Palo Alto Networks this week introduced a service designed to help enterprises and service providers secure 5G networks, services, applications and devices. The service aims to provide full visibility and granular security controls to help organizations identify security issues in user and device traffic.
In addition to context-driven security, Enterprise DLP automates 5G security using Kubernetes-native orchestration. It also provides automated threat intelligence.
More organizations than ever are looking to move to 5G networks to take advantage of higher bandwidth, increased speed and lower latency. According to Tanner Johnson, a senior cybersecurity analyst at Omdia, the bandwidth for 4G technologies tops out at about 4,000 devices per square kilometer, while 5G solutions allow for roughly one million devices to operate within the same boundary.
“The dramatically increased speed and computational capabilities of 5G will allow for significant advances in every market, from industrial and medical to automotive and smart cities,” he said. “I see greater opportunities for remote patient monitoring and consumer healthcare solutions, as well as advancements in protections and efficiencies in critical infrastructure.”
Securing 5G networks is different from securing other types of networks. The increase in device deployment will cause a proportionate increase in cyberthreats. When systemic flaws in internet of things (IoT) devices, their networks or the supply chain are discovered, that knowledge is quickly disseminated among adversaries to exploit those vulnerabilities. In addition, the adoption of IT protocols such as HTTP/2 and the 3rd Generation Partnership Project (3GPP) telecommunications standards for 5G exposes the IT protocol stack to more vulnerabilities, said Sree Koratala, vice president of product management for mobile security at Palo Alto Networks.
Enterprise DLP containerizes 5G security at the service layer to help prevent incidents from occurring when a single solution breaks down, also known as a single point of failure. Through containerization—essentially a method of segmentation—the impact of any exploit can be mitigated much more quickly because the exploit is isolated into a single container. It’s essential when dealing with services and applications at the scale 5G offers, Tanner said.
The solution also correlates threats to 5G users and devices in real time and uses 5G network slice security, which Koratala described as a way to dynamically provide enterprise-grade security served by 5G network “slices.” “You can apply the following security per network slice or group of network slices: application control, antivirus, anti-spyware, URL filtering, intrusion prevention and advanced threat prevention with WildFire [Palo Alto's malware analysis service],” she said.
Johnson said Palo Alto’s approach of fully embracing the cloud as a delivery mechanism for 5G security is the right one. The solution’s incorporation of machine learning in the area of threat intelligence also makes a lot of sense, he said.