5G network slicing: How to secure the opportunity

Network slicing is an opportunity for telcos to disrupt private networking, but it is new and unknown to enterprises. A ‘hand holding approach’, internal alignment and simplified pilots will be key enablers in its adoption.

Network slicing is central to unlocking the 5G opportunity

There has understandably been a lot of talk and hype about 5G and network slicing in the telecoms industry. It promises to bring greater speeds, lower latency, greater capacity, ultra-reliability, greater flexibility in the network operations and more. It also pledges to support high device densities and to enable new services, new business and operational models as well as new vertical opportunities.

Given that the rollout of 5G networks is expected to involve a significant investment of hundreds of billions of dollars, there is a need to look at how it might address new business opportunities that previous generations of cellular networks could not. Many, including us, have argued that the consumer business case for 5G is limited, and that the enterprise segment is likely to represent the greater opportunity.

One highly anticipated aspect of 5G is that it will be built on virtualised infrastructure. Network functions will run as software in datacentres, rather than on dedicated appliances as in the past. This will mean that operators can deploy and make changes to functions with far greater flexibility than ever before. It also offers the promise of enabling multiple logical end-to-end networks – each intended to meet specific needs – to be “spun-up”, operated and retired as required, over the same shared hardware. Traditionally, achieving such a multi-service outcome would have required building dedicated stand-alone networks, which was rarely a viable proposition.  This capability is the essence of network slicing.

Figure 1: Diagram of network slicing

Source: STL Partners

Enter your details below to download an extract of the report

This report will explore the concept of network slicing and what it means for enterprise customers. It will have a particular focus on one aspect of network slicing through the enterprise perspective, that being security. The first section will cover how we define network slicing whilst the second will dive into what the enterprise security-related concerns are. We will then assess the implications of these concerns in the third section, before identifying ways that telcos can address these concerns in order to accelerate the adoption of network slicing.

Our findings in this report are informed by a wider STL Partners research programme that STL Partners has conducted with telcos and enterprises across several verticals, including transport, defence, utilities, logistics and smart cities.

Enterprise security concerns with network slicing are rooted in the fear of the new and unknown

Network slicing is inherently complex. Multiple networks being created over common infrastructure, each serving different customers, use cases and devices means that management and orchestration of network slices is something that telcos are still grappling with. It not only represents a change in technology but also a shift in the way that the network lifecycle is managed, which is new and unfamiliar to telcos and their enterprise customers. Current security protocols will not necessarily be equipped to cover many of the new dimensions that network slicing brings. This new shift in the way things work will result in various enterprise security concerns. Changes in the network architecture with slicing, with multiple logical networks each having their own resources and sharing others, also poses questions of how the security architecture needs to evolve in order to address new risks.

Enterprise customers define security as not only about preventing services being compromised by intentional malicious attacks, but also about preventing service degradation or disruption due to unintentional operational or technical failures and/or negligence, unplanned breakdowns etc. Due to the interdependence of slices, even if a fault occurrence happens, it could consume resources in one slice, just like an attack would, which would affect the reliability or lifecycle of other network slices that share the same resources. Regardless of how the performance of a slice gets affected, whether it is by a malicious attack, a natural disaster, a bug or unintentional negligence, the consequences are ultimately the same. These are all, in some way, related to security. Therefore, when considering security, we need to think beyond potential intentional malicious attack but also unintentional negligence and unplanned events.

We outline these three key questions that enterprises have around their security concerns, as potential tenants of network slices, in the body of the report.

Table of contents

• Executive summary
• Introduction
  • Network slicing is central to unlocking the 5G opportunity
  • Dynamic, virtualised, end-to-end networks on shared resource
  • Slicing might come about in different ways
  • Slicing should bring great benefits…
• Enterprise security concerns with network slicing are rooted in the fear of the new and unknown
  • What if my network slice gets compromised?
  • What if another network slice is compromised?
  • What if another network slice is eating up resources?
• Security concerns will slow adoption if not addressed early and transparently
  • Concerns and misconceptions can be addressed through better awareness and understanding
  • As a result, enterprises project concerns about public networks’ limitations onto slicing
  • The way that network slicing is designed actually enhances security, and there are additional measures available on top.
• Telcos must act early and work more closely with customers to drive slicing adoption
  • Ensure that the technology works and that it is secure and robust
  • Organise and align internally on what network slicing is and where it fits internally before addressing enterprise customers
  • Engage in an open dialogue with enterprise customers and directly address any concerns via a ‘hand holding’ approach
  • Don’t wait for maturity to start testing and rolling out pilots to support the transition and learning process
• Conclusion

Enter your details below to download an extract of the report

---