is SDN (Software Defined Networking) the next big thing in Network Security, or another headache and potential skills gap for the next generation of business networks?
Scanning the Internet for External Cloud Exposures via SSL Certs
Whitepaper - Software Defined Networking for the Telco Industry
1. SOFTWARE DEFINED NETWORKING
IN THE TELCO INDUSTRY
White paper
V1.0 - 11/10/2016
How could it improve cyber security?
What changes would it mean for network and telco employment?
2. Every year, maintaining the security of a network grows more and more
difficult. As networks become more complex (with more users, increased
traffic, a greater number of devices), threats to organisations are
becoming much more frequent, more targeted, and more sophisticated.
The telecoms industry is one which has been particularly fraught with an increasing volume of cyber
risks. According to research from the Ponemon Institute, in 2015 alone the industry lost around £6.3
million in cyber crime. What’s more, two of the UK’s largest telecommunications firms experienced
cyber attacks within a few weeks of one another.
In March 2016, a study from the Centre for Economic and Business Research (CEBR) was reported in the
Telegraph which surrounded the security of the telecoms industry. As part of the study, the economists
at the CEBR modelled how a real cyber-attack would affect a cross section of the British economy.
CYBER SECURITY IN TELCO
79%
..of security professionals working at enterprise
organisations claim that network security is more
difficult now than it was two years ago
3. In parallel with the growing threat of cyber security, Software Defined Networking (SDN) technology is
fast being adopted by telecoms carriers and service providers. This technology is key to scaling up the
network capacity and it's capability to fuel internet demands from the likes of:
cloud services
mobile-enabled services
live streaming
the internet of things.
The results of their research showed that the telecoms sector is highly vulnerable to attacks and breaches
due to the sensitive information held and the value of this data.
CYBER SECURITY IN TELCO
£52.5m
British companies hold approximately..
worth of sensitive information, including financial
details and intellectual property.
The Emergence of SDN
4. In addition to scale, SDN is being implemented for it’s potential to reduce capital expenditure and operational
expenditure for Tier 1 telecoms providers. What’s more, it increases flexibility and efficiency due to its ability
to ramp up or ramp down network services on demand.
CYBER SECURITY IN TELCO
When designing and implementing SDN services and solutions, telecom carriers now have a great cyber
security opportunity to centralise, automate and improve attack detection and mitigation.
By separating the control and data planes, SDN is not restricted by physical devices to control and
manage network traffic flows. As such, with no physical barriers, SDN controllers can monitor traffic,
detect threats, and mitigate attacks anywhere in the network with the use of a centralised
software-based network security solution.
Improving Cyber Security using SDN
SDN enables network management to be decoupled from the data flow and,
by centralising the control segments of the network, network traffic can be
monitored and directed from a central point using software. Furthermore,
standardised API’s in newer SDN controllers enable the network to respond
to user and application demands in a faster and more efficient way.
“The key [to SDN enabled cyber security] is to implement a network security
solution that can take advantage of SDN’s dynamic nature.”
- LOUIS SCIALABBA IN SDN, SERVICE PROVIDER
5. The network defence solution can take advantage of the programmability of SDN to improve cyber security
for the entire network with enhanced network agility.
An SDN network can also automatically respond to changes in network behaviour. SDN can make it easier to
collect network usage information, which could support improved algorithm design used to detect intrusions,
threats and attacks. A new generation of applications can harness better-informed SDN agents to improve
traffic anomaly detection and mitigation in networks, which may allow them to stop malicious intruders
before they enter the critical areas of the network.
According to Jennia Hizver, Consulting Practice Security Researcher and Consultant at AT&T, in her
article entitled “The security benefits of Software Defined Networking”, “the biggest benefit of
SDN-enabled security is that it presents an opportunity for intelligent response on a granular basis by
selectively blocking malicious traffic while still allowing normal traffic flows”.
Dave Shackleford of Voodoo Security states in his article “How SDN will enable automated network
security” that SDN promises centralised control and traffic management, which can result in automated
network security and security-defined network routing that could transform the way we secure the
network and the applications or data running across it. For example, SDN security applications are
capable of acting on any anomalies by diverting specific network flows to special security enforcement
points or security services (e.g. firewalls and intrusion detection/prevention systems), thus enabling
untoward events and threats to be monitored in highly dynamic IT environments, with the potential
for achieving greater network security visibility.
Moreover, with SDN, it is possible to define a virtual network architecture that closely maps the logical
architecture of an application, thus modelling all application items on a single private virtual network.
As such, the rules for appropriate and inappropriate communication among the parts in the system,
and the rules for the private network communication with the rest of the broader network systems
can be outlined clearly – which wasn’t possible with previous traditional network architectures
(Peter Christy, Research Director at 451 Research).
On the other side of the coin, there are also potential SDN-related security concerns which have been
discussed in the public domain. As with any new technologies introduced, further security measures -
policies, better authentication, authorisation and access procedures, etc. – needs to be implemented
to safeguard systems and data security in an SDN network deployment.
CYBER SECURITY IN TELCO
What the Experts are Saying
6. With all these exciting new potentials, how does SDN-enabled security transform future network and
telco roles?
According to Kelly Jackson Higgins, Executive Editor of DarkReading.com, traditional network security
roles will eventually operate using software-defined networking (SDN) and virtualisation skill sets. “It’s
a logical evolution: as the network and its services become more software-driven and virtualised, it
only makes sense that security would join the party” and “a new software-defined security model
also will require a cultural shift”.
Rather than security professionals updating each firewall separately, firewall rules could be pushed to
all devices via SDN “in a matter of seconds,” (Warren Wu, Senior Director of Products at Fortinet). Network
engineers will need to upskill and learn how to work with SDN controllers, and how to manage the
interaction with applications and orchestration systems that connect via APIs, as well as the security
control aspects that comes with it.
CYBER SECURITY IN TELCO
How does SDN-enabled security transform future network and telco roles?
7. Will roles such as “SDN/NFV Network Security Architects”, “SDN Protective
Monitoring Analysts” and/or “SDN Security Developer” roles start
dominating our IT Recruitment market?
At aap3, we believe that there will be a changing trend in the marketplace, away from Network and
Security engineers, with the traditional skills based on network hardware configuration. What's more,
there will be a requirement for a blend of skills that includes an understanding of coding and
development languages for software configuration. That’s not to say that these “traditional” skills will
become redundant, as they still form the core of networking and network security, but that a change
in skill set, or perhaps an entirely new job type, will be needed to cope with future technology demands.
For businesses, this might mean that they have to invest in external training for their existing staff, whilst
re-evaluating their skills requirements for new positions. A decision will have to be made between
upskilling existing employees, replacing with new skill sets, or potentially increasing the employee base
temporarily to bring these new skills into the business.
Alternatively, businesses can leverage external suppliers to provide technical resources to help them
bridge the gap between current and future technologies, providing professional contractors or managed
services resources to deliver upgrades and manage and maintain network infrastructure without the
need for potentially expensive in-house expertise.
SO WE’RE ASKING
CONTACT US TODAY: RECRUITMENT@AAP3.COM