One of the dominant trends of the last decade in the telco industry was network
function virtualization and cloudification, closely connected with 5G that came to
the spotlight just a bunch of years later. But in the last ten years, the broader ICT
industry has also witnessed the unstoppable growth of public cloud providers. The
first wave of telco workloads (e.g., functions of EPC, 5GC, IMS, and O-RAN) was
designed for the Telco Cloud, built on purpose infrastructure run by telecom
operators. Today, it seems natural that telco workloads can and will run more and
more in public clouds too.
There has been no shortage of edge computing activities during 2017, in both the telco and web-scale
domains. Several Tier One communication service providers (CSPs), including AT&T, China Mobile, and
Deutsche Telecom (DT), have announced that edge computing will be a key component of their future
network strategies and expect that several new use cases will be powered by edge servers. In the cloud
domain, Amazon, Facebook, and Google are pushing further toward the edge of their own networks, creating
more points of presence throughout the world. Amazon’s acquisition of Whole Foods in the United States
could also be interpreted as a first attempt to obtain real estate across the U.S. market that can be used
for Amazon’s edge servers. In fact, all major web-scale companies—Amazon, Google, and Microsoft—have
announced edge computing services that are driven by IoT use cases.
This document summarizes an e-book from a blog that provides strategic insights for telecommunications companies. It discusses the utility of software-defined networking (SDN) for telcos, how telcos can organize to offer new services and pursue growth, and the growth of SDN and network function virtualization in the telecommunications industry. The document outlines the business case and technical capabilities of SDN, as well as case studies of companies adopting SDN and market projections for SDN adoption and revenue. It also discusses how telcos can transform their business models and organizations, like IBM did, to focus more on new services.
This document discusses the need for telecommunications companies (telcos) to transform themselves into technology companies (techcos). It outlines three main drivers for this transformation: improving customer friendliness to meet rising consumer expectations set by internet companies, increasing innovativeness to compete with large global tech firms, and enhancing efficiency to become leaner. The document argues telcos must transform both their front-end digital experiences and back-end operations through automation in order to successfully make this transition and remain competitive. It examines different approaches telcos are taking to achieve IT transformations and the challenges they face.
Michael Dell predicts that by 2025, 75% of data will be processed outside traditional datacenters and clouds, pointing to huge growth in edge computing. Edge computing is being accelerated by advances in 5G technology and lower costs of intelligent devices. For edge computing to grow rapidly, various stakeholders like tower companies, network operators, manufacturers, and hyperscalers must collaborate and ensure technologies are integrated, consistent globally, and securely connect diverse edge devices using different protocols. Success at the edge will depend on 5G integration, open collaboration, global consistency, flexible connectivity, and strong security.
Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGenSecurityGen1
SecurityGen delves deep into the intricacies of 5G technology to uncover potential vulnerabilities that may compromise network security and data integrity. Our dedicated team of cybersecurity experts conducts rigorous assessments and threat analyses to identify and prioritize vulnerabilities across the 5G ecosystem. From protocol vulnerabilities to infrastructure weaknesses, SecurityGen offers comprehensive insights and solutions to address the diverse array of risks associated with 5G deployment.
Securing the 5G growth story with NFVi.pdfSecurity Gen
2020 became the year of 5G proliferation (as per Qualcomm study), while 2021 is
about a rapid 5G rollout, vertical expansion, and advancing 5G systems with new
capabilities. The same gets reflected in an August 2021 Gartner forecast that
estimates 5G coverage in tier-1 cities across the US by 2024 will be 60%, besides
predicting a revenue growth from $794 million to $1.6 billion in western Europe, by
the year-end.
Securing the 5G growth story with NFVi (1).pdfSecurity Gen
2020 became the year of 5G proliferation (as per Qualcomm study), while 2021 is
about a rapid 5G rollout, vertical expansion, and advancing 5G systems with new
capabilities. The same gets reflected in an August 2021 Gartner forecast that
estimates 5G coverage in tier-1 cities across the US by 2024 will be 60%, besides
predicting a revenue growth from $794 million to $1.6 billion in western Europe, by
the year-end.
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...SecurityGen1
Empower your defense against DDoS attacks with SecurityGen's comprehensive approach to prevention. Beyond merely blocking attacks, SecurityGen focuses on understanding the unique challenges your business faces. Our DDoS Attack Prevention goes beyond traditional measures, incorporating real-time threat intelligence and behavioral analysis. By choosing SecurityGen, businesses gain a holistic defense strategy that adapts to emerging threats. With SecurityGen's comprehensive approach, organizations can confidently navigate the digital landscape, knowing that their digital assets are protected against the evolving nature of DDoS attacks.
There has been no shortage of edge computing activities during 2017, in both the telco and web-scale
domains. Several Tier One communication service providers (CSPs), including AT&T, China Mobile, and
Deutsche Telecom (DT), have announced that edge computing will be a key component of their future
network strategies and expect that several new use cases will be powered by edge servers. In the cloud
domain, Amazon, Facebook, and Google are pushing further toward the edge of their own networks, creating
more points of presence throughout the world. Amazon’s acquisition of Whole Foods in the United States
could also be interpreted as a first attempt to obtain real estate across the U.S. market that can be used
for Amazon’s edge servers. In fact, all major web-scale companies—Amazon, Google, and Microsoft—have
announced edge computing services that are driven by IoT use cases.
This document summarizes an e-book from a blog that provides strategic insights for telecommunications companies. It discusses the utility of software-defined networking (SDN) for telcos, how telcos can organize to offer new services and pursue growth, and the growth of SDN and network function virtualization in the telecommunications industry. The document outlines the business case and technical capabilities of SDN, as well as case studies of companies adopting SDN and market projections for SDN adoption and revenue. It also discusses how telcos can transform their business models and organizations, like IBM did, to focus more on new services.
