Over time, organizations have faced a significant surge in cyber threats and incidents of data breaches. The conventional security framework, primarily focused on fortifying the organizational perimeter against external threats, needs to be revised. Today’s work environment, marked by the prevalence of mobile devices, cloud technologies, and remote work arrangements, has made traditional perimeter defenses ineffective. Thus, there’s a pressing need for a fresh security approach, exemplified by the Zero Trust Security Model. This architecture represents a series of security principles meticulously crafted to safeguard digital assets, services, and communications within an evolving landscape where the concept of perimeter has largely dissolved.
What is Zero Trust Network Access?
In today’s 5G network environment, the wireless industry is enhancing security by adopting new zero-trust network access (ZTNA) standards. ZTNA forms part of the secure access service edge (SASE, pronounced “sassy”) security framework, which aims to ensure secure remote access to applications, data, and services through precise access control policies.
Components of SASE deployments
- Next-generation firewall as a service (NGFWaaS): Cloud-hosted firewalls running as virtual network functions (VNFs) and offered as a service
- Secure web gateway (SWG): Network security technology, whether deployed on-premises or in the cloud, is a vital intermediary between subscribers and the internet. Its primary role is to enforce enterprise usage policies and safeguard corporate web assets.
- Cloud access security broker (CASB): Provides a comprehensive security suite that includes all aspects from cloud-based infrastructure to access control management, safeguarding data, and preventing threats across connections to the internet, software as a service, and internal applications.
- Zero-trust network access (ZTNA): Imposes strict limitations on remote access to an organization’s applications, data, and services, utilizing criteria such as user identity, usage context, device identification, and behavior, extending across cloud environments through meticulously outlined access control policies employing a zero-trust methodology.
Why is the zero-trust approach apt?
Operators increasingly adopt a zero-trust approach in the SASE framework, primarily by embedding security policies into devices using an application programming interface (API). This integration restricts and authenticates access for any subscriber’s location. The zero-trust security architecture safeguards the cloud edge by scrutinizing all devices and software before permitting connection to network resources, thereby reducing risks across the 5G network. ZTNA allows operators to hedge the edge with robust policies, safeguard the network and subscribers, and ensure end-to-end security. These standards will enable organizations to promote reliable security practices and cultivate a resilient and secure 5G network ecosystem.
End-Through-End Mobile Network Security, beyond Zero Trust
In the domain of 5G and the next-generation wireless networks, threat detection, mitigation, and tracing scope expand beyond the confines of zero-trust edge authorization. Mobile networks have emerged as the primary gateway to the internet, driven by their enhanced speeds, efficiency, convenience, and dependability. Regrettably, the surge in mobile traffic and the proliferation of connected devices have led to a rise in threat incidents for mobile operators, blurring the lines between mobile and wireline networks. Yet, effectively monitoring this mobile traffic encounters several challenges, including:
- Tunneling: The utilization of the GPRS Tunneling Protocol (GTP) to facilitate traffic passage through radio and core networks presents challenges in real-time and scalable monitoring of user-plane traffic and threat detection.
- Correlation and attribution: To effectively attribute, mitigate, and trace threats, the real-time and scalable correlation between user-plane traffic and associated users and devices is needed.
Suitable solution to address the 4G/5G Security Challenge
Global wireline internet service providers (ISPs) require a robust solution incorporating traffic monitoring, reporting, threat detection, traceback, and mitigation capabilities. Dynamic mapping of mobile IP addresses to identities in the user plane is imperative for extracting real-time actionable insights regarding traffic patterns and potential threats. The solution should provide equipment visibility across 4G and 5G non-standalone and standalone networks, independent of vendors. Furthermore, scalability is crucial to safeguarding the performance and availability of mobile data services.
Vinay Sharma is the Regional Director, India and SAARC at NETSCOUT.