Report: Carriers Need to Heed Security

IT attacks need network carriers in order to hit their targets, for it is the carrier that, well, carries the Internet traffic — both good and bad.

The Yankee Group released a report that highlights the growing need for carriers to pay more attention to the threats by implementing security measures to ensure clean pipes. Another incentive, according to the report: money.

Brian Partridge, Yankee Group analyst and author of the report, told that he wasn’t surprised, for the most part, with the results of the study.

“It was interesting to see DDoS come out consistently as the
biggest threat to rolling out IP-based services and the expectations for
attack volumes moving up rapidly,” Partridge said.

The report also noted that among the carriers surveyed by Yankee Group, the
consensus was that some 15 percent of overall traffic is actually malware or some other form of non-useful traffic.

There was disagreement among Yankee Group’s survey base, though, as to whether there was a business case for eliminating network noise through
mitigation techniques versus simply adding additional bandwidth capacity to
handle the load.

Partridge argues that the carriers can make money by offering
premium-level managed security services.

“They also must provide adequate protection for services such as IPTV,”
Partridge said. “If that service goes down because of DDoS, the operator
will be heavily damaged in terms of subscriber churn and tarnished brand.”

It’s not that carriers don’t have some security in their networks’
infrastructures already; it’s that, according to Yankee Group, the security that
is in place is often not enough.

The report notes that some service
providers simply settle for, “the cursory network intelligence capabilities
already deployed in their networks, choosing rudimentary functions over
comprehensive visibility.”

In Yankee’s view, it’s a shortsighted approach. Instead the analyst firm
argues that new types of carrier-grade solutions are required that provide a
greater degree of full-network layer visibility into what actually is going on
across the network. Carriers should not rely on enterprise-type IPS
and IDP solutions that cannot scale for carrier

In order to get the type of security that Partridge thinks carriers should
have, a full “forklift” upgrade of equipment isn’t necessarily the answer. “It can be done via server-based software overlays and through deploying
network probes at strategic points in the network.”

Yankee said that Arbor Networks, Narus, Cisco Systems and Q1 Labs could fit the bill for carriers.

“You’ve got to have significant visibility into the packets themselves so
you can detect a wide range of attacks,” Steve Bannerman, vice president of marketing and product management at Narus, told

Narus has a single system that looks at the entire network to manage security across the entire carrier network, Bannerman said.

Juniper Networks, which competes aggressively with Cisco in the carrier
space, has its own views on the subject.

In an e-mail to, Juniper spokesperson Brendan Hayes agreed with Yankee Group’s assessment that service provider networks have different demands than those of enterprises, so the approach to security has to be a little bit different.

Hayes said that Juniper is already providing carriers with some of the
advanced security they need. One such example cited by Hayes is Juniper’s
partnership with Microsoft to offer IPTV network security solutions to
customers of Microsoft TV IPTV Edition.

“In general we are seeing more of our customers come to Juniper for a
complete routing and security solution.”

News Around the Web