Cyber Security

The Evolution of NFV Network Visibility and Security at Scale

NFV (Network Function Virtualisation) migration continues on our large scale, country-wide national network infrastructure. This reduces previously proprietary network functions that ran on dedicated hardware into software building blocks that run on commodity hardware. This includes firewalls, routing functions, mobile network functions and many others. It delivers business benefits, flexibility and cost reduction.

Written by

Team Nucleus

Content
Written on

6th March, 2020

SHARE ARTICLE

NFV (Network Function Virtualisation) migration continues on our large scale, country-wide national network infrastructure.  This reduces previously proprietary network functions that ran on dedicated hardware into software building blocks that run on commodity hardware. This includes firewalls, routing functions, mobile network functions and many others. It delivers business benefits, flexibility and cost reduction.


The changes are greater for the tools that monitor and analyse network traffic for performance monitoring, behavioural analytics, cyber security and “network visualisation”. Firstly, to realise the business benefits of NFV, the tools themselves should be NFV ready, to run on commodity hardware. Secondly, the infrastructure that is being monitored may no longer exist in physical form. Interfaces and traffic flows may be internalised and no longer exist on physical fibres. However – the network functions are still subject to cyber-attack and the best way to protect infrastructure is by monitoring and analysing traffic on those virtual interfaces.


So where physical traffic sensors or FlowProbes have been previously used, on NFV infrastructure, we need virtual probes monitoring virtual interfaces. Where physical fibres and monitoring infrastructure such as packet brokers are still present, traffic sensors can still be virtualised in an NFV environment, but be configured to monitor traffic from a real, physical interface.


We should also talk about cloud. Cloud provides an infrastructure agnostic environment for applications to run. Those applications assume that the underlying infrastructure, including the network, is always available. It’s usually the cloud providers responsibility to monitor and protect the infrastructure. So, from one point of view, Cloud cyber protection is different from NFV infrastructure cyber protection. One cares about infrastructure availability, the other application availability. We will talk about that more in future blog posts.


At Telesoft, we are busy preparing our NFV ready cyber tool set. This re-uses our existing carrier strength cyber analytics – check back soon to hear more.

NUCLEUS

Recommended Posts

Subscribe to Nucleus blog updates.

Subscribe to our newsletter and stay updated.

Subscribe to Nucleus