Network Security Through the Eyes of a 'Cable Guy'

News Flash! The world of the traditional cable service provider is changing...

Written by CCI Solutions Director, Drew Kempen

We all know about how consumers are consuming video via streaming; about the growth of DOCSIS and Internet services; about how the Internet of Things (IoT) is bringing massive amounts of new devices into the network; and about how almost everything we do as a consumer continues to migrate to the ‘cloud’. In short, everything is moving to ‘IP’. 

Unfortunately, growing the capacity and speed of the network isn’t the only area of concern that comes with this change. With IP, network security becomes a huge concern. Oftentimes, security of the headend-to-consumer pipeline has been overlooked in the traditional cable service provider environment. It is also not the sort of cost that many traditional service providers are used to stomaching. So how does someone who is not a security expert, or even an IP expert, wrap their heads around security? And how can you justify requesting funds to spend on security?

Why does my system need security?

There are a number of reasons operators need to begin to take security seriously. The most overt and publically familiar concern is being maliciously hacked. This is when hackers are accessing[G1]  your network or subscribers off your network to gather personal information, business data, insert malware, or hold you digitally hostage. We all hear the horror stories of companies being hacked, identity theft, computers being taken over, networks crashing, and so on.

CCI’s Security Solutions Director, Andy Erickson, points out “Ransomware has become the malware of choice for many hackers.” Ransomware is on its way to becoming a $1 billion market (Taylor, 2016).  This issue is not getting better, it is getting worse. Yet we still see many operators continuing to play Russian roulette by putting off investing in security solutions.

Click to Watch: Ransomware- The Anatomy of an Attack (Cisco on YouTube.com)

Second, attacks are happening all of the time. No unprotected network is safe. Every operator experiences these attacks and most don’t know they are happening at all. Imagine running a large business with hundreds of employees, products, revenue streams and costs. Now imagine the only report you get is dollars in and dollars out. Basically, you know how much money you are making. How easy would it be to hide fraud, wasted dollars, and identify critical aspects that allow you to know how each product and employee are performing? Network security today is like that. Your IP bandwidth is that business, and everything is hiding in the IP packets. It could be legitimate traffic, it could be malicious traffic, or it could be useless or DDoS generated traffic. You only see how much traffic is used. 

Examine the large DDoS attacks we have seen in the news lately about services such as Amazon, Netflix, and so on being taken down. These are not shut down by someone from Russia hacking their sites. The hackers hack entire groups of IP devices in people’s homes and program them to request access to an IP address all at one time. Take the massive outage that occurred late last year that affected the east coast of the United States. This was a DDoS attack against Dyn where the attackers used IoT devices to effect and attack (Newman, 2016). We are talking about refrigerators, watches, phones, tablets, thermostats, etc. This happens all the time and will happen with more frequency as more and more devices come online and are unprotected. 

How do I justify the cost?

Investing in security is not as unfamiliar to cable operators as many may think it is. Consider video encryption requirements and the challenges the presented for the entire industry from both a technical and financial aspect. This was to secure the content. This introduced millions of dollars of cost to operators simply to meet requirements. Today, security is different and more complex.  However, unlike the investment in encryption, these security technologies offer the opportunity for new and next-generation revenue generating services. 

For the sake of an example, let’s assume that when your traffic is at peak burst time, that 20-25% of that actually turns out to be malicious or attack oriented bursts. You provision your entire network because of peak time traffic usage. For a cable/DOCSIS operator, that is the difference between 16 and 20 DOCSIS QAM or 24 and 32 QAM. Without visibility into this traffic, huge amounts of money may be being spent to scale a network faster than it needs to be scaled. At first glance, these percentages seem high but look no further than last January’s Arbor DDoS report that clocked the largest ever DDoS attack at 500 Gbps[G2]  (Ungureanu, 2016).  Many respondents to the report saw an over 100 Gbps[G3]  attack during the year. Again, this problem isn't getting better, it is getting worse. As more and more devices come online, this percentage will inevitably rise. Now is the time to gain visibility into this and implement solutions to stop that traffic. [G4] [G5] 

Potential Monetization

There is also a value to the consumer. Next-generation firewalls provide a huge security benefit. Coming from a cable guy, using the term ‘firewall’ for this solution is very misleading. When most people think of firewall, they think of some mass marketed software that everyone has tried, yet we always seem to get viruses on our devices one way or another. Unfortunately, this has been the only layer of security most consumers have ever had. These next-gen network firewalls actually provide many of the benefits of a desktop security solution and more. Not that you would recommend not having desktop security on a computer, but Anti-Malware detection for the entire home is part of these network firewalls. It provides an additional layer of security for the entire IP stream to that home. 

Deep packet inspection is also a key feature of these network firewalls. Malicious programs and code are hidden within the IP packets. Unless you unwrap and analyze the contents of these packets, you will not be able to find the illegitimate source code. Next-generation firewalls provide this capability which helps protect your network and your subscribers. It is important to remember that as consumers information and data continue to migrate to the digital realm, it is not just data that needs to be secured, it is their life, intimate information, and identities. 

