The Future of 5G: Is The Cybersecurity Community Ready?

The Future of 5G: Is The Cybersecurity Community Ready?

As the fifth generation of broadband cellular technology — or 5G — becomes more widespread, cybersecurity threats will continue to grow in number and sophistication as new methods of attacking the network become available. Network infrastructure providers, virtual mobile network operators (VMNOs), and communication service providers (CSPs) play a critical role in the design and rollout of 5G networks.

With 5G technology, keeping everyone involved on the same page and acting synchronously will be more difficult than ever before. Here are some privacy and security improvements and challenges the cybersecurity community needs to be ready for and how to get the support you need as you scale your business and protect your investments in a fifth-generation world.

5G Networks Use Digital Routing Instead of Hardware-Based Switching

Fifth-generation cellular broadband networks have migrated away from hardware-based switching in a centralized location to digital routing defined by various software applications. Centralized hardware hubs allowed for checkpoints where traffic coming in and out of the network can be inspected and monitored. Virtualizing the routing process makes it more difficult to create a single checkpoint for security control. This means that organizations will have to coordinate with operators in order to implement visibility devices.

Virtualizing High-Level Network Functions Increases Security Risks

5G networks allow for high-level functions to be performed digitally instead of by physical computer hardware. While this does increase the speed and accessibility of higher-level functionality, it also creates unique vulnerabilities. The standardized protocols that serve as building blocks for the execution of digital functions are well-known to hackers, making the infiltration of 5G networks faster and easier.

Additionally, the short-range, low-cost antennas needed for 5G networking also become targets, and since they have a much shorter range than 4G antennas, there are many more of them in urban areas. Each of these sites is a hub for a number of data streams that also carry their own cybersecurity risks.

Organizations will have to know how their connectivity footprints are deployed as more applications and business services will be utilizing the capability 5G affords running on top of mobile networks, rather than traditional wired infrastructure.

5G Impacts Home Workforce Security

As a large portion of today’s workforce began operating from home, the technology industry realized there was a limit to cloud availability and connectivity across the globe. Increasing the number of remote devices connected to a network and spreading out their location not only makes networks more vulnerable but also creates a greater need for infrastructure support. Businesses need enterprise solutions for intelligent, responsive networks that can withstand congestion and ensure the security and integrity of critical data.  

5G Networks Connect Billions of Small, Hackable Smart Devices

There are currently billions of internet-connected devices in the world, most of them small and portable. These devices are often easy to hack, and when connected to a 5G network, can easily allow a malicious user to access a plethora of data contained within the network.

Identity security is also an issue as International Mobile Subscriber Identity (IMSI) catching attacks uncover the identifying information of mobile device users. In some cases, bad actors are even able to download exploitation software on 5G-connected devices. NetQuest can help telecom providers discover monitoring solutions for more secure portable device management.

How NetQuest Can Help Your Business Increase Privacy and Security in a 5G Climate

Despite security concerns, upgrading to 5G networking is necessary for companies to continue doing business successfully in today’s climate. It’s an essential growth factor for securing the sustainability, scalability, and profitability of your company now and in the future.

By weaving security, monitoring, and privacy protocols into the very architecture of 5G networks, the entities who deploy them can be proactive in protecting the privacy of their networks’ users.

NetQuest can help your company ensure that important information about the location, identity, and behavior of your users is kept safe. Contact us today to learn more about privacy and security for 5G networks or to schedule an appointment to discuss your digital security needs with one of our experienced professionals.

Does your organization view SecOps as a profit center? It should.

OMX3200 - Scalable Network Visibility and Cyber Security Solutions for 100G and 10G networks

Does your organization view SecOps as a profit center? It should.

By Mike Seidler, Director of Product Management, NetQuest Corporation

SecOps, or Security Operations teams, have the ability to provide tremendous value to the organizations they work with. As technology continues to grow at breakneck speed, reliable SecOps will become absolutely critical to enterprise profitability. Don’t underestimate the merit a good SecOps team has on your organization’s ability to generate revenue — here’s how they’ve transformed the landscape of security operations for businesses worldwide.

Shifting the Perception of Cyber Security Value

The relevancy of good cybersecurity isn’t focused solely on regulatory compliance, loss prevention, and risk reduction; in fact, this fails to incorporate the primary goals of nearly every business, which is revenue generation and the overall growth of the organization. SecOps teams are shifting the perception of the value of data security by discovering new ways to use technology to solve customer problems and create value.

Helping Cyber Security Teams Drive Revenue

Many organizations see cyber security as a necessary drain on resources, not the potential for client opportunity and revenue that it can be. SecOps can help companies increase their bottom line, much more so than they invest in cyber security strategy.

