2016 showed us that the Internet of Things (IoT) is a game-changer when it comes to service provider networks. I am not only referring to the control plane or traffic filters but also the havoc a larger, herded botnet of IoT devices can cause.
Mirai is a standout example of the latter, demonstrating in devastating fashion the power of a strategically orchestrated attack – in this case harnessing 620+ Gbps of malicious traffic.
The scale by far exceeded by far the imagination of many. Would anyone beyond the security community have had expected DVRs or connected cameras to become weaponized? With the proliferation of networking in everyday devices, the re-use of operating systems and the ongoing component price wars, it was only a matter of time.
So what does it all mean for service providers and what can they do to get ready and future-proof both profit and innovation? The fixes have to come from the service provider networks, as they host potentially vulnerable devices and are closer to the source of the attacks.
The good news is that the vast majority of service providers F5 Networks works with are taking the challenge extremely seriously – a stance I suspect is replicated across the industry.
Encouragingly, network defense is on the rise. Today, it is a given – or at the very least an expectation - that service providers will have to analyze traffic leaving their networks, identifying problems as they emerge and deal with issues like botnets with speed and substance.
Service providers are now forced to cooperate and honor things like Border Gateway Protocol (BGP) flowspec announcements. BGP is the protocol that manages how packets are routed across the internet through the exchange of routing and reachability information between edge routers.
The bottom line is that we need better weapons to stand a fighting chance. Processing power is useful, but we need more intelligent ways of dealing with attacks. SSL offloading is key here in terms of protecting control plane and datacenter resources, helping to prevent evasion through encryption whereas behavioral analysis enables us to detect new attacks, automate the generation of signatures, and share these across local and/or global communities.
As attacks target both Open Systems Interconnection (OSI) layers and compute power itself, it is vital to have a comprehensive understanding of applications and protocols. The ability to distinguish good from bad traffic is now essential to ensure adequate defenses are in place and crucial services remain operational.
Another direct result of the new cyber-threat landscape is a growing need for solutions that harness field-programmable gate array (FPGA)-based processing power to help absorb massive amounts of data.
The landscape for service providers is shifting at lightning pace, and the opportunities and pitfalls of IoT are forcing them to rethink how they operate.
This is reflected in a strong surge in customers coming to us to make sense of it all, whether it is S/Gi firewall solutions to protect both their infrastructure and subscribers from attacks, or safeguarding the data center perimeter - protecting the application, protecting the protocols and acting as a gatekeeper to identify and repel attacks.
At F5, we are also witnessing a greater demand for the protection of IoT-based applications and protocols. Beyond this, security infrastructure consolidation is the next step, aiming to reduce cost and latency while increasing efficiency and manageability.
Sitting on the sidelines is no longer an option. The problems are out there and evolving at pace. Now is the time to attack them head on.