This document discusses the need for telecommunications companies (telcos) to transform themselves into technology companies (techcos). It outlines three main drivers for this transformation: improving customer friendliness to meet rising consumer expectations set by internet companies, increasing innovativeness to compete with large global tech firms, and enhancing efficiency to become leaner. The document argues telcos must transform both their front-end digital experiences and back-end operations through automation in order to successfully make this transition and remain competitive. It examines different approaches telcos are taking to achieve IT transformations and the challenges they face.
Michael Dell predicts that by 2025, 75% of data will be processed outside traditional datacenters and clouds, pointing to huge growth in edge computing. Edge computing is being accelerated by advances in 5G technology and lower costs of intelligent devices. For edge computing to grow rapidly, various stakeholders like tower companies, network operators, manufacturers, and hyperscalers must collaborate and ensure technologies are integrated, consistent globally, and securely connect diverse edge devices using different protocols. Success at the edge will depend on 5G integration, open collaboration, global consistency, flexible connectivity, and strong security.
Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGenSecurityGen1
SecurityGen delves deep into the intricacies of 5G technology to uncover potential vulnerabilities that may compromise network security and data integrity. Our dedicated team of cybersecurity experts conducts rigorous assessments and threat analyses to identify and prioritize vulnerabilities across the 5G ecosystem. From protocol vulnerabilities to infrastructure weaknesses, SecurityGen offers comprehensive insights and solutions to address the diverse array of risks associated with 5G deployment.
Securing the 5G growth story with NFVi.pdfSecurity Gen
2020 became the year of 5G proliferation (as per Qualcomm study), while 2021 is
about a rapid 5G rollout, vertical expansion, and advancing 5G systems with new
capabilities. The same gets reflected in an August 2021 Gartner forecast that
estimates 5G coverage in tier-1 cities across the US by 2024 will be 60%, besides
predicting a revenue growth from $794 million to $1.6 billion in western Europe, by
the year-end.
Securing the 5G growth story with NFVi (1).pdfSecurity Gen
2020 became the year of 5G proliferation (as per Qualcomm study), while 2021 is
about a rapid 5G rollout, vertical expansion, and advancing 5G systems with new
capabilities. The same gets reflected in an August 2021 Gartner forecast that
estimates 5G coverage in tier-1 cities across the US by 2024 will be 60%, besides
predicting a revenue growth from $794 million to $1.6 billion in western Europe, by
the year-end.
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...SecurityGen1
Empower your defense against DDoS attacks with SecurityGen's comprehensive approach to prevention. Beyond merely blocking attacks, SecurityGen focuses on understanding the unique challenges your business faces. Our DDoS Attack Prevention goes beyond traditional measures, incorporating real-time threat intelligence and behavioral analysis. By choosing SecurityGen, businesses gain a holistic defense strategy that adapts to emerging threats. With SecurityGen's comprehensive approach, organizations can confidently navigate the digital landscape, knowing that their digital assets are protected against the evolving nature of DDoS attacks.
Wi-Fi has been ubiquitous on Enterprise and Industrial environments. Fast evolution
a great promise in fact made some MNOs and Fixed Service Providers to build their
own “complementary” Wi-Fi networks, especially due to the high costs on 3G
deployment.
During the 4G rollout, technology evolution has tilted the scale back for MNOs, but
Wi-Fi was still the standard for enterprises. Enhanced-LTE and 5G are now
challenging this reality.
The specifications for reliability, high speed, low latency, high density, and powe
Wi-Fi has been ubiquitous on Enterprise and Industrial environments. Fast evolution
a great promise in fact made some MNOs and Fixed Service Providers to build their
own “complementary” Wi-Fi networks, especially due to the high costs on 3G
deployment.
During the 4G rollout, technology evolution has tilted the scale back for MNOs, but
Wi-Fi was still the standard for enterprises. Enhanced-LTE and 5G are now
challenging this reality.
The specifications for reliability, high speed, low latency, high density, and powe
According to a new Gartner report1, “Around 10% of enterprise-generated data is created and processed outside a traditional centralized data center or cloud. By 2022, Gartner predicts this
figure will reach 75%”. In addition to hosting new 5G era services, the other major network operator driver for edge compute and edge clouds is deploying virtualized network infrastructure, replacing many dedicated hardware-based elements with virtual network functions (VNFs) running on general purpose edge compute. Even portions of access networks are being virtualized, and many of these functions need to be deployed close to end users. The combination of these infrastructure and applications drivers is a major reason that so much of 5G era network transformation resolves around edge cloud distribution.
This document discusses two models for integrating cloud computing and telecom:
1) Creating a cloud using telecom equipment by pooling resources and virtualizing servers. This reduces costs but maintenance is complicated.
2) Using optimized cloud solutions with high-capacity telecom equipment from a single vendor. This provides high connectivity, security, and support but the operator relies on one vendor.
It also proposes running Asterisk IPPBX on the cloud, which offers a cost-effective way for businesses to gain voice and data convergence benefits while scaling easily. Running call centers and quality assurance testing for open source apps are also good cloud uses. Integration challenges include security, data laws across jurisdictions, and downtime impacts.
Container ecosystem based PaaS solution for Telco Cloud Analysis and ProposalKrishna-Kumar
This document discusses the growing adoption of container-based platforms as a service (PaaS) solutions in the telecommunications industry. It notes that traditional virtual machine-based network function virtualization and software defined networking solutions are facing scalability issues. Container technologies are poised to help telcos deploy network functions and applications more efficiently at scale. The document proposes a container-based telco app orchestration mechanism using Apache Mesos to deploy containers adhering to quality of service requirements. Overall, the shift to container-based approaches can help telcos overcome limitations of current virtualization methods and better optimize resource utilization.
White paper from Cohesive Networks - Enterprise Architecture Networking
How cloud service providers can use VNS3 and overlay networks to offer customer-focused security and control.
