APAC service providers must scale up and scale out security infrastructure to meet demands of distributed clouds, IoT and 5G

A new report from Juniper Networks and Ovum Research has found that Asia-Pacific (APAC) service providers (SPs) are especially concerned over their security infrastructure as they increasingly embrace adoption of new technologies, such as distributed clouds, the Internet of Things (IoT) and 5G. The report’s findings revealed that only one quarter of SPs surveyed are very satisfied with their existing security infrastructure, with the majority planning heavy investment into security over the next two years.

To better address the requirements of today and tomorrow, new architectures need to be adopted with security postures that are sufficiently agile to change alongside evolving requirements and without becoming a bottleneck to networking performance. This means scaling up to handle increased capacity, while scaling out to accommodate fast increasing volumes of IoT endpoints and increased signaling and session demands of edge distribution.

“Network deployments have changed significantly over the past few years. Service providers are rapidly moving to the cloud and adopting new technologies, such as IoT and 5G, which will redefine the way we live, work and play. All of these are heavily dependent on the network, and enterprises are increasing spending on security to protect new and existing infrastructure,” said Ang Thiam Guan, VP & GM, APAC, Juniper Networks. “As this transformation occurs, we need to encourage a more all-encompassing view of security, rather than focus on the perimeter. The network itself should be seen as the first line of defense, especially as the scale, demands and usage patterns on infrastructure continue to evolve and grow.”

The report polled 51 IT decision makers from SPs across APAC, including in Singapore, China, Australia, Japan, Korea and India. Data from this research was used together with data from an international survey of 100 decision makers from SPs globally, conducted by Heavy Reading.

Report highlights
Rapidly growing adoption of new technologies, including distributed clouds, IoT and 5G, has introduced additional security susceptibilities, forcing SPs to scale up and scale out their security infrastructure to remain relevant and secure. However, APAC SPs generally still feel they have some catching up to do in terms of security readiness, with overall findings from the region-wide survey revealing significant concerns:

• Only 29 percent are very satisfied with their current firewall
• 65 percent will upgrade their firewall within the next year
• 61 percent plan to increase spending on firewall product and services over the next two years

In terms of recommended risk mitigation investment going forward, areas to prioritize include improved intrusion detection, cloud security and upgraded firewalls, as well as architecture that allows for a unified view of security tools and networks.

The complex, new security challenges brought about by distributed cloud, IoT and 5G
SPs are developing distributed cloud architectures ahead of 5G deployments, with only 6 percent indicating they have no plans to deploy a distributed cloud. With the distributed cloud, they can offer IoT-ready services and position themselves to support third-party applications, providing them the ability to enter adjacent markets to create new revenue streams.

In developing this area, security is always a top concern. The top three perceived challenges to IoT adoption are data/network security (32 percent), business process integration (28 percent) and ongoing costs (28 percent).

This comes as no surprise, as distributed clouds and IoT implementations significantly increase the attack surface available to malicious actors. IoT devices serve as an entry point for a network and are increasingly being used to launch Distributed Denial of Service (DDoS) attacks. This will require SPs to filter traffic on a much larger scale and will necessitate greater automation, intelligence and machine learning capabilities for improved security postures and policies.

As the SPs transition toward 5G rollout, the expectation is that 5G technology will also allow mobile SPs to partition their network resources to address a diverse set of use cases with differing performance and functional requirements.

Almost all (96 percent) of the APAC SPs surveyed plan to use 5G technology and close to three-quarters expect to do so in the next two years.

This 5G-enabled provision of multiple use cases or network slices all require varying security protocol choices and policy implementation, further compounding the security concerns already predicted to arise from distributed clouds and IoT.

Intrusion detection, cloud security and upgraded firewalls top focus area for SPs
SPs are investing across multiple solutions in order to address these new cybersecurity challenges created by distributed clouds, IoT and 5G. According to the report’s findings, the top three areas of focus were respective more intrusion detection solutions (88 percent), upgrading security gateway, GI-firewall and roaming firewall (86 percent) and greater cloud security (84 percent).

At present, the security systems of APAC SPs are usually well-equipped to handle known threats and comparatively small DDoS attacks. Looking ahead, it is recommended to pair the improved solutions mentions alongside artificial intelligence and machine learning to better address much larger DDoS and sophisticated attacks while minimizing service disruption.

A unified view of security tools and networks employed by SPs is key
Another recommended priority looking ahead would be the provision for a unified view of the evolving networks and the centralization of security alerts. According to the research, up to 50 percent of APAC SPs manage between 11 to more than 50 security tools within their company’s infrastructure. The application of security policy changes in a multi-dashboard environment itself presents a security threat, as cybersecurity staff are faced with the challenge of monitoring multiple consoles and having to cross-reference between disparate screens and information formats.

A unified security management system that manages and provides a unified view of both physical and virtual domains will be key in addressing the challenging task of enabling SPs to further secure their networks.