Revolutionizing Enterprise Protection with Carrier Network-Embedded Security

In a world where cyber-attacks are rampant, enterprises are deploying a multitude of security tools to safeguard their organizations against evolving threats. However, managing and maintaining vast security solutions can be cumbersome and resource intensive. Surveys indicate that enterprises deploy tens of security tools, leading to a need for more streamlined and efficient approaches.

Considering these challenges, carriers are expanding their cyber security portfolio to include managed threat detection and incident response services. They are offering businesses the latest technologies and expertise for maintaining their security posture and protecting their assets.

Data communications carriers are currently selling endpoint and cloud-based security solutions. These are the same tools and same architectures enterprises rely on. Cloud-based security implies that traffic is being on-ramped to security cloud hubs before it continues to its destination. Both public cloud and edge cloud deployments may cause traffic to be unnecessarily dragged away from its optimal path. This may compromise business service performance, especially considering latency-sensitive services. Endpoint security applies integration with business customer firewalls, which is realistically limiting it to customers that rely on carrier managed firewall services.

But there’s another way: Network-embedded security, which offers an advantageous carrier-specific architecture. Network-embedded security relies on data ingestion from carrier network elements. Data collected can be used to gain comprehensive views of traffic patterns and detect anomalies that may indicate cyber-attacks. When needed, a policy-based threat mitigation is applied by network elements.

This architecture allows carriers to offer enterprise security services to any of their business customers and to their entire range of business services. It does not require compatibility to the customer’s equipment, or additional network probes, both of which present limitations that are costly and difficult to manage operations-wise.

With network-embedded security, carriers use best-in-class security services off the cloud, while avoiding the need to divert customer traffic through a cloud, or through a scrubbing center. Samples of traffic are fed into security services, while business customer traffic continues its path, without having to allocate extra network resources and, most importantly, preserving low latency. In other words, this is a disaggregated architecture applied to carrier network devices, with security intelligence separated out and hosted in the cloud.

A mitigation action usually involves the blocking of the detected attack. Based on the carrier’s policy, a closed-loop enforcement is applied by the network element closest to the origin of the attack, to avoid malicious traffic from traversing the network. Not only the customer’s resources are being protected: the network cleans out malicious traffic to prevent it from unnecessarily consuming network resources and potentially flowing into adjacent networks, damaging the carrier’s reputation.

RAD’s RADinsight TI (Edge Threat Intelligence) service follows this approach. It’s based on network-embedded security architecture and allows carriers to harness the power of their network data to deliver value-add security services to their business customers.