- Asia Pacific cloud market expected to grow 40% annually through 2014 reaching $5B as adoption increases
- Most operators' cloud role is unclear as they lack expertise in SLAs, storefronts, and IT solutions
- While cost is the main driver, reliability and agility are challenging for enterprises
- Scale is important for success and only global providers may achieve it
- IT competence, like industry solutions, is key as shown by large IT companies
- Lock-in is a concern for both public and private clouds, with Openstack a potential solution
- Korea Telecom is building its own cloud using Openstack on commodity hardware at a lower price than AWS, but still faces challenges with IT credibility.
Companies should
strive to incorporate more agility and SOFT in their
processes and IT systems, which will enable them to
respond faster to changes in customer requirements and
market conditions.
Exponential-e was founded in 2002 to provide network service excellence, customer service excellence, and applied innovation. Since 2006, their research has focused on a flexible "Smart Wires" network infrastructure that can accommodate emerging cloud technologies. Their Smart Wires network matured to support hundreds of customers leveraging their highly resilient network for business critical cloud services. Smart Wires provides a versatile solution that merges the traditional LAN-WAN-cloud perimeter and can seamlessly integrate private virtualized environments with public cloud resources.
The business alchemy of the IoT. The M2M/IoT community
is now carrying out a transformation, turning silicon, copper, rare earth elements and the airy ether of the radio spectrum into new products, services, business models and profits.
This document discusses the benefits and challenges of cloud computing for service providers and network vendors. It outlines that Ethernet has emerged as the primary network connectivity for cloud infrastructure due to its ability to support automation, programmability, interoperability and cost effectiveness. However, challenges remain around security, network provisioning speed, interoperability between on-premise and cloud networks, and lack of bandwidth guarantees. The document recommends that OpenCloud Connect explore initiatives to apply network virtualization, SDN and NFV technologies to carrier Ethernet networks to improve agility, programmability and elastic scaling of cloud services across distributed data centers.
The document summarizes the NetTop project, which aimed to allow commercial off-the-shelf (COTS) technology to be used safely in high assurance applications. The project developed an architecture using virtual machine monitors (VMMs) to encapsulate and constrain the end-user operating system. It identified the VMware virtualization product as suitable for this due to its efficient operation on x86 hardware. The initial capability developed was a secure remote access solution over the internet. The architecture suggests a near-term approach that can address user requirements like multi-network access and data transfer between isolated networks.
Network service providers—those with access networks like DSL, cable, or mobile—continue
to face a dual threat: rising operating expenses associated with explosive bandwidth growth
and declining revenues driven by commoditization. A true Telco cloud, featuring automation
and dynamic scalability, becomes a comprehensive delivery platform enabling network service
providers to offer differentiated services that solve their customer’s business demands.
This document discusses cloud computing and its opportunities for telecommunications companies. It provides an overview of cloud computing concepts and categories. It then discusses True IDC, a major cloud computing provider in Thailand, and how it offers infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). The document also outlines opportunities and challenges for telecommunications companies to leverage their network expertise and enterprise relationships to provide cloud services.
Microsoft Telecommunications Industry News | April 2021Rick Lievano
I’m amazed to see our tremendous growth in the industry in this quarter. There’s plenty to be optimistic
about. With COVID vaccines readily available to more and more people worldwide in the coming months,
we will hopefully begin transitioning back to the post-COVID landscape. I know I’m not alone when I say
that I can’t wait to get back into in person customer and partner meetings. We’re forging ahead with
getting customers ready for the new normal. Proud to see TIM Brazil to move 100% of their datacenters to
the cloud.
If one thing’s for sure, organizations in the telco space have transformed rapidly in this unprecedented
year. I’m excited to share The Network, Microsoft’s newest podcast series focused on digital resilience and
acceleration of technology for the telco industry, with stories from business leaders around the globe.
The digital transformation underway is accelerating, enabling new business opportunities both for telecom operators and for enterprises from other industries. The main drivers are the need for increased efficiency, flexibility and new business models enabled by the introduction of 5G and increased adoption of cloud technologies. New services can be expected to be deployed at an unprecedented pace.
Cloud computing refers to on-demand access to shared computing resources like networks, servers, storage, applications and services via the internet. It allows users to access software and store data on remote servers rather than locally on their own devices. Key benefits include lower costs, flexibility, scalability and reduced burden of hardware and software maintenance. Cloud services may be accessed from various devices via the internet or private networks. The computing resources are managed by the cloud service provider rather than the user.
The document discusses the issues of vendor lock-in with existing cloud computing services and proposes a "meta cloud" as a solution. Specifically:
- Companies are hesitant to fully adopt cloud services due to concerns about availability, data lock-in, and legal issues with existing cloud vendor offerings. Migrating between vendors is difficult due to technical incompatibilities.
- The proposed "meta cloud" would incorporate design-time and runtime components to abstract away technical differences between cloud vendors. This would mitigate vendor lock-in by making it easier for companies to find suitable cloud services and migrate applications between vendors.
- Key components of the meta cloud include standardized APIs, abstraction libraries, and tools that help with initial
5G technology enables three key services:
1) Enhanced mobile broadband provides high data transmission rates for streaming high-resolution video, augmented reality, and online gaming.
2) Ultra-reliable low latency communications meets exacting requirements for latency and reliability needed for applications like autonomous vehicles.
3) Massive machine-type communications supports connectivity for a very large number of devices that intermittently transmit small amounts of data, enabling growth in IoT.
Discussion paper: ”The coming obsolescence of the enterprise network” Ericsson
A new Ericsson discussion paper suggests the demand for accessibility and flexibility is changing enterprises attitude towards their networks, moving the focus from protecting the perimeter of the enterprise network to protecting the business-critical data and application environment. It opens up opportunities for telecom operators to provide as-a-service offering. Read the paper and talk to Ericsson to find more about, for example, how to address this transformation, what a winning strategy looks like for operators, what bundled offerings are like to gain most market traction.
