With the flexibility and high-capacity of next-generation, IP-based networks come new risks, namely threats to security.
If you think of the change as extending the enterprise network, it can give you some idea of the vulnerability that IP-centric, broadband networks face, according to John Lhota, senior IT executive for Verizon Business, and a speaker on today’s session, “Protecting Next-Generation Networks from Security Threats New Hazards, New Strategies.” Lhota says his company has a targeted initiative on helping its customers understand this dynamic both the advantages and the challenges. With the variety of endpoints (mobile phones, laptops, desktops, etc.) and access types (e.g. wireless, Internet, etc.) attaching to the network, there are many more potential places where network security can be breached.
“As fiber’s capacity and footprint increase, the risk of data theft from a single access point increases in proportion,” added fellow panelist Emanuel Nachum, vice president of Americas Marketing, ECI Telecom. “Transport encryption is an attractive option for carriers and service providers to offer a new value-added service to their customers that are concerned about data theft.”
While Lhota will talk about the evolution of the network in an effort to help service providers assess the growing threat, Nachum will talk about a specific solution. “Without the limits of higher-layer processing, a Layer 2 transport encryption solution scales with carrier needs while remaining manageable,” he said, noting hardware-based encryption at Layer 2 gives carrier-class reliability and full transparency to VLAN and MPLS tags while integration with optical transport equipment provides network-wide visibility and control, along with records required for SLAs. Additionally, he said, Layer 2 encryption delivers the same strong algorithm mandated by the Committee on National Security Systems for all federal agencies.
Fellow panelist Michael J. Miller, vice president of global security and services, Global Crossing Ltd., also will speak to specific ways to minimize risk. “As technology changes, the tools and techniques for securing the next-generation networks will have to change accordingly,” he said. “However, the fundamental principles of security will remain the same.”
He said security in telecommunications is about protecting the availability of the network, the confidentiality of the information traversing the network, and the integrity of the network from misconfiguration or misrepresentation.
“As a network provider, Global Crossing is also concerned about providing our customers with security services that meet their changing business needs,” he added, noting emphasis on an Acceptable Use Policy and ensuring that the quality of traffic remains high. “In combination, these strategies lower our risk of malicious traffic on our network and provide better overall availability and service to our carrier and en-terprise customers.”