Key security tenets for 2021
Over the past few years, as the architecture of ISP networks has evolved, there has been more investment in content and services infrastructure, and distributed peering, across the customer edge. In the last year, this seems to have taken on a new aspect, with ‘edge’ data-centres being planned and deployed in many wireline network operators. We’ve all heard about MEC (Multi-Access Edge Cloud) enabling new services in 5G mobile, with low-latency access to application and services for 5G users, but wireline ISPs - in some cases - are already there. The shape of traffic in ISP networks is changing (again), and what’s apparent is that in 2021, with more critical infrastructure distributed across the network edge, rather than in central data-centres, we will need to take more care of threats targeting this expanding threat surface.
New opportunities at the edge
A decade ago, ISP networks were hierarchical, with Peering, Core and Provider Edge routers providing layers of connectivity and a clear north-south prevailing traffic flow, as eyeballs and enterprises consumed content sucked in through centralised peering and transit connections. This has changed, with networks becoming much more meshed, routers becoming multi-purpose and traffic flowing every which way as content caches and peering have become more distributed. This has been driven by the growth in the volume of OTT service traffic, especially video, making it necessary for ISPs to acquire or cache content as near to its consumers as possible, to keep costs down and service quality up. This isn’t news, but it has changed the way that network investments are being made – with much more focus ‘at the edge’.
What is news, is that the distributed cache infrastructure mentioned above is now being joined by other value-added service infrastructure e.g. cloud gaming infrastructure such as Microsoft’s xCloud and Google Stadia, service enablers such as DNS and AAA, and 5G packet-core. This new infrastructure is being deployed within new Software-Defined-Data-Centres or extensions of public cloud infrastructure, deployed near to the customer edge in ISP networks. These new environments are racks of generic compute connected to an SDN environment, where all of the services and applications are virtualised or containerised, and fully orchestrated. These new environments enable new services and greater efficiencies, enabling ISPs to open up new opportunities for revenue growth, and operational and infrastructure cost savings.
The risk of the edge and a new approach to securing networks
However, as with every new opportunity there is risk. ISPs have been used to defending the availability of their networks, services and customers from DDoS attacks using semi-centralised mitigation capabilities, usually deployed at major peering locations. Given that investment in capacity and service infrastructure is now at the edge, backhauling potential attack traffic across the network is no longer desirable or practical. This is driving a need to mitigate threats in a more distributed way ‘at the edge’, blocking attack traffic at its entry point – regardless of whether it is coming from a peer, customer or public-cloud connection – all of which are common attack sources.
This is a big change, and to make matters worse, the DDoS threat landscape has also shifted; attacks have become more frequent - up 15 per cent in 2020 - more short-lived and more complex – with attacks comprising 15 or more attack vectors up 2851 per cent since 2017. And, of course, there’s the continuing risk from IoT devices of all shapes and sizes being subsumed into botnets and used to launch DDoS attacks.
The three key network security tenets of 2021
All of this is driving a new set of requirements from ISPs for their DDoS defences, with automation, orchestration and integration as core capabilities, if ISPs are to balance the risks with the rewards:
• Automation: to manage the mitigation of more sophisticated attacks without increasing operational overhead; to speed up response, as the Internet is now seen as a ‘utility’ by many; and, to enable new types of value-added DDoS protection services at greater scale, driving much needed revenue.
• Orchestration: to pull together and manage distributed mitigation capabilities across the edge of the network, and beyond, protecting more fragile virtualised and containerised environments from any attack, effectively and efficiently.
• Integration: to combine both the intelligent and infrastructure mitigation capabilities across the network edge to best effect, in complex multi-vendor environments.
Existing solutions must evolve to meet these new requirements, and we have to remember that there are few fixed points here, with new technologies, changing working practices and major shifts in traffic now the norm. Taking care near the edge of the ISP network, managing threats such as DDoS quickly and cost effectively, will be an essential component for an ISP’s success in delivering next generation services in 2021.
Darren Anstee is CTO for Security at NETSCOUT
IoT market expected to grow due to increase in IoT use cases
An increase in the internet of things use cases is expected to drive the IoT service market, according to the IoT Services Global Market Report 2021: COVID-10 Growth and Change to 2030.
IoT has found its use in many areas over the years. It can be used in manufacturing, farming, smart cities, transportation and in many other industries and fields.
Due to the fact it can be utilised in many industries, there is an increased need for IoT services and applications. IoT services that provide support by delivering services such as consulting, data management, network management and security services, are in much higher demand.
The impact of COVID-19 on the IoT services market
According to the report, the global IoT services market is expected to grow from $139.24 billion in 2020 to $162.39 billion in 2021 at a compound annual growth rate (CAGR) of 16.6%.
In the coming years, the IoT managed services market size is expected to reach $381.16 billion in 2025 at a CAGR of 24%.
This growth lends itself to companies resuming operations and adapting to the new normal as we emerge and recover from the pandemic.
Previously, COVID-19 restrictions led to restrictive containment measures, remote working and the closure of commercial activities that resulted in operational challenges.
IoT use cases driving growth
The IoT services market consists of the sales of IoT services and their related products. IoT services are delivered by the IoT services providers. These providers provide consulting, security and analytics services as per the requirements of the business.
Major players in the IoT services industry are Cisco Systems, Cognizant, Google, Infosys and Tieto Corporation, to name a few.
An increase in IoT use cases is expected to drive the IoT service market; this is where IoT can be used to automate processes and increase productivity. As it has found many uses cases over the years, this increases the demand for IoT services and this is expected to drive growth.
Enhancing deployment workloads with edge or cloud computing
Despite the expected growth, low enterprise adoption is expected to hinder the IoT services market. Although IoT has its use in many industries, due to factors such as low awareness, enterprise adoption is low, the report states.
Only 29% of enterprises have adopted IoT solutions according to the Omida data survey.
Edge or cloud computing however is enhancing the deployment workload on IoT devices, according to the report. This solution facilitates data processing and data storage in the cloud.
Microsoft released its Azure IoT Edge recently. This fully managed service is built on Azure IoT Hub. By moving certain workloads to the edge of the network, businesses that utilise Microsoft’s IoT platform spend less time communicating with the cloud, react more quickly to local changes and operate reliably in extended offline periods.
The IoT Services Global Market Report 2021: COVID-19 Growth and Change to 2030 is one of a series of new reports from The Business Research Company that provides an IoT services market overview