Helping Mobile Operators Keep Customers Safe with Virtualized Network Security

CERT-LatestNews Malware Security News ThreatsCybercrime TrendMicroNews Uncategorized

Recently, a frightening trend has emerged where cyber criminals poach the capabilities of legitimate message apps in order to carry out their malicious activities.

At Trend Micro we’re always looking for innovative new ways to support our customers and help overcome their cybersecurity challenges. Mobile network operators (MNOs) are increasingly adopting virtualization and software acceleration technologies to become more agile in how they deploy and operate network services: for example, to help deal with large, unpredictable network volumes during peak hours.

That’s why we designed the Virtual Network Function Suite: a high-performance solution designed to run on this new network infrastructure and meet MNOs’ security needs amid a rapidly evolving threat landscape.

With features including URL filtering, intrusion prevention and application control, the VNFS allows operators to reduce costs and improve agility whilst helping them differentiate in the market with highly effective threat protection for customers.

Mobile threats escalate

Organizations across the globe are being forced to address an unprecedented volume and variety of often highly sophisticated threats today, and MNOs are no different. They need to protect their customers from everything from commodity malware and spam to information-stealing Trojans, ransomware, premium-rate SMS malware, and more. Trend Micro alone blocked over 38 billion threats in the first half of 2017, including a staggering 82 million ransomware threats.

Many mobile threats are hidden in legitimate-looking but malicious applications, but users can also be exposed via email, web browsing, and insecure public Wi-Fi networks.

Many consumers don’t have security software installed on their devices, so there’s a growing demand and market opportunity for MNOs to improve the security controls they can offer from a network level. However, at the same time these operators are moving to small cells, increasing the number of base stations in the network and therefore the number of servers typically required to provide effective security. That has driven a push to virtualized security functions which are lower cost and more agile and scalable than legacy appliance-based security servers.

Leveraging SPN

Trend Micro’s VNFS is a high performance, software-based solution which utilizes the Data Plane Development Kit (DPDK) for high-speed packet processing. Decoupling network functions from the underlying hardware means MNOs can deliver security faster, more effectively and at lower cost. Thanks to DPDK and other Intel architecture hardware technologies, the VNFS is able to operate in a highly efficient manner, consuming just a few CPU cores.

Here are just some of the benefits of the VNFS:

  • Security resources can be dynamically allocated and configured for different services
  • Native design for carrier-grade NFV with a pure software architecture that provides high-performance network security protection
  • Trend Micro security features and industry-leading threat intelligence, powered by the Smart Protection Network (SPN)
  • Security services that can be dynamically scaled and allocated to meet demand when traffic increases

URL filtering is a great example of how the VNFS supports MNOs with highly effective security. The suite sits in the MNO’s Gi-LAN, between the packet gateway and the Internet, converting device and user-level policies into URL blocking and deep packed inspection which are the cornerstone of high-performance security.

The VNFS is powered by the Trend Micro SPN, which collects 15 terabytes worth of data for analysis, identifies 180,000 new threats, analyzes 1.5 billion new threat samples, and blocks 250 million threats every 24 hours. Using sandbox emulation modeling, multiple touchpoints, and smart feedback from real-world sensors, the SPN is able to block the latest threats and inappropriate content. The VNFS leverages this intelligence, a comprehensive URL reputation database, to keep users safe.

Combined with the VNFS’s intrusion prevention and application control capabilities it comes together to offer an unbeatable, high-performance solution for mobile operators, with the power, scale, and flexibility they need to keep customers safe amid a rapidly evolving threat landscape.