Protect Your Network_ Invest in Telco Security Solutions TodaySecurity Gen
In an age where uninterrupted connectivity reigns supreme, the significance of telecom security monitoring cannot be overstressed. Acting as the backbone of our digital framework, telecommunications networks facilitate global communication, commerce, and collaboration. Nevertheless, with this connectivity comes the looming threat of cyber breaches that can disrupt services, compromise data integrity, and erode trust.
Unlock the Future: SecurityGen's 5G Standalone SolutionsSecurity Gen
Embrace the power of 5G standalone technology with SecurityGen's innovative solutions. Experience enhanced network performance, reliability, and security with SecurityGen's advanced 5G infrastructure
More Related Content
Similar to TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
Wi-Fi has been ubiquitous on Enterprise and Industrial environments. Fast evolution
a great promise in fact made some MNOs and Fixed Service Providers to build their
own “complementary” Wi-Fi networks, especially due to the high costs on 3G
deployment.
During the 4G rollout, technology evolution has tilted the scale back for MNOs, but
Wi-Fi was still the standard for enterprises. Enhanced-LTE and 5G are now
challenging this reality.
The specifications for reliability, high speed, low latency, high density, and powe
Wi-Fi has been ubiquitous on Enterprise and Industrial environments. Fast evolution
a great promise in fact made some MNOs and Fixed Service Providers to build their
own “complementary” Wi-Fi networks, especially due to the high costs on 3G
deployment.
During the 4G rollout, technology evolution has tilted the scale back for MNOs, but
Wi-Fi was still the standard for enterprises. Enhanced-LTE and 5G are now
challenging this reality.
The specifications for reliability, high speed, low latency, high density, and powe
According to a new Gartner report1, “Around 10% of enterprise-generated data is created and processed outside a traditional centralized data center or cloud. By 2022, Gartner predicts this
figure will reach 75%”. In addition to hosting new 5G era services, the other major network operator driver for edge compute and edge clouds is deploying virtualized network infrastructure, replacing many dedicated hardware-based elements with virtual network functions (VNFs) running on general purpose edge compute. Even portions of access networks are being virtualized, and many of these functions need to be deployed close to end users. The combination of these infrastructure and applications drivers is a major reason that so much of 5G era network transformation resolves around edge cloud distribution.
This document discusses two models for integrating cloud computing and telecom:
1) Creating a cloud using telecom equipment by pooling resources and virtualizing servers. This reduces costs but maintenance is complicated.
2) Using optimized cloud solutions with high-capacity telecom equipment from a single vendor. This provides high connectivity, security, and support but the operator relies on one vendor.
It also proposes running Asterisk IPPBX on the cloud, which offers a cost-effective way for businesses to gain voice and data convergence benefits while scaling easily. Running call centers and quality assurance testing for open source apps are also good cloud uses. Integration challenges include security, data laws across jurisdictions, and downtime impacts.
Container ecosystem based PaaS solution for Telco Cloud Analysis and ProposalKrishna-Kumar
This document discusses the growing adoption of container-based platforms as a service (PaaS) solutions in the telecommunications industry. It notes that traditional virtual machine-based network function virtualization and software defined networking solutions are facing scalability issues. Container technologies are poised to help telcos deploy network functions and applications more efficiently at scale. The document proposes a container-based telco app orchestration mechanism using Apache Mesos to deploy containers adhering to quality of service requirements. Overall, the shift to container-based approaches can help telcos overcome limitations of current virtualization methods and better optimize resource utilization.
White paper from Cohesive Networks - Enterprise Architecture Networking
How cloud service providers can use VNS3 and overlay networks to offer customer-focused security and control.
- Asia Pacific cloud market expected to grow 40% annually through 2014 reaching $5B as adoption increases
- Most operators' cloud role is unclear as they lack expertise in SLAs, storefronts, and IT solutions
- While cost is the main driver, reliability and agility are challenging for enterprises
- Scale is important for success and only global providers may achieve it
- IT competence, like industry solutions, is key as shown by large IT companies
- Lock-in is a concern for both public and private clouds, with Openstack a potential solution
- Korea Telecom is building its own cloud using Openstack on commodity hardware at a lower price than AWS, but still faces challenges with IT credibility.
Companies should
strive to incorporate more agility and SOFT in their
processes and IT systems, which will enable them to
respond faster to changes in customer requirements and
market conditions.
Exponential-e was founded in 2002 to provide network service excellence, customer service excellence, and applied innovation. Since 2006, their research has focused on a flexible "Smart Wires" network infrastructure that can accommodate emerging cloud technologies. Their Smart Wires network matured to support hundreds of customers leveraging their highly resilient network for business critical cloud services. Smart Wires provides a versatile solution that merges the traditional LAN-WAN-cloud perimeter and can seamlessly integrate private virtualized environments with public cloud resources.
The business alchemy of the IoT. The M2M/IoT community
is now carrying out a transformation, turning silicon, copper, rare earth elements and the airy ether of the radio spectrum into new products, services, business models and profits.
This document discusses the benefits and challenges of cloud computing for service providers and network vendors. It outlines that Ethernet has emerged as the primary network connectivity for cloud infrastructure due to its ability to support automation, programmability, interoperability and cost effectiveness. However, challenges remain around security, network provisioning speed, interoperability between on-premise and cloud networks, and lack of bandwidth guarantees. The document recommends that OpenCloud Connect explore initiatives to apply network virtualization, SDN and NFV technologies to carrier Ethernet networks to improve agility, programmability and elastic scaling of cloud services across distributed data centers.
The document summarizes the NetTop project, which aimed to allow commercial off-the-shelf (COTS) technology to be used safely in high assurance applications. The project developed an architecture using virtual machine monitors (VMMs) to encapsulate and constrain the end-user operating system. It identified the VMware virtualization product as suitable for this due to its efficient operation on x86 hardware. The initial capability developed was a secure remote access solution over the internet. The architecture suggests a near-term approach that can address user requirements like multi-network access and data transfer between isolated networks.
