Voice&Data Talkies #4: Pankaj Kitchlu, Systems Engineering Director, India & SAARC, Juniper Networks

Juniper Networks is one of the largest networking solutions providers across the world and has quickly emerged as one of the frontrunners in 5G technology. The company has worked in networking, cloud, and AI-based solutions for telcos and other industries across the world.

Pankaj Kitchlu holds the position of Systems Engineering Director for Juniper Networks in the India & SAARC region. He handles Juniper’s telecom service business in the region. He had rich experience in the industry, having previously held top-level positions at Bharti Airtel and Reliance Communications. Previously a guest speaker at the Voice&Data's 5G Event, Pankaj has been featured on the portal a fair few times.

On the 4th edition of Voice&Data Talkies, Pankaj returns to talk about 5G, network security, and the implications of the former for the latter, and what Juniper Networks have been doing in the field.

With every generation, we see an increase in network speed and capacity, and hence the surface area of cyberattacks. How much will 5G affect the scope of cyberattacks across the world?

5G adoption is rapidly accelerating around the world, bringing with it both massive transformation and potential, as well as new challenges. While it is expected that 5G would bring about significant benefits to businesses and the economy, it will also have an impact on network security and cybersecurity. 5G will expand the scope of cyberattacks across the world.

As we move to 5G, services will become decentralized, meaning that networks will move from a physical appliance-based design (3G or 4G) to a virtual machine (VM) and container-based designs, so service providers will have to extend their security perimeter from a small number of data centers to hundreds of locations. Naturally, with new services and applications placed on the distributed edge, the security architecture needs to follow as well. Given the redefined nature of 5G networks, service providers will need to update their security strategy to keep pace.

5G has seen telcos evolve from network providers to cloud-based connectivity solutions providers. How has this evolution affected network security for telcos?

Rolling out 5G networks will bring forth a number of opportunities for service providers, businesses, and end-users, however, they also present an opportunity for cybercriminals to turn new 5G capabilities into vulnerabilities. To protect themselves and their customers, service providers can set up a security architecture by following the upcoming recommendations.

First, they should set up a unified security policy management process: This will help ease the transition from previous network generations and allow for security policies to follow users, devices, or applications as they move to new locations and be applied automatically. Further, it minimizes operational overhead otherwise required to recreate policies from one platform to another and decreases attack vectors inadvertently created by human error.

Second, embrace an end-to-end network security approach: Service providers will need to implement an end-to-end security approach that combines network, application, and end-user security to deliver a secure and assured service experience.

Third, implement a zero-trust security model: Given the number of distributed services that 5G will bring, adopting a zero-trust model, with AI/machine learning, will continuously work to verify, validate and authenticate every time a new connection request is made. This strategy ensures that no matter the location of networks or devices, there is clear visibility into network access, reducing the volume and impact of cyberattacks.

IoT represents one of the most important use cases of 5G, with billions of devices estimated to be connected to telecom networks. Will this development also represent a potential risk for 5G networks?

5G will accelerate IoT applications. With the massive influx of data from sensors and devices, enforcing security policies across every point of connection could be a starting point for enterprises to think of to create a much smaller surface for potential cyberattacks. Juniper Connected Security, for example, unifies all network elements into a threat-aware network. It basically achieved three things.

First, it detects and combats threats from numerous sources, ranging from native logging and cloud-based threat feeds to the Internet of Things (IoT) devices. Protects networks from cybercrime, botnets, machine learning, hacktivism, and more. Second, it can quickly create, maintain, and apply accurate and consistent network security policies. One can also manage security devices such as firewalls from a centralized location. Third, it can use any physical or virtual machine on the network as an enforcement point, including switches, firewalls, routers, third-party security products, public cloud, and private cloud platforms, and third-party infrastructure.

How frequent are cyberattacks on telecom networks? What are some of the sources for these attacks?

