We are about to make the leap from being a planetary civilization that uses networks to one that runs on them in a fundamental and inextricable way.
Intelligent, ‘human-critical’ networks built on 5G technology stand to make every aspect of our lives smarter, safer and more sustainable. They will optimize transportation systems and make them more efficient. They will bring unprecedented access to healthcare services and unimaginable precision to medical procedures. They will transform industries and expand our collective capacity for innovation.
The more indispensable networks become, the more attackers will target them. Which means the next generation of networks has to be more secure than any that has come before. While security has historically been applied to network services, in the 5G era it will have to be built in from the very beginning.
Security has to keep up with network services
It’s not just that with 5G there will be more networks doing more complex things. It’s also that the services delivered over these networks will be different from the kinds of services we’re used to — meaning even the way service providers think about security will have to change.
Future networks will support “slicing,” a form of virtualization in which network resources can be shared with guaranteed quality of service (QoS) and isolation. Going forward, service providers will need to manage security features not only on a network basis but on a per-slice basis — with different per-slice security needs. The provision of end-to-end slices that terminate in private networks will increase the attack surface and, as a result, service providers’ security requirements.
Today’s network services are static and siloed. Once they’re designed, they don’t change, and they operate more or less in isolation from each other. 5G network services, on the other hand, will be incredibly dynamic, responding to evolving conditions in real time.
Imagine a remote worksite with autonomous vehicles transporting people or materials from place to place. Those vehicles need to be able to respond — very quickly — to shifting circumstances for safety and efficiency. Some of that will happen inside the vehicles themselves and some of it will happen in the network they are running on. The vehicles, their sensors and processors, the network and control mechanisms are all part of a single, end-to-end ecosystem. Any security approach has to extend across this entire ecosystem, too, and be every bit as flexible and adaptive as the services it’s protecting.
Analytics and automation are vital
So what does flexible, adaptive, end-to-end security look like in a 5G scenario — and how can service providers build it in from the start?
The first prerequisite is visibility from the device up through the network and into the cloud. Without the ability to collect, correlate and analyze data from end to end, security threats could easily be missed. In a way, with 5G the entire network becomes a “sensor”, drawing data from all the various systems and devices to provide a complete, comprehensive and real-time view for maximum security.
5G security operations also need to be predictive and automated:using machine learning, multidimensional analytics and threat intelligence to correlate data from multiple domains and sources, catch anomalies, provide contextual intelligence about threats, weigh business risks and recommend (or enact) mitigation steps.
Analytics are important because many threats are designed to stay undetected for as long as possible, under the radar of the network security operation center or hiding in the information noise of minor, relatively harmless attacks. Machine learning and artificial intelligence (AI) can discover these kinds of “lurking” malicious activities and trigger countermeasures.
Embedding security in the network
While firewalls and other defenses will still be important to help stop hackers before they access the network, attacks will inevitably get through. This is especially true in 5G because the network will not have conventional boundaries: it will be an open ecosystem in which all kinds of unmanaged third-party devices are connected.
Fortunately, strong security can be provided within the network to protect data and infrastructure. Integrated security workflow automation and orchestration key to this, transitioning from static defenses to agile, adaptive, accurate threat responses.
Ultimately, these security capabilities add up to a set of required applications: active monitoring and workflow orchestration, privileged access management and analytics of user behavior, certification and management of digital identities of network entities, machine learning of traffic patterns for threat detection, automated incident responses, and more.
Designing for security
Service providers want to engage the market and monetize the investments they’re making in their networks to deliver on the new 5G use cases. As they do, they will need end-to-end security performance — at scale, from the edge to the core — to defend against advanced, persistent threats.
The new 5G security approach integrates and automates 5G network security by treating the entire network as a sensor – data taken from existing systems is used to provide a much greater level of information.
For that, security has to be provided at four key layers:
At the base level, security must be in place for both the service network and the cloud infrastructure. Moving up the stack, the entire infrastructure — spanning software, virtual machines, hardware and devices — also needs to be “trustable”. Automated security management and orchestration provide frictionless security across all these dynamically changing elements, and all sensitive data must be secure, providing access control, privacy and regulatory compliance.
Finally, to proactively detect and respond to security threats, security-related intelligence has to be shared across all the parts of the network — among suppliers, partners and customers.
Nokia, for example, has built an integrated end-to-end 5G security portfolio that includes the full set of these layers and capabilities, combined with an advanced security testing and verification laboratory to address the critical security needs of 5G end-to-end (E2E) networks. The job of security teams in the 5G era will be to limit how and where hackers can attack networks and services, be more accurate in determining which threats are real and which can be ignored, and speed up mitigation when a defensive response is needed.