IEEE Future Networks: Security in SDN/NFV and 5G Networks - Opportunities and Challenges
Software Defined Networking (SDN) and Network Function Virtualization (NFV) are the key pillars of future networks, including 5G and Beyond that promise to support emerging applications such as enhanced mobile broadband, ultra low latency, massive sensing type applications while providing the resiliency in the network. Service providers and other verticals (e.g., Connected Cars, IOT, eHealth) can leverage SDN/NFV to provide flexible and cost-effective service without compromising the end user quality of service (QoS). While NFV and SDN open up the door for flexible networks and rapid service creation, these offer both security opportunities while also introducing additional challenges and complexities, in some cases. With the rapid proliferation of 4G and 5G networks, operators have now started the trial deployment of network function virtualization, especially with the introduction of various virtualized network elements in the access and core networks. These include elements such as virtualized Evolved Packet Core (vEPC), virtualized IP Multimedia Services (vIMS), Virtualized Residential Gateway, and Virtualized Next Generation Firewalls. However, very little attention has been given to the security aspects of virtualization. While several standardization bodies (e.g., ETSI, 3GPP, NGMN, ATIS, TIA) have started looking into the many security issues introduced by SDN/NFV, additional work is needed with larger security community involvement including vendors, operators, universities, and regulators. This tutorial will address evolution of cellular technologies towards 5G but will largely focus on various security challenges and opportunities introduced by SDN/NFV and 5G networks such as Hypervisor, Virtual Network Functions (VNFs), SDN Controller, Orchestrator, Network slicing, Cloud RAN, and security function virtualization. This tutorial will also highlight some of the ongoing activities within various standards communities and will illustrate a few deployment use case scenarios for security including threat taxonomy for both operator and enterprise networks. In addition, I will also describe some of the ongoing activities within IEEE Future Network initiative including roadmap efforts and various ways one can get involved and contribute to this initiative.
Software Defined Networking (SDN) and Network Function Virtualization (NFV) are the key pillars of future networks, including 5G and Beyond that promise to support emerging applications such as enhanced mobile broadband, ultra low latency, massive sensing type applications while providing the resiliency in the network. Service providers and other verticals (e.g., Connected Cars, IOT, eHealth) can leverage SDN/NFV to provide flexible and cost-effective service without compromising the end user quality of service (QoS). While NFV and SDN open up the door for flexible networks and rapid service creation, these offer both security opportunities while also introducing additional challenges and complexities, in some cases. With the rapid proliferation of 4G and 5G networks, operators have now started the trial deployment of network function virtualization, especially with the introduction of various virtualized network elements in the access and core networks. These include elements such as virtualized Evolved Packet Core (vEPC), virtualized IP Multimedia Services (vIMS), Virtualized Residential Gateway, and Virtualized Next Generation Firewalls. However, very little attention has been given to the security aspects of virtualization. While several standardization bodies (e.g., ETSI, 3GPP, NGMN, ATIS, TIA) have started looking into the many security issues introduced by SDN/NFV, additional work is needed with larger security community involvement including vendors, operators, universities, and regulators. This tutorial will address evolution of cellular technologies towards 5G but will largely focus on various security challenges and opportunities introduced by SDN/NFV and 5G networks such as Hypervisor, Virtual Network Functions (VNFs), SDN Controller, Orchestrator, Network slicing, Cloud RAN, and security function virtualization. This tutorial will also highlight some of the ongoing activities within various standards communities and will illustrate a few deployment use case scenarios for security including threat taxonomy for both operator and enterprise networks. In addition, I will also describe some of the ongoing activities within IEEE Future Network initiative including roadmap efforts and various ways one can get involved and contribute to this initiative.