The frequency of cyberattacks has grown in an upward trajectory in recent times. There are two main contributors. First, the increased probability of attaining end objectives by attackers: Networks have become more connected, which means a remote compromised connection can affect every element and user data available in a network from anywhere in the world. While the intended objective was to get users and stakeholders connected across a widespread network, this has also brought about an increased risk in the attack surface, if robust security measures are not in place.

Second, the attack profile has shifted significantly: The intent of cyber-attackers has moved from merely causing casual public spectacles or minor disturbances to becoming professionally run money-making pseudo-organizations acting like machines. This reason has created a larger mass of attackers, trying to steal network information or user data through the form of ransomware. The source of the attack can be from anywhere – internal to external networks or even from your trusted stakeholders which would have been compromised by a remote actor.

How much does network slicing help mitigate the risks of potential cyberattacks on telecom networks?

Network slicing has been touted as an integral part of the 5G opportunity. One highly anticipated aspect of 5G is that it will be built on virtualized infrastructure. Network functions will run as software in datacentres, rather than on dedicated appliances as in the past. This will mean that operators can deploy and make changes to functions with far greater flexibility than ever before. It also offers the promise of enabling multiple logical end-to-end networks - each intended to meet specific needs – to be “spun-up”, operated and retired as required, over the same shared hardware.

This capability is the essence of network slicing. In particular, it has been suggested as a mechanism for telcos to provide a new breed of managed networking services to enterprise customers. Moreover, any potential network attacks are confined within the affected network slice/network slice instance, therefore preventing spread and denial of service to other slices.

Since COVID-19 has pretty much mandated work-from-anywhere, how have telecom networks managed network security? What kind of challenges does this situation represent?

The Covid-19 pandemic and the work-from-home model have led to a surge in cyber-attacks. The threat landscape in India is only growing more complex and sophisticated. Service providers and enterprises alike need to adopt a modern security approach that will not sacrifice network performance and impact the end-user experience.

To achieve this, these companies need to look at unifying all network elements into a threat-aware network and adopt a Connected Security Strategy. This approach to network security gives organizations the ability to safeguard users, applications, and infrastructure. By extending deep network visibility and security policy enforcement to all points of connection across the network, companies in India can better bolster their cybersecurity posture.

What sort of network security products do Juniper Networks have to help telcos protect the networks?

Juniper’sConnected Security combines SD-WAN and security capabilities into a cloud-managed platform, and it’s best delivered by a single vendor. It acts as a connected force with products that enhance security while providing automation, orchestration, and interconnectivity capabilities. It’s backed by several security products like our SRX next-generation firewalls and Juniper Advanced Threat Prevention portfolio, strategic partnerships, and a commitment to preparing for tomorrow’s security challenges, today.

With Juniper Connected Security, we have improved the time-to-resolution when there are incidents. Juniper Connected Security is about bringing security and security intelligence to every point of connection on the network. In practice, this means infusing Juniper’s global threat intelligence feed and other security capabilities into its routers, switches, firewalls, and, most recently, access points to make them threat aware.

Connected security focuses on two things. First, the SRX platform. Hardware and software solution that protects network edge, data center, and cloud applications with Juniper next-generation physical, virtual, and containerized firewalls.  It is an important part of the security architecture.

Second, the Cloud Advanced Threat Prevention (Cloud ATP). It is the threat intelligence hub for the network, with a litany of built-in advanced threat services that use the power of AI to detect attacks and optimize enforcement.

Security offerings from Juniper Networks are the most critical now in the Indian market. Juniper has moved away from the traditional perimeter security. It is now coined as pervasive security since the control panel is going to be anywhere and everywhere in the cloud. Juniper Networks believes it must be able to enforce the security policy at our customers’ will, rather than a limited perimeter of the network because one will not be able to define the perimeter in the next-gen cloud era.

The whole premise behind Connected Security is, no matter where organizations are in that journey, Juniper Networks will be able to support that transition to create a threat-aware network that can help safeguard users, the application, and the infrastructure, irrespective of architecture. It’s absolutely inclusive of SASE.