Network service providers—those with access networks like DSL, cable, or mobile—continue
to face a dual threat: rising operating expenses associated with explosive bandwidth growth
and declining revenues driven by commoditization. A true Telco cloud, featuring automation
and dynamic scalability, becomes a comprehensive delivery platform enabling network service
providers to offer differentiated services that solve their customer’s business demands.
This document discusses cloud computing and its opportunities for telecommunications companies. It provides an overview of cloud computing concepts and categories. It then discusses True IDC, a major cloud computing provider in Thailand, and how it offers infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). The document also outlines opportunities and challenges for telecommunications companies to leverage their network expertise and enterprise relationships to provide cloud services.
Microsoft Telecommunications Industry News | April 2021Rick Lievano
I’m amazed to see our tremendous growth in the industry in this quarter. There’s plenty to be optimistic
about. With COVID vaccines readily available to more and more people worldwide in the coming months,
we will hopefully begin transitioning back to the post-COVID landscape. I know I’m not alone when I say
that I can’t wait to get back into in person customer and partner meetings. We’re forging ahead with
getting customers ready for the new normal. Proud to see TIM Brazil to move 100% of their datacenters to
the cloud.
If one thing’s for sure, organizations in the telco space have transformed rapidly in this unprecedented
year. I’m excited to share The Network, Microsoft’s newest podcast series focused on digital resilience and
acceleration of technology for the telco industry, with stories from business leaders around the globe.
The digital transformation underway is accelerating, enabling new business opportunities both for telecom operators and for enterprises from other industries. The main drivers are the need for increased efficiency, flexibility and new business models enabled by the introduction of 5G and increased adoption of cloud technologies. New services can be expected to be deployed at an unprecedented pace.
Cloud computing refers to on-demand access to shared computing resources like networks, servers, storage, applications and services via the internet. It allows users to access software and store data on remote servers rather than locally on their own devices. Key benefits include lower costs, flexibility, scalability and reduced burden of hardware and software maintenance. Cloud services may be accessed from various devices via the internet or private networks. The computing resources are managed by the cloud service provider rather than the user.
The document discusses the issues of vendor lock-in with existing cloud computing services and proposes a "meta cloud" as a solution. Specifically:
- Companies are hesitant to fully adopt cloud services due to concerns about availability, data lock-in, and legal issues with existing cloud vendor offerings. Migrating between vendors is difficult due to technical incompatibilities.
- The proposed "meta cloud" would incorporate design-time and runtime components to abstract away technical differences between cloud vendors. This would mitigate vendor lock-in by making it easier for companies to find suitable cloud services and migrate applications between vendors.
- Key components of the meta cloud include standardized APIs, abstraction libraries, and tools that help with initial
5G technology enables three key services:
1) Enhanced mobile broadband provides high data transmission rates for streaming high-resolution video, augmented reality, and online gaming.
2) Ultra-reliable low latency communications meets exacting requirements for latency and reliability needed for applications like autonomous vehicles.
3) Massive machine-type communications supports connectivity for a very large number of devices that intermittently transmit small amounts of data, enabling growth in IoT.
Discussion paper: ”The coming obsolescence of the enterprise network” Ericsson
A new Ericsson discussion paper suggests the demand for accessibility and flexibility is changing enterprises attitude towards their networks, moving the focus from protecting the perimeter of the enterprise network to protecting the business-critical data and application environment. It opens up opportunities for telecom operators to provide as-a-service offering. Read the paper and talk to Ericsson to find more about, for example, how to address this transformation, what a winning strategy looks like for operators, what bundled offerings are like to gain most market traction.
Similar to TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM (20)
Protect Your Network_ Invest in Telco Security Solutions TodaySecurity Gen
In an age where uninterrupted connectivity reigns supreme, the significance of telecom security monitoring cannot be overstressed. Acting as the backbone of our digital framework, telecommunications networks facilitate global communication, commerce, and collaboration. Nevertheless, with this connectivity comes the looming threat of cyber breaches that can disrupt services, compromise data integrity, and erode trust.
Unlock the Future: SecurityGen's 5G Standalone SolutionsSecurity Gen
Embrace the power of 5G standalone technology with SecurityGen's innovative solutions. Experience enhanced network performance, reliability, and security with SecurityGen's advanced 5G infrastructure
Address 5G Vulnerabilities with SecurityGen's Expert SolutionSecurity Gen
Don't let 5G vulnerabilities compromise your network security. SecurityGen offers advanced solutions to mitigate and address 5G vulnerabilities, ensuring the integrity and reliability of your network infrastructure.
SecurityGen-IDS-enhance-your-signalling-security (1).pdfSecurity Gen
Protect your 5G Non-Standalone (NSA) deployment with SecurityGen's advanced signaling security solutions. Safeguard against cyber threats and ensure the integrity of your signaling protocols with our comprehensive suite of security measures.
SecurityGen: Your Trusted Partner for Unrivaled Telecom SecuritySecurity Gen
Elevate your telecommunications security with SecurityGen, the leader in cutting-edge network security solutions. Our state-of-the-art technology sets the standard for unparalleled protection, ensuring the integrity and reliability of your telecom infrastructure.
SecurityGen - Your Shield Against Cyber ThreatsSecurity Gen
Safeguard your digital assets with SecurityGen's state-of-the-art Intrusion Detection System (IDS). Detect and thwart potential cyber threats in real-time, ensuring the security and integrity of your network.
SecurityGen-VoLTE-article-What's-wrong-with-fast-VoLTE-deployments.pdfSecurity Gen
We have already published the conditions of VoLTE deployment (Volte roaming and the security
implications) in many Mobile Network Operators (MNOs) around the world. Now, we will showcase
examples of potentially risky misconfigurations.
