Main challenges in protecting SDN & NFV networks from cyber security vulnerabilities

Telecom operators and service providers are excited about the opportunities that software defined networking (SDN) and network functions virtualization (NFV) promise to provide.

Although operational use of these software-centric technologies in this industry is still in early stages, many providers are actively testing and evaluating solutions in their labs and formulating their strategies for deployment.

Leading companies such as AT&T, BT and NTT Communications have whetted the broader industry’s appetite for these emerging technologies through their success with actual use cases and by showing that the benefits are out there.

Protecting operators’ SDN and NFV network infrastructure has become, however, a critical issue in recent years. As network technology moves from proprietary single-purpose devices to computed elements with network functions provided as virtualized services (virtual network functions, or VNFs) and which use open protocols like Linux, OVS and OpenStack, the infrastructure becomes exposed to cyber threats.

In order to help clarify the issues involved, Telco Systems has published a special white paper on the subject, entitled “Protecting SDN and NFV Networks from Cyber Security Vulnerabilities.”

To address these cyber security risks, the industry needs solutions that are able to handle the vulnerability, not only when it comes into the network but also assuming malware can already be present on the network. Security solutions need to be able to look at the points where malicious code can copy itself or communicate with the outside, which is on the NFV infrastructure; the layer that allows the virtualization, which is the hypervisor; the virtual switch, and so forth.

This white paper provides detailed explanations and supporting diagrams on the following topics.

  • Cyber Security Challenges of SDN and NFV: Migrating to SDN and NFV technologies for next generation network infrastructures offers benefits such as openness, remote programmability and agility, but also makes them vulnerable to the full range of cyber-attacks that target IT networks.
  • From NFV to Distributed NFV (D-NFV): The main considerations regarding placement at the network edge and customer perimeter access are security, performance, gateway functionality and quality of experience. The challenges for each one are explained.
  • Main Security Challenges: The paper provides a detailed analysis of security risks that must be mitigated when migrating to the next generation network, such as security vulnerabilities in the hypervisor and allowing customers access to network resources via APIs.
  • The 4-Stage Approach to Cyber Security: Telco Systems, along with sister company and technology partner CELARE, is working towards solving cyber security challenges with a comprehensive solution that provides specific security measures to address the specific software defined infrastructure security holes.

 

SDN and NFV technologies will change the entire telecom industry over the coming years. As technologies move out from the data center to the carrier network itself, they hold the promise of bringing cost savings and new business opportunities.

Additional resources

Download the white paper on protecting SDN and NFV networks

Learn more about the NFV cyber security solution

Watch the Light Reading webinar about NFV CyberGuard

FacebookLinkedInTwitterShare

Related posts