YOU ARE AT:FundamentalsHow to protect NFV and SDN from cyber attacks

How to protect NFV and SDN from cyber attacks

The challenge of NFV and SDN security vulnerabilities

Telecommunication operators are gung-ho about network functions virtualization (NFV) and software-defined networking (SDN). The former involves decoupling software from hardware, whereas the latter involves a central control plane that manages network behavior. Although both technologies provide several advantages for network providers, they are not immune to security vulnerabilities. Here are some handy tips on how to safeguard NFV and SDN from cyber attacks.

Categorize what needs to be secured

The NFV platform serves as the bedrock of a virtualized network. Protection against cyber attacks can be achieved by categorizing what within the network needs to be secured. These include physical cloud nodes for storage and networking, management systems like orchestration and API access, as well as connectivity. A single platform can accommodate anti-malware, network access controls, anomaly detection and intrusion prevention.

Deploy virtual firewalls

One way to combat cyber attacks is to deploy virtual security appliances, such as firewalls. They serve as a software appliance that manages communication among virtual machines (VMs) in a network. Virtual firewalls review packets and apply security policy rules to shield unauthorized correspondence among VMs. Better yet, virtual firewalls are faster, cheaper and more agile in comparison to physical firewalls.

Run a security solution at the edge

Running a security solution as a virtualized network at the edge can oversee the entire network infrastructure. Multi-access edge computing (MEC) is a technology designed to be implemented at cellular base stations in order to deploy applications quickly. Damage to the infrastructure from cyber attacks can be remedied faster at the edge too. Since the network is centrally monitored, any glitch within the network can be isolated swiftly before it spreads throughout the infrastructure.

Leverage native application security tools

Application deployments for evolved packet core, SDN controller (SDNC), and home subscriber service (HSS) can be secured through a mix of native application security controls and tools placed at the network zone layer. Native applications usually draw data back to the device to make it available for processing whenever the gadget is offline, which speeds up the performance of the application. After deployment, these native application tools can be used to boost platform security.

Automate security processes

Securing a multi-layered virtual network is an arduous undertaking for users. Even with the noted security protocols in place, too much data exists to depend on manual processing. Service providers ought to automate and apply processes within the management system, which consistently reinforce the implementation of security. With information obtained from the platform and various security appliances, the centralized management system can review the level of security in the cloud in real time.

NFV and SDN holds great promise for the entire telecom industry. When migrating to these technologies, it is important to be aware of their risks as well as benefits. By following the noted list, service providers can take advantage of a virtualized network while keeping cyber attacks at bay. For an in-depth understanding of NFV and SDN, see here and here.

ABOUT AUTHOR

Nathan Cranford
Nathan Cranford
Nathan Cranford joined RCR Wireless News as a Technology Writer in 2017. Prior to his current position, he served as a content producer for GateHouse Media, and as a freelance science and tech reporter. His work has been published by a myriad of news outlets, including COEUS Magazine, dailyRx News, The Oklahoma Daily, Texas Writers Journal and VETTA Magazine. Nathan earned a bachelor’s from the University of Oklahoma in 2013. He lives in Austin, Texas.