The rising need to implement distributed clouds, IoT and 5G is accompanied by security concerns over scalability and unified management.
Asia-Pacific (APAC) service providers (SPs) are especially concerned over their security infrastructure as they increasingly embrace adoption of new technologies, such as distributed clouds, the Internet of Things (IoT) and 5G. This is what a report from Juniper Networks and Ovum Research released earlier has found.
The report polled 51 IT decision makers from SPs across APAC, including in Singapore, China, Australia, Japan, Korea and India. Data from this research was used together with data from an international survey of 100 decision makers from SPs globally, conducted by Heavy Reading.
The report’s findings revealed that only one quarter of SPs surveyed are very satisfied with their existing security infrastructure, with the majority planning heavy investment into security over the next two years.
Rapidly growing adoption of new technologies, including distributed clouds, IoT and 5G, has introduced additional security susceptibilities, forcing SPs to scale up and scale out their security infrastructure to remain relevant and secure.
However, APAC SPs generally still feel they have some catching up to do in terms of security readiness, with overall findings from the region-wide survey revealing significant concerns:
• Only 29% are very satisfied with their current firewall
• 65% will upgrade their firewall within the next year
• 61% plan to increase spending on firewall product and services over the next two years
Almost all (96 percent) of the APAC SPs surveyed plan to use 5G technology and close to three-quarters expect to do so in the next two years. For security needs, the top three areas of focus were: More intrusion detection solutions (88%), upgrading security gateway, GI-firewall and roaming firewall (86%) and greater cloud security (84%). SPs are investing across multiple solutions in order to address these new cybersecurity challenges created by distributed clouds, IoT and 5G.
At present, the security systems of APAC SPs are usually well-equipped to handle known threats and comparatively small DDoS attacks. However, looking ahead, the report indicates there will be a need to pair the improved solutions mentioned alongside artificial intelligence and machine learning to better address much larger DDoS and sophisticated attacks while minimizing service disruption.
Areas of concern highlighted
The complex, new security challenges brought about by distributed cloud, IoT and 5G SPs are developing distributed cloud architectures ahead of 5G deployments, with only 6% indicating they have no plans to deploy a distributed cloud to offer IoT-ready services. In developing this area, security is always a top concern. The top three perceived challenges to IoT adoption are data/network security (32), business process integration (28%) and ongoing costs (28%).
This comes as no surprise, as distributed clouds and IoT implementations significantly increase the attack surface available to malicious actors. IoT devices serve as an entry point for a network and are increasingly being used to launch Distributed Denial of Service (DDoS) attacks. This will require SPs to filter traffic on a much larger scale and will necessitate greater automation, intelligence and machine learning capabilities for improved security postures and policies.
There is an expectation that 5G technology will also allow mobile SPs to partition their network resources to address a diverse set of use cases with differing performance and functional requirements. This 5G-enabled provision of multiple use cases or network slices will require varying security protocol choices and policy implementation, further compounding the security concerns already predicted to arise from distributed clouds and IoT.
Priority areas to consider
Going forward, in terms of recommended risk mitigation investment, the report points to priorities that include improved intrusion detection, cloud security and upgraded firewalls, as well as architecture that allows for a unified view of security tools and networks.
According to the report, new architectures need to be adopted with security postures that are sufficiently agile to change alongside evolving requirements and without becoming a bottleneck to networking performance. This means scaling up to handle increased capacity, and also scaling out to accommodate fast increasing volumes of IoT endpoints and increased signaling and session demands of edge distribution.
Said Ang Thiam Guan, VP & GM, APAC, Juniper Networks: “Service providers are rapidly moving to the cloud and adopting new technologies, such as IoT and 5G (which are) heavily dependent on the network, and enterprises are increasing spending on security to protect new and existing infrastructure. As this transformation occurs, we need to encourage a more all-encompassing view of security, rather than focus on the perimeter. The network itself should be seen as the first line of defense, especially as the scale, demands and usage patterns on infrastructure continue to evolve and grow.”
According to the research, up to 50% of APAC SPs manage between 11 and more than 50 security tools within their company’s infrastructure. The application of security policy changes in a multi-dashboard environment itself can present a security threat, as cybersecurity staffs are faced with the challenge of monitoring multiple consoles and having to cross-reference between disparate screens and information formats.
Looking ahead, the recommended priority would be the provision for a unified view of the evolving networks and the centralization of security alerts. A unified security management system that manages and provides a unified view of both physical and virtual domains can address the challenging task of enabling SPs to further secure their networks.