How?

They build relationships with customers who become loyal to your organization’s brand. SecOps teams that work directly with your customers to provide them with data security services tend to develop long-lasting business relationships with them that in turn create clients that are loyal to your brand. An established track record of keeping your own company data secure can also play a helpful role.

Strong network security principles appeal to customers by framing cyber security efforts as a social responsibility. SecOps can assist organizations with the reframing of their cyber security efforts in a way that demonstrates industry leadership and customer commitment. By helping your company develop an approach that positions data security as a moral and ethical social responsibility, SecOps teams can create messaging that better resonates with your customer base.

SecOps teams allow your organization to offer premier data security products and services at a higher price. The market for simple security solutions that customers can use to protect their data and privacy online is growing, and companies can offer these services as upgrades or add-ons to basic cyber security bundles for an additional charge. This enables SecOps teams to drive engagement with premium security solutions your organization provides.

SecOps teams can help you create a better customer experience. Today’s customers not only desire a strong sense of security when they’re making a financial transaction online, they absolutely demand it. Your organization can only create a rich, engaging experience for customers once your SecOps team has taken the necessary steps to ensure that your network’s security is top-tier and no area of your network is unprotected.

They establish and protect current and future revenue generation. Every organization has proprietary data and intellectual property that hold the answer to future growth and revenue generation. Your SecOps team can help your company ensure that your trade secrets, personal identification (PI) data, and business critical processes and data are protected. A close working partnership with your customers and your SecOps team shows that their PI, data, and business processes are under a watchful eye from malicious hackers and cyber attacks. This creates a meaningful perception and value that both companies’ successes are tied together.

Is Your SecOps Team Doing Enough For Your Business?

If your organization doesn’t have a dedicated SecOps team or your team isn’t doing enough for your company, NetQuest can help. We’ve been helping SecOps teams by providing comprehensive network visibility solutions solutions to organizations since 1987 and are committed to offering our clients unparalleled value for their investment. Contact us today to learn more about how we can help your company drive revenue through smart cyber security efforts.

IPFIX 101: The Lowdown On The NetFlow Upgrade

Scalable Network Visibility and Cyber Security Solutions for 100G and 10G networks

IPFIX 101: The Lowdown on the NetFlow Upgrade  

By Mike Seidler, Director of Product Management, NetQuest Corporation

IPFIX, or IP Flow Information Export, is the technical term used by network engineers and cybersecurity specialists to describe the process of analyzing network data by using a standard method for generating metadata to summarize network flows. IPFIX can be used to establish typical network behavioral patterns so that anomalous activity can be detected. The majority of the industry refers to IPFIX as NetFlow since the two technologies are very similar, however, there are some key differences that we believe highlight why IPFIX is a NetFlow upgrade.

Need high-level visibility into your company’s network? Welcome to IPFIX 101.

What Is IPFIX?

IPFIX is a standard developed by the Internet Engineering Task Force (IETF) to expand upon NetFlow v9 to create a more flexible solution for collecting and analyzing critical network data. The IPFIX protocol uses very similar procedures as NetFlow for exporting network traffic data, however, IPFIX was designed with additional extensibility and is considered the “upgraded” version of the protocol.

IPFIX Lingo

IPFIX uses a unique set of terms that may be familiar to most networking specialists, but we wanted to include them for engineers. 

  • Metadata refers to a subset of information that can easily be used by databases, e.g. Source IPv4 address, rather than reading and describing an entire packet record. 
  • Flow Record (or Flow) refers to a complete network conversation between endpoints, usually represented in metadata format. Flows can be bidirectional (both sides of the conversation – talking and listening), or unidirectional (from the perspective of one endpoint talking to another – talking but not listening).
  • Template is a numbered dataset which is encoded with IPFIX data records. Each template is numbered to indicate what unique data records are present.
  • Exporter is a device that can create IPFIX flows (see Metering) from packet streams.
  • Metering is a process that creates IPFIX flow records from a packet stream. Usually IPFIX Exporters are performing flow metering. 
  • Collector is a system or device which receives flow records for analysis. 

How Does IPFIX Work?

IPFIX uses a predetermined set of protocols to export a network flow record to a “collector,” who then further segments and analyzes the data to produce accurate and real-time insights into a network’s behavior. These protocols are flexible and customized to capture user-defined data, so you’re always reviewing the most critical data sets. With this technology, a single IPFIX “exporter” can send information to more than one collector and there’s no limit to the number of exporters from which a collector can obtain information.

Why Use IPFIX?

