RAD is a global leader for telecom access solutions. As an industry pioneer for over 40 years, RAD reliably supplies worldwide communications service providers and critical infrastructure operators with best-of-breed Ethernet access devices, industrial IoT gateways, 5G xHaul, and Operational WAN solutions. Offering always-on connectivity from anywhere, along with data-driven, AI-powered actionable insights, RAD is distinguished for its supply-chain stability, which outsteps the market in delivery times. Founded in 1981, RAD serves as the anchor of the $1.6 billion RAD Group, an umbrella of independent companies that develop diverse networking and data communications solutions.
Contact

Contact Us

This information will be used according to our Privacy Policy

Scroll to top of page

You are here

   

Revolutionizing Enterprise Protection with Carrier Network-Embedded Security

by Sharon Rozov, Marketing CTO
Jul 27, 2023

In a world where cyber-attacks are rampant, enterprises are deploying a multitude of security tools to safeguard their organizations against evolving threats. However, managing and maintaining vast security solutions can be cumbersome and resource intensive. Surveys indicate that enterprises deploy tens of security tools, leading to a need for more streamlined and efficient approaches.

Considering these challenges, carriers are expanding their cyber security portfolio to include managed threat detection and incident response services. They are offering businesses the latest technologies and expertise for maintaining their security posture and protecting their assets.

Data communications carriers are currently selling endpoint and cloud-based security solutions. These are the same tools and same architectures enterprises rely on. Cloud-based security implies that traffic is being on-ramped to security cloud hubs before it continues to its destination. Both public cloud and edge cloud deployments may cause traffic to be unnecessarily dragged away from its optimal path. This may compromise business service performance, especially considering latency-sensitive services. Endpoint security applies integration with business customer firewalls, which is realistically limiting it to customers that rely on carrier managed firewall services.

But there’s another way: Network-embedded security, which offers an advantageous carrier-specific architecture. Network-embedded security relies on data ingestion from carrier network elements. Data collected can be used to gain comprehensive views of traffic patterns and detect anomalies that may indicate cyber-attacks. When needed, a policy-based threat mitigation is applied by network elements.

This architecture allows carriers to offer enterprise security services to any of their business customers and to their entire range of business services. It does not require compatibility to the customer’s equipment, or additional network probes, both of which present limitations that are costly and difficult to manage operations-wise.

With network-embedded security, carriers use best-in-class security services off the cloud, while avoiding the need to divert customer traffic through a cloud, or through a scrubbing center. Samples of traffic are fed into security services, while business customer traffic continues its path, without having to allocate extra network resources and, most importantly, preserving low latency. In other words, this is a disaggregated architecture applied to carrier network devices, with security intelligence separated out and hosted in the cloud.

A mitigation action usually involves the blocking of the detected attack. Based on the carrier’s policy, a closed-loop enforcement is applied by the network element closest to the origin of the attack, to avoid malicious traffic from traversing the network. Not only the customer’s resources are being protected: the network cleans out malicious traffic to prevent it from unnecessarily consuming network resources and potentially flowing into adjacent networks, damaging the carrier’s reputation.

RAD’s RADinsight TI (Edge Threat Intelligence) service follows this approach. It’s based on network-embedded security architecture and allows carriers to harness the power of their network data to deliver value-add security services to their business customers.

With continuous sampling of traffic at the carrier edge (see also: carrier ethernet access devices), the cloud-native RADinsight TI is capable of promptly detecting a range of security threats, encompassing both badly reputed traffic and zero-day attacks.

To learn more about RADinsight TI, click here.

This information will be used according to our Privacy Policy

   

What would you like to do?