Faster mobile data speeds have amplified security threats, but that has also heightened awareness of the problem among both service providers and customers. Robert Pizzari, senior director of service providers, Asia Pacific & Japan, at F5 Networks, explains how security will matter as a service differentiator
Security Insights: Security has always been an issue for service providers, but what new kinds of security threats or issues are they facing that they haven’t before?
Robert Pizzari: Considering how broadband and Internet traffic has grown ten-fold from the days of 2G/3G to today’s LTE speed, security has also inadvertently been amplified with resources available for DoS or DDoS attacks. While security threats have always been present, modern technology has actually made available more avenues of attacks and subsequently amplified related risks.
Fundamentally, there are three new kinds of security threats facing service providers today, starting with the removal of Gi Firewall. Service providers had security under control back in the days where 2G was used. However, in exchange for Internet speed, they had to remove the Gi Firewall and lost out in security in the process. Gi Firewall was mainly removed because firewall capacity was not built to handle the amount of traffic expected. This absence of Gi Firewall was critical as it not only caused a depletion of battery life for users, but also enabled DDoS.
Moreover, as dependency on DNS continues to grow, planned attacks to take the internet down have become more frequent. Without DNS, the internet does not exist since users are only able to recall URLs and not specific IP addresses. Fortunately, service providers have since became more aware of the importance of DNS security.
Lastly, service providers today are unable to differentiate the types of traffic in a network, especially when separating a real user’s request from a DDoS attack. One way to get around this is to build a security operations center (SOC), which helps in providing visibility over the kind of traffic that’s going through the network.
How well do they understand those issues? Is it a new variation on a familiar theme, or do they really have to take time to understand what they’re up against?
Yes, this is a new variation on a familiar theme - however, these issues have always been present. With the explosion of the internet, they have in fact become more visible. Nevertheless, a key challenge lies in the fact that service providers are unable to tell if the issues apply to them or if they are legitimate.
What does this mean from a competitive standpoint - can security be leveraged as a differentiator?
From a service provider’s standpoint, the implementation of regulations helps ensure that subscribers are more aware of the provider’s role in protecting them. Once subscribers gain confidence, they will be able to make a more informed choice in terms of selecting a network that is faster and more secure. This will in turn boost a service provider’s subscriber market share and adoption rates following the launch of new services, as well as ARPU.
Technology providers like F5 have the capability to sit in the middle of all traffic, a system that many service providers have adopted today. This enables companies to perform tasks such as consolidation, which reduces capex and opex, and traffic optimization, which provides subscribers with a better internet experience.
Additionally, F5 is also able to perform other security functions such as Gi and DNS Firewall, which addresses security problems faced by service providers.
What opportunities are there to leverage security capabilities as a service to customers?
With a secured network, service providers are enabled to launch new services that comply with latest regulatory requirements in the mobile payments and content provision spaces. At the same time, service providers are also able to demonstrate themselves as a secure and reliable organization capable of giving subscribers peace of mind. Ultimately, a higher quality of user experience will inadvertently create a knock-on effect on subscriber numbers.
This article first appeared on Telecom Asia Security Insights May 2015 edition