In most cases, IPFIX serves as a NetFlow upgrade providing increased flexibility and many more customization options than NetFlow v9. This can greatly increase visibility into critical network traffic parameters for increased threat identification and a more robust security solution. Driven by the desire of vendors to break from the litany of differing vendor-specific flow standards and leveraging the popularity of NetFlow v9, IPFIX was designed to offer open standards freedom to tailor your flow gathering data for maximum network visibility.

Comparing IPFIX to NetFlow v9

Why is IPFIX an upgrade over NetFlow? Here’s how IPFIX and NetFlow v9, its predecessor, stack up against each other:

  • NetFlow v9 supports about 100 standard elements, while IPFIX offers almost 500, including all of the NetFlow elements.
  • IPFIX supports the flexibility to add vendor-specific data extensions.
  • IPFIX supports customizable data templates allowing users to choose which of the close to 500 elements to include in the transmitted data set. NetFlow’s support for customization is much more limited.
  • IPFIX offers variable length fields, which is quite useful when exporting raw data like URLs, DNS or HTTP host names.
  • Custom input of vendor IDs to allow proprietary information to be placed in a flow record.
  • Increased fidelity of IPFIX is essential for using flow data in security monitoring applications.
  • Did we mention IPFIX offers increased flexibility versus NetFlow v9? This cannot be overstated.

To be fair, with added flexibility, IPFIX can sometimes create compatibility challenges. NetFlow’s narrow focus is typically supported in almost all standard collectors and analysis tools, making tool integration a foregone conclusion.

Improve Your Network Security With IPFIX Today

Comprehensive network monitoring and security solutions are critical for your organization to reduce risk and streamline workflows. NetQuest can help. IPFIX is a key feature for us and we provide high-performance solutions that create IPFIX records and export them to other tools for detailed analysis. Check out our OMX3200 high-bandwidth sensor and how it can used to scale network flow analysis for security solutions.

We’ve been providing full-scope cyber security and network administration tools to organizations both large and small since 1987 and can assist you in developing security protocols that fit the unique needs of your company. Contact us today for more information.

Your Company Has Been Hacked. Will You Respond or React?

Scalable Network Visibility and Cyber Security Solutions for 100G and 10G networks

Your Company Has Been Hacked. Will You Respond or React?

by Chip Mesec, Senior Product Manager, NetQuest Corporation

Breathe and Think

While reading about the U.S. Treasury and Commerce Department hacks on Krebs on Security, it got me thinking about the panic going through the minds of the SIOs across the world. In fact, it made me sad to think of what their holiday season will be like having to deal with a hack of this magnitude in addition to COVID-19, year end pressures, the economy, and other demands on their time. Companies in the business of securing IT systems, as we are, share customers. There is a mindset in all of us:

We’re the good, fighting against the evil underground hoards!

This hack is so sophisticated that the SolarWinds Orion software to manage IT systems did not have a vulnerability.  It appears that the hack was built-in as a trojan by the Russians – which changes the game entirely. It is always easy to blame a single company, but SolarWinds is a wonderful company and creates a great set of products that are respected in the industry. When you are dealing with hacks of this level of ingenuity, you go through your mental list of what could have been done to prevent the intrusion in my company, my code, my systems – have we done enough?

Watch Dogs for Watch Dogs

All of this gets me thinking about how intelligence groups have operated throughout history: the group that watches the enemy, the groups that watch the groups that watch the enemy, and so on. My first inclination is to create a group to watch IT, and a group to watch them. It all fizzles and begins to look like the script for a Mel Brooks movie about a government coup in a small Eastern European country.

Analysis or Rabbit Hole?

When you do the analysis, it’s not long before fear creeps in. If you can choke that down there are some positive learnings that we can gain from this exercise.

  • We as human beings have become very good at-risk reduction and mitigation – it is built into our DNA – flight or fight, go around the long way, wear your seatbelts.
  • We perform risk vs. reward analysis very quickly – What is vulnerable? Who had access? How far do I go back to get a clean system? What was taken and how do I get it back? What is the number of my lawyer?

What Ifs and Worst Case

Here are some things to think about that may open your mind to think outside the box with respect to security and worst-case scenarios.

  • How would you operate your business if every piece of software you used was vulnerable or being manipulated – how would you survive?
  • Is there a zero-trust model that you could put in place so that every action within your IT framework provides a high-degree of confidence?
  • How do you create a test to validate or invalidate your assumptions?

Another way of looking at it…

  • What if I ran a bank and all the tellers were thieves?
  • How could I get to work if my tire gets flat every 5 miles?

I do not have a magic potion or a product which will drop in and cure your ills – there is no company that can offer that. But when dealing with the “first of its kind” type of seminal hacks, it opens your mind to solving difficult problems and that is why most of us got in the business.

Consider it on the job training.