Intelligent CIO Africa Issue 43 | Page 69

t cht lk GTP firewall provides scalability and supports uninterrupted operations while protecting subscribers and the mobile core against GTP-based threats such as information leaks, malicious packet attacks, fraud and DDoS attacks through GTP interfaces in the access networks and GRX/IPX interconnect. 3. Network slicing – Intelligent Traffic Steering Network slicing will allow mobile operators to offer security and other capabilities tailored to each vertical application and to capture revenue from these diverse use cases, without losing the economies of scale of common infrastructure. Network slicing isolates each use case or service from one another so that the services can be independently deployed, managed securely, and delivered in a robust way. This solution identifies specific types of traffic by multiple criteria including radio access type, IP address, DNS address, device type, destination, subscriber ID and other parameters and then redirects these ‘slices’ of traffic to value-added service platforms, such as protection platforms for deeper threat analysis and scrubbing. This redirection can be based on either static policy or dynamic factors. This solution enables differentiated treatment to the developing 5G use cases, deepens the security posture and boosts revenue opportunity without adding unnecessary inspection load on the entire network. 4. Network Wide DDoS Detection and Mitigation System Mobile operators must maintain high network availability at all times. DDoS attacks target mobile networks and their subscribers with high volume message floods that overwhelm infrastructure and can cause service degradation and network outages. Now, targeted attacks can also come from any network peering point and include both volumetric and lower volume, sophisticated attacks against specific network elements or important applications of key enterprise customers. Over-provisioning of network elements to meet rising threat volume or simply blocking traffic during an attack increases costs and can result in service denial for critical traffic. Operators need a more cost-efficient and comprehensive approach that quickly detects and mitigates DDoS and infrastructure attacks across the entire mobile network without denying service to important traffic. Service providers can achieve full DDoS resilience and improve security by using a layered approach for detecting and mitigating attacks of all types and sizes before attackers take down their targets. 5. Secure, efficient MEC Multi-Access Edge Compute (MEC) architecture is often part of the 5G transition plan. In a MEC architecture, network traffic processing functions move from a centralised data centre or mobile core to a number of distribution points that are located closer to the user at the Edge. A distributed architecture with thousands of nodes increases management difficulty and requires a high level of automation and analytics for deployment, management and security and operational changes. We at A10 Networks offer a Thunder CFW solution that offers high performance, low latency in a software-based or hardware form factor for firewall, CGNAT and IPv6 migration, traffic steering and other functions. Many functions that may have been provided by single point appliances are combined into one appliance, virtual instance, bare metal or container. Cost-efficient, highperformance security is ensured without exceeding space and power limitations. Centralised management and analytics simplify operations for lower TCO. As we reach the halfway point of 2020, the A10 study indicates that major mobile carriers around the world are on track with their 5G plans, and more expect to begin commercial build-outs in the coming months. That means mobile operators globally need to proactively prepare for the demands of a new virtualised and secure 5G world. That means boosting security at key protection points like the mobile edge, deploying a cloud-native infrastructure, consolidating network functions, leveraging new CI/CD integrations and DevOps automation tools, and moving to an agile and hyperscale service-based architecture as much as possible. All these improvements will pay dividends immediately with existing networks and move carriers closer to their ultimate goals for broader 5G adoption. • “ WHILE THE REPORT SHOWS 5G ADOPTION IS SCALING RAPIDLY, ONE OF THE MAIN CONCERNS FROM THE REPORT WAS SURROUNDING CYBERSECURITY. INTELLIGENTCIO 69