Nokia is invoking Mobile Heritage for 5G security services25. 10. 2021 Monday / By: Robert Denes / Generic / Exact time: BST / Print this page
N okia envisions an increasing role for network security as it expands access to extended detection and response (XDR); security management, automation and response (SOAR); endpoint detection and response (EDR); managed services; and consulting.
According to Mary O’Neill, Nokia’s vice president of security, the vendor relies heavily on data collected from Threat Intelligence Lab and algorithms developed by Nokia Bell Labs to strengthen its security equipment for network operators and companies.
“There are so many security companies in the industry. Security is a very fragmented industry, but we have decided that we have the opportunity and the need to play the security of fixed and mobile networks, ”he said in a telephone interview.
“Everything is driven by intelligence and machine learning,” including Nokia’s recently released NetGuard XDR Security Operations and other security products that collect data from Nokia’s threat intelligence unit, O’Neill said.
The cutting edge of the CSP, including the radio access network, is evolving from a closed and patented technology to an open, standards-based architecture. Dell Technologies meets these new requirements with a dedicated telco-quality infrastructure designed for challenging cutting-edge installations.Cybersecurity Dome, Nokia’s new product unveiled this month, uses a combination of machine learning, EDR and SOAR to help communications providers monitor, detect and automatically fix vulnerabilities.
“We can make a topology of a 5G network that consists of a radio access network (RAN), core, and transport and allows the service provider to visualize the network and cover the threat index of what is happening. from a security standpoint and allows them to take action, ”O’Neill explained.
Nokia approaches security from three different angles, including standards that form the basis of essential security requirements, as well as equipment vendors that also provide some level of security in their products.
Nokia's security team deals with the third level of security, which focuses on operating and maintaining network security. This includes authentication, checking network functions to keep security parameters unchanged, and machine learning algorithms that detect abnormal behavior and allow operators to correct these problems, O’Neill explained.
Nokia currently monitors more than 200 million connected devices worldwide and publishes regular reports of malware on wired and mobile networks. Kevin McNamee, Nokia’s security product manager, leads a lab that monitors threats to mobile networks over the past decade.5G is designed to improve the security of networks by authenticating communication between control plane functions and network infrastructure using an HTML Web service type interface and allowing network segmentation by slicing.
Mobile communications technology also provides authentication for user data, unified data management, access and mobility management, and session management features, and introduces a security protection proxy that enables more secure and controlled carrier communications, McNamee explained.However, 5G will also introduce new features and services that will increase the attack surface, he said.
Among the new interfaces, Nokia considers it particularly important and focuses on malware prevention on IoT devices, Distributed Denial of Service (DDoS) attacks, and security vulnerabilities in mobile peripherals.
Many small IoT devices have very little natural protection or visibility on the network, mobile peripherals place services from multiple vendors on the edges running in the cloud or small data centers, and the increased bandwidth of 5G increases the threat of possible DDoS attacks, McNamee said.All of this requires network operators to improve network management and initiate automated responses to threats. “You need to allow the security operations team to detect threats as they occur and take immediate action to prevent incidents within the network,” he said.
"Given the expanded footprint and attack surface, it is very, very important for the security operations team to be able to visualize what is happening and take action, especially for automated operations, especially for some of these new things like the mobile wind cloud." He added. "It's going to be a big challenge to have multi-vendor applications hanging on the edge of the network - [they] need to be managed, they need to be secure."
“Within the security industry, there are many companies that can do a really good job of helping [service providers] in a breach. But the thing is, the majority of these companies, the security of their corporate IT networks, and sometimes the techniques they use or recommend may not be applicable in the mobile space, ”McNamee said.“If such an event does happen, and it is likely to happen, we will provide the expertise so that the service provider can solve the problem,” he added. McNamee said Nokia is also working with firewall vendors, intrusion detection vendors, and security information and incident management (SIEM) vendors to strengthen its security services to address common security issues. “We don’t try to do everything in the mobile space, so we certainly use third-party vendors to supply firewalls and similar components. So if we combine this with the standards as well as the enhancements offered by Nokia, I think we can create a very secure network for our customers, ”he said.