CAIRO, Egypt, 14th August, 2015:
Telco Operators and Service providers in Egypt are under pressure to do
two things – one is to respond faster to market innovations and user
demand and specifically around differentiation. Today as we know the
average revenue per subscriber from voice is declining. So service
providers have to rely on more innovative services in the data space and
bundling offers to be able to attract more subscribers. The other area
is the increased user demand for bandwidth and applications. This is
forcing SPs to upgrade their networks and data centers. With declining
budgets and margins, they have to do something different to maintain
profitability and cut costs. They are finding Private Cloud and Software
Defined Networks (SDN) to be the answer and are embarking on a journey
to centralize & consolidate services. They have begun to adopt
server virtualization, SDN and Network Functions Virtualization (NFV)
technologies to reduce footprint of their architectures & networks
One of the major
advantages of deploying SDN is that the management of all systems within
the network has a centralised controller. This single plane of control
acts as a decision point for the whole network as access can be granted
to all equipment in the network, easing and speeding up the management
process.
Yarob Sakhnini,
regional director, MEMA at Brocade says that by centralising the control
however, you also create a significant target for any malicious
activity. For telecoms operators, making sure that this central
controller plane isn’t comprised therefore needs to be a top priority.
Without sufficient protection, the controllers could be compromised
which would pose a significant threat to the network and the data being
interacted with it.
Secondly, SDN poses
challenge in terms of the roots of trust (RoT) that are used to validate
control signals within the network. In a traditional infrastructure, it
is possible to manage this verification process by locking software to
specific pieces of hardware. With SDN this simply doesn’t work and it
therefore raises a question of how to manage the roots of trust. The
processes for this are still in development and it is likely to require
collaboration from across the industry in order to agree on an
appropriate mechanism.
Safeguarding customer data and applications with the Advent of Cloud
In a traditional
network environment, internal data was protected by firewalls and
security breaches were, relatively speaking, easy to identify. However,
in a hybrid or cloud environment, potential threats and rising issues
become much less visible.
The onus falls very
much on the service providers to make sure they have rigorous processes
and robust technologies in place to safeguard their customers’ data and
application. Telecoms companies should therefore be building security
measures into every layer of the network. Analytics is particularly
important here. Operators should be automatically identifying any
traffic abnormalities. Deviation from normal activity, such as
peak-flows and behavioural changes, can often be a good indicator that
there is an attack on the application layer or a break into the network.
Again, cross-industry
collaboration will be very important here. Telecoms companies should be
sharing data about threats they have encountered and new approaches to
dealing with them. This pooling of knowledge will help the industry to
adapt to emerging threats much faster, which is essential to protecting
customers.
Industry Collaboration – Putting a Security Framework in place
Ultimately, the move
towards SDN will result in significant security advantages for telecoms
firms and their customers. SDN makes it possible to create very granular
virtual networks and very secure multi-tenant environments. This is
highly desirable from a security standpoint since it means that any
malicious entity entering the network will only be able to access very
limited internal resources.
However, there is no
doubt that progress needs to be made in order for this to become a
reality. Industry collaboration is absolutely essential in order to
create workable roots of trust that are standardised and reliable. It
would be great to see the industry working together across all levels to
make sure that a robust, consistent security framework is put in place.