This is because many VoLTE networks are launched with weak security setups. This oversight leaves them vulnerable
to hackers, who can penetrate the IMS network, engage in fraud, and disrupt service availability. What's more, as
VoLTE networks expand their reach for roaming, these vulnerabilities are no longer confined to one country but expose
VoLTE services at global scale.
Best 5G Security Solutions - SecurityGenSecurity Gen
The world is looking forward to the 5G age. A huge digital shift will shape our society, and MNOs are
working hard to make it happen. They are building completely new infrastructure, rethinking
traditional practices, and creating new business models to recoup all these expenses. New Service
offerings will be a key ROI strategy for telcos. Market leadership will depend on delivering diverse
and top-quality services in which security is a value-add.
Shield Your Network: Prevent DDoS Attacks with SecurityGenSecurity Gen
Is your network prepared to fend off DDoS attacks? SecurityGen, a trusted brand in cybersecurity, offers cutting-edge solutions for DDoS attack prevention, ensuring your network remains secure and accessible.
Reading through “What is New Mobile Network Vulnerabilities Affect All Cellular
Generations since 2G” by Ravie Lakshmanan, it reminds us of the old fashion of
vulnerability called Fake-BTS, or more well-known as Rogue-BTS or IMSI-Catcher.
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...Security Gen
The rapid evolution of mobile technologies has revolutionized our daily lives, making
mobile networks an essential part of modern society. However, as mobile networks
continue to advance, they have also become prime targets for malicious actors
seeking to exploit vulnerabilities for their malicious purposes.
SecurityGen-Cybersecurity-perspective-on-mwc-themes.pdfSecurity Gen
The document discusses several key themes from MWC 2023, including the growth of 5G networks, private cellular networks, and the impact of AI on telecommunications. From a cybersecurity perspective, the openness of 5G architectures introduces challenges but can also make networks stronger if vulnerabilities are addressed. Private networks are not inherently more or less secure than public networks. AI may help with threat detection but also increases complexity, so its impact on security could be both positive and negative. Open RAN can potentially be as secure as traditional RAN with the right security practices and controls in place.
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOMSecurity Gen
At the beginning of the Cloud era, Telcos explored the possibility to reap fruits from this
new business opportunity selling directly to customers their own cloud services.
SecurityGen 5G Cyber-security Lab - A holistic 5G view for building a safe & ...Security Gen
While the 5G developments are making rapid strides, the new technologies and virtualised
cloud-based networks are also bringing new challenges. How do you ensure secure
transformation if MNOs need to get to market quicker and provide a fast and best customer
experience? The answer is fairly simple: You must test and validate solutions to ensure a safe
and secure rollout of 5G use cases
Telecom networks have witnessed a rapid digital transformation in recent times. In addition to
the introduction of Virtualization, Cloud, Artificial Intelligence, Internet of Things, and
disaggregation, efforts are underway to implement 5G networks while ensuring continued
compatibility with 2G, 3G, and even 4G/LTE networks
The document summarizes SecurityGen's 5G Security Program, which helps mobile network operators (MNOs) build secure 5G infrastructure. The program provides an evaluation of security threats to MNOs' 5G networks, recommendations for ongoing security strategy, guidance to remediate vulnerabilities, and verification of compliance. It performs end-to-end security assessments of the 5G SA/NSA core, telco cloud, integrations, fraud risks, operations resilience, and applications. The program involves an initial interview, establishing the project scope and timeline, active security testing and analysis, and a final report and action plan.
The world is looking forward to the 5G age. A huge digital shift will shape our society, and MNOs are
working hard to make it happen. They are building completely new infrastructure, rethinking
traditional practices, and creating new business models to recoup all these expenses. New Service
offerings will be a key ROI strategy for telcos. Market leadership will depend on delivering diverse
and top-quality services in which security is a value-add.
IDS: INTRUSION DETECTION SYSTEM PLATFORMSecurity Gen
In a digital world driven by critical infrastructure and sensitive data, telcos run the clear and present
risk of being caught in the crosshairs of cyberattacks.
Extensive research carried out by our teams has revealed that all legacy networks --2G, 3G, 4G-LTE
– and even 5G are easily exploitable, given that flaws in signaling protocols—SS7 and Diameter —
can allow an attacker to compromise subscriber privacy, intercept calls, track subscriber locations,
carry out fraud, and cause a denial of service. More shocking still is the fact that such tools are no
longer preserve of just nation-state intelligence services, but available to even low-skilled hackers.
However, this massively connected environment created by 5G and edge-based
computing presents a new and highly vulnerable threat landscape with potentially more
significant security risks to consider as cloud, data and IoT threats merge. Adversaries will
be able to spread malware via IoT networks, disrupt core functions and use routers as IoT
botnets to launch DDoS attacks. In this scenario, protecting the legacy LTE network will be
as crucial as the standalone 5G networks – as while a few 5G networks will be built from
scratch; most will need to integrate and interoperate with existing technologies and
infrastructure. All this means that traditional, rule-based security systems will no longer be
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...alexjohnson7307
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3Data Hops
Free A4 downloadable and printable Cyber Security, Social Engineering Safety and security Training Posters . Promote security awareness in the home or workplace. Lock them Out From training providers datahops.com
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
1. One of the dominant trends of the last decade in the telco industry was network
function virtualization and cloudification, closely connected with 5G that came to
the spotlight just a bunch of years later. But in the last ten years, the broader ICT
industry has also witnessed the unstoppable growth of public cloud providers. The
first wave of telco workloads (e.g., functions of EPC, 5GC, IMS, and O-RAN) was
designed for the Telco Cloud, built on purpose infrastructure run by telecom
operators. Today, it seems natural that telco workloads can and will run more and
more in public clouds too.
Is security entirely under control in this landscape? Do best practices of the IT and
cloud industries offer full coverage for troubles a telco workload can meet?
