure in service provider networks. In mobile
networks, for example, DNS servers were identified as the #1 exposure in 2014. Beyond
simple and sophisticated denial of service attacks, various additional exploits
also target DNS, including cache poisioning (as in the recent case of the
Etisalat website hacking in the UAE), reflection and amplification attacks.
Internet
Services Providers (ISPs), mobile operators and cloud providers all rely
heavily on DNS, partly as an essential connectivity component and partly as a
service they offer their customers, either implicitly or explicitly. As a
result it is critical that service providers protect this vital asset – for the
sake of their reputations, as well as for the sake of their customers who rely
on stable, always-on internet connectivity.
Two critical
areas that require protection inside the provider’s network are authoritative
DNS servers and the DNS caching servers.
Authoritative DNS servers in various locations inside the provider’s
network provide the authoritative responses to DNS queries and connectivity
requests from their subscriber base. Authoritative servers enable web presence,
e-commerce functions, and location of multiple network components for mobile IP
connectivity, especially roaming and gateway location in LTE networks. The DNS
caching layer, which is key to establishing a rapid response to DNS queries –
and therefore key to acceptable response times – holds cached query responses
for commonly accessed websites and other URLs, all of which are critical to a
smooth Internet connectivity for customers.
There
is currently only ONE effective way to address these DNS threats – directly from
within the DNS servers themselves. DNS attacks cannot be handled by any of the
traditional security technologies including Firewalls, intrusion technologies,
etc. Purpose-built products that provide carrier-grade Advanced DNS
Protection (ADP) can address such attacks.
Importance of Cloud Network Automation for Private
Cloud, Hosting, and Managed Services at Service Providers
Service
providers in the country are under pressure to do two things – one is to
respond faster to market innovations and user demand and specifically around
differentiation. Today as we know the average revenue per subscriber from voice
is declining. So service providers have to rely on more innovative services in
the data space and bundling offers to be able to attract more subscribers. The
other area is the increased user demand for bandwidth and applications. This is
forcing SPs to upgrade their networks and data centers. With declining budgets
and margins, they have to do something different to maintain profitability and
cut costs.
Service
Providers have found Private Cloud to be the answer and are embarking on a
journey to centralize & consolidate services. They have begun to adopt
server virtualization and Network Functions Virtualization (NFV) technologies
to reduce footprint of their architectures & networks & then are tying
these into orchestration & cloud management platforms in order to bring
more agility and help them provide on-demand services.
However,
this transition throws up lots of challenges. NFV and virtualization are
disruptive technologies and organizations have to change the way they operate.
Visibility and manageability of the network is lost when Service Providers
adopt NFV technologies. In a traditional IT world there was a 1:1 mapping
between the service that you were using and the hardware it was running on.
Although it was not an efficient world, it was a simple world. You could point
to a router, or server, and you understood its IP address and location and you
managed that by logging into its management platform.
In
a world where you are virtualizing network functions and the functions
transition from the physical space to the virtual space the lines become
blurred and questions arise – Where are these functions? How do I track and
manage them? How do they get networked? So there has to be a re-tooling of the
organization and also the thought process.
The
journey to NFV, the cloud and SDN that service providers are undertaking is absolutely
necessary. At the same time a lot of the technologies that are taking service
providers on this journey leave so much to be desired in terms of providing control,
visibility & manageability of various network functions.
A
good Cloud Network Automation solution erases all of these challenges. A
solution that delivers critical network services for the cloud, including DNS,
DHCP, and IP address management. A highly automated cloud infrastructure
solution that provides greater visibility into virtual machines and tenants,
empowering administrators to get a real-time view into cloud resources as they
are provisioned and enabling service providers to roll out applications faster
without human latency and to deliver more reliable business services.
While
virtual servers can be spun up in seconds, with manual network support and
management processes it may still take days, or even weeks to assign IP
addresses to those servers. A Cloud Network Automation solution should include advanced
IP Address Management solutions that automate the high-volume provisioning and
reclamation of bulk IP addresses to and from VM-based server through seamless
and thorough integration with cloud management and orchestration platforms from
VMware, MSFT, Cisco Systems and others in addition to full support for Open
Stack.