TELCO WORKLOADS IN
HYPERSCALER CLOUDS
SECURITY IN THE 5G
CONTROL ROOM
2. secgen.com
1. Telcos and Hyperscalers: still different but closer and
closer
At the beginning of the Cloud era, Telcos explored the possibility to reap fruits from this
new business opportunity selling directly to customers their own cloud services. More
than a decade of experience taught us that this industry is nowadays characterized by
a sharp border between the role of the Telcos and the role of the Hyperscalers,
companies who made it grow until a nearly unreachable level of economy of scale in
the deployment of worldwide spread data centers. Of course, I am talking about the
usual suspects, Amazon Web Services, Google Cloud Platform, and Microsoft Azure,
even if we must not forget about a player like Alibaba, with a dominant role in the
Chinese market. Telcos tried hard to turn their expertise in homegrown data centers
into a business, and there is still a bunch of Telco Public Clouds out there, but it is today
clear that taking the role of an Hyperscalers is impossible for a Telco.
Someone might object that borders between Telcos and Hyperscalers are not sharp
anymore, but actually blurred today and doomed to be more and more so in the
future. Sure! Already with CDNs, Telcos understood that their proximity to users is an
asset, but this use case is not enough to justify the strong tide pushing Telcos and
Hyperscalers to cooperate. Only with Multi-access/Mobile Edge Computing and the
promised land of 5G use cases in mind one can figure out why the industry is in such
turmoil.
2. Telcos’ enterprise IT side: the paved road to
Hyperscaler clouds
A telecommunication company, seen as a private technology-driven enterprise, has
many IT needs addressable with tools available at Hyperscalers.
The first and the most obvious is the wide variety of computing and storage models
(technical and commercial), sweeping away the following Telcos’ headaches related
to hw:
• Fast obsolescence cycles (much work for procurement);
• Need for flexibility against highly unstable workloads (planning is complex);
• Bottom position in the value chain (applications are the real moneymakers).
3. secgen.com
And while Telcos initially approached Hyperscalers for very limited
infrastructure-procurement-related issues (e.g., finding resources for test
environments), the general consensus is now achieved on the many business and
technology use cases a Telco could transfer partially or totally to a Public Cloud. A
partial list includes:
• Digital channels, commerce, and customer experience platforms;
• Business processes and Digital BSS;
• A lot around billing;
• Operation processes and Digital OSS;
• Analytics (all sort, for CRM, for predictive maintenance, anti-fraud, etc.);
• Machine-learning tasks (especially the training bit).
3. Telcos’ specials
What is left then at the very heart of a Telco? What peculiarities make the Telco industry
unique for an Hyperscaler, compared to a generic large enterprise customer? We
need to consider at least two crucial aspects.
First of all, access and proximity to customers. The access networks coupled with many
points of presence, from towers to metro and regional Central Offices, are a crucial
asset for the successful implementation of the most demanding 5G use cases, based
on ultra-low latency, often coupled with large bandwidth. All Hyperscalers claim to be
getting closer and closer to the network edge, where the Telcos’ IP pipe terminates,
either spreading their own DCs’ geographical footprint and/or directly partnering with
Telcos to build MEC DCs at Telco's locations (examples are AWS Outpost and
Wavelength, Azure Edge Zones, Google Distributed Cloud). Simplifying the picture, in this
marriage, the Telco brings the IP pipe and the sites, the Hyperscaler its ability to build a
Data Center infrastructure, its ecosystem of apps, and the capacity for orchestrating
and moving workloads around.
The second aspect, access and core networks, respectively the entry and the control
point of the IP pipe, are primarily in the hands of Telcos: do not be surprised to find
access networks there, just think about the Open RAN wave. Access and core networks
are made of telco workloads, and here we get to the point: with a foot at the network
edge, an Hyperscaler can propose a telecom operator to take the infrastructural
burden of all telecom workloads, also of the most demanding user-plane ones.
4. secgen.com
4. Building telco workloads
Which options do Hyperscalers have to approach the network function side of the
story?
1. Propose their own stack
The hyperscaler can propose its own product, self-developed or put together with
some partners, to the market. This approach seems to be appealing for private 5G
networks (see AWS Private 5G). In this case, the Hyperscaler becomes a direct
competitor of telecom operators. National spectrum licensing regulations are, of
course, a pre-requisite for this model.
2. Acquire a vendor and add it to their portfolio
The Affirmed and Metaswitch cases. For example, a light MVNO could directly think
about buying core network functions as cloud services without building a physical
on-prem core network.
3. Invite major technology vendors to certify deployments on their stack
This approach makes much practical sense. Most of the prominent technology
vendors are simply too experienced and have too much influence and footprint in the
industry to think you can avoid them. But these same players understand that their final
customers, the Telcos, won't let them play alone in Telco Cloud silos forever. In this case,
the technology vendor will leverage at least IaaS and CaaS services (VM and container
services) provided by the Hyperscaler and let the telecom operator be free to choose
a Hyperscaler as a partner.
4. Invite technology vendors to develop network functions with Hyperscalers’ tools
Beyond IaaS and CaaS, load balancers and a large variety of DB types are already
what is needed for a 3-layer decomposition (load-balancing, signaling front-end,
context, and stable data back-end DB) of network functions. A more profound
decomposition into microservices can be supported by service mesh frameworks
(GCP Anthos Service Mesh, AWS App Mesh), message queuing, and API management
services. A countless number of other solutions are available for other ancillary but
critical functions, like observability, configuration automation, CI/CD processes, etc.
Though really fascinating, it is too early to bet on the success of such an approach:
massive vendors prefer to have complete control on the internal sw architectures of
their network functions, for performance and assurance reasons at least.
5. secgen.com
5. Security of Telco workloads
Whatever the approach to telco workloads is, security becomes a shared responsibility
in case of deployment at an Hyperscaler cloud. The Hyperscaler will do its best to
ensure that the cloud itself is safe, together with all the tools in its portfolio; the telco
workload’s and the network function's security is instead the final concern of both the
technology provider and of the telecom operator. The literature about best practices
for cloud security is enormous. Nevertheless, a few principles stand out:
• Trust no one/nothing;
• Use as much automation as you can;
• Audit/analyze/inspect what you do.
The “trust no one/nothing” is enforced, for example, with a strong identity and access
management, encryption of communications (TLS) and data (at rest and in transit),
and also with traditional network and application-level tools (network segmentation, IP
firewalls, WAF, etc.). Sometimes, these techniques can be pushed inside the service
mesh implementation, e.g., see some of the Istio features.
Automation must back all inspection tools used to verify the correct implementation of
security measures at all levels, from VM images to complex as-code templates.
Regular audits, log analyses, and inspections help highlight threat exposures and gaps
in the security posture. On one side, you need to see your environment with the eyes of
a hacker, performing audits aiming at breaching through defenses. On the other, you
need full traceability of events and advanced analytic tools to spot in real-time if
attacks are occurring.
Behind the principles, there is a large variety of products, sometimes similar at all
Hyperscalers, occasionally peculiar, to cover several mentioned areas of concern.
But the reader must consider two issues.
First of all, just recalling the previous chapter and the different styles of telco workload
implementations, we need to consider that actual security controls could be highly
vendor-specific, especially in the case of closed products like in approach 3. In this
case, it is difficult for the final bearer of a security concern, the telco operator, to be
100% sure about security measures adopted by the technology vendor in the product
design and deployment phases.
6. In addition, in a theoretical multi-cloud perspective, adopted to avoid single points of
failure or Hyperscaler lock-in, one must consider that not all security tools are identical
and seamless portability of a security framework from one Hyperscaler to another one
is difficult. A technology vendor or an operator can use the best security features of
each Hyperscaler, aiming at a coherent multi-cloud deployment, but 100% feature
parity could be impossible.
Last but not least, though flexible and rich in features, the security products provided by
Hyperscalers do not cover all the needs of telco workloads natively. In particular, they
are not tuned for protecting the essence of 5G networks' control plane and the Service
Based Interface over which network functions communicate, nor for protecting the
legacy signaling networks. However, the responsibility for this component of the telco
stack lies today entirely on the operators and not on the Hyperscalers.
SecurityGen mission is to shield the core of networks enabling the digital
transformation of our society, and all the considerations above forced us to complete
the stack of security tools and measures for 5G and legacy core networks with ad-hoc
instruments.
secgen.com
6. SecurityGen vision for Telco workloads at
Hyperscaler clouds
SecurityGen introduces ACE, the Artificial Cybersecurity Expert, and TSG, the Telecom
Security Guard.
ACE addresses the inspection/audit and automation pillars of optimal Cloud security.
ACE is a highly automated auditing tool for the 2G-5G control plane. ACE allows to
define rich textbooks covering all possible cybersecurity threats affecting signaling
networks: DoS against nodes and subscribers, frauds, disclosure of information, etc. Its
power lies in two fundamental design values.
7. secgen.com
• Huge DB of inspection methods to test the security posture of the signaling networks.
The DB allows to flexibly mount all types of attacks to 2G-5G core networks and check
the networks’ behavior.
• Automation framework, enabling to launch audit campaigns even several times per
day without human intervention, thus freeing the operator from the burden of
synchronizing network changes (sw releases, microservice components, topology,
roaming partners) with inspection campaigns. With no human effort, you can ensure
that any change in the network does not affect the robustness of the 2G-5G signaling
core. Final reports of each test run are generated automatically and become readily
available for security teams.
TSG is a robust combined Intrusion Detection (ID) and Intrusion Protection/Firewall (IP)
System that embodies the principle of zero trust, inspection/audit/analysis, and
automation too.
• Zero trust must also be reserved for protection measures and not only deployed in
terms of identity and integrity of communications. Firewalls and border protection
measures at STPs/DEAs/SEPPs are essential. Nevertheless, SecurityGen experience
teaches that you cannot trust 100% these tools: border protection measures can be
evaded by appropriately crafted messages. The TSG IDS component provides
powerful analytics on all border signaling messages: no explicit attacks or potential
threats can escape its lens, sharpened by a huge DB of attack signatures covering all
mobile generations. Critical issues requiring immediate attention from security teams
can be flagged in several ways and reported to SIEM.
• The TSG IPS is also a signaling recorder, storing signaling in its disks for months and
allowing post-incident analysis or simply event analysis to improve the core network
security posture.
• The highly integrated nature of the TSG IDS and TSG IPS components enables the
one-click creation of IPS/FW rules from situations identified by the IDS. No complicated
manual transfer, but instead simple, automated, and most of all error-free
improvement of the behavior of the active FW protection.
With ACE and TSG, you can be sure that your network is 360-degree protected against
attacks based on the use of SS7, Diameter, GTP, HTTP/2, and PFCP protocols, without
adding any extra burden on security teams.
8. secgen.com
Reference:
Towards a theory of ecosystems - London Business School 2018 - Michael
G. Jacobides | Carmelo Cennamo | Annabelle Gawer
1.
ENISA Documentation https://www.enisa.europa.eu/publications/enisa-
threatlandscape-report-for-5g-networks/
CISA Documentation https://www.cisa.gov/publication/5g-strategy
3GPP on virtualization impacts: 3GPP TR 33.848
2.
3.
4.
UK | Italy | Czech Republic | Brazil | Mexico
India | South Korea | Japan | Malaysia | UAE
Email: contact@secgen.com
Website: www.secgen.com
Founded in 2022, SecurityGen is a global
start-up focused on telecom security.
We deliver a solid security foundation to
drive secure telecom digital
transformations and ensure next-gen
enterprise intelligent connectivity.
About SecurityGen Connect With Us