These values can translate into and additional revenue generating service to subscribers both commercial and residential. For example, let’s assume you have a 100 MB data tier. 

Option 1:

100 MBPS Class of service- Unlimited Data = $79.99/mo

Option 2:

100 MBPS Class of service- Unlimited Data= Whole home network security, firewall, malware protection, virus prevention, all-device protection = $89.99/mo

You could throw in an option 3 ‘business class’ that offers DDoS protection as well. The primary point is that you now have the capability to realize an additional revenue stream for an area of growing importance and relevance for your subscriber base. This is valuable especially considering the shrinking revenue and income generated by traditional video.

From a solution standpoint, there are many layers of security to be considered. For example, there are network-wide options that also help with the problems, such as Cisco Umbrella (OpenDNS) and Arbor DDoS detection, and mitigation solutions. 

CCI Systems CTO Matt Reath comments regarding the value of this solution; “In this case, a service provider can setup up their network and subscribers to utilize the open DNS solution so that DNS requests are scrubbed and requests protected. Arbor looks at all packets going in and out of the network and alerts and reacts to DDoS attacks. This combined with proper end-user education and in-home firewall systems creates a multi-layered approach to security.” This multi-layered approach is critical to offering a comprehensive solution for security. 

CCI’s Security Solutions Director, Andy Erickson proposes; “From a Service Provider’s perspective, security can be implemented in a phased approach:  crawl, walk, run.  Next-generation firewalls with Cisco’s Umbrella is a great starting point and can be the foundational framework for your security to build from.” In conjunction with this solution approach, CCI offers security consulting in a crawl, walk, run method. This starts with providing visibility into network attacks that are happening and security threat assessments of the current network. 

Summary

Network security should not be looked at as optional or as an ‘insurance policy’ any longer. It should be a requirement for the foundation of any long-term strategy. How many operators sink millions of dollars to make the physical layer redundant? Fiber links, line cards, switches, etc., all to increase reliability and minimize downtime. It’s time we all start understanding the preventative nature and benefits of enhanced network security solutions, as well as the asset they are to our systems and services we can offer to our subscribers.

For more information or to discuss your network’s security strategy, reach out to CCI on social media or contact us at info@ccisystems.com.

Twitter | Facebook | LinkedIn

References

Taylor, H. (2016) Ransomware Spiked 6,000% in 2016 and Most Victims Paid the Hackers, IBM finds. Retrieved February 7, 2016 from www.cnbc.com
Newman, L. H. (2016) What we know about Friday’s Massive East Coast Internet Outage. Retrieved February 7, 2017 from www.wired.com.
Ungureanu, H. (2016) Worlds Largest DDoS Attacks Breaks Records, Clocks at Massive 500 gbps. Retrieved February 7, 2017 from www.techtimes.com.

CCI Is Making Investments

CTO Matt Reath explains how CCI is preparing for the future of service providers.

Over the past few years, service providers across America have been challenged with increased costs, increased complexity, changing regulations, security, and most importantly, a changing consumer. Consumers have more choices and more options than ever before when it comes to how they consume content, how they access the Internet and the number of cloud-enabled devices they have. This puts pressure on service providers to increase capacity but not necessarily increase price. 

CCI Systems’ (CCI) unique perspective as both a solutions-focused value-added reseller and a service provider fuels a deep understanding of these challenges. As your clients’ needs change, CCI is taking the steps necessary to ensure those needs are met. We are investing in key technologies and solutions that will enable our clients to create higher customer satisfaction, offer additional services to capture more revenue, and optimize their operations to create a strong bottom-line.

Investment 1: Security

CCI has launched a Cyber Security Practice lead by dual-CCIE Adam Harden. This Practice is unique with its focus on service provider networks. CCI’s Cyber Security Assessment Workshops (CSWAP) program can get a provider on track with a Security Improvement Plan (SIP) that can serve as a personalized guide book of how to secure their network. Security services ranging from DDoS detection and mitigation to clean subscriber access. This will further enable providers to protect network infrastructure, improve their customer experience, and overall improve the performance of their network.

Investment 2: Data Center & Cloud

CCI continues to invest in its Data Center & Cloud Practice to evolve with the changing service provider landscape. The Practice takes two solution approaches. The first approach, internal virtualization, enables providers to reduce operating expenses by consolidating all company servers and storage into a central data center. Providers can gain space, reduce power consumption, and through orchestration—manage it as an integrated solution. The second approach, revenue creation, enables providers to generate new revenue by investing in a data center that includes orchestration and automation. Providers will gain the ability to create and deploy unique value-added managed offerings for their subscribers. A few examples include managed firewalls, virtual CPE services, hosted Wi-Fi, and secure SLA-backed storage.

Investment 3: Hosted Services

Service providers are looking for ways to create additional revenue streams but don’t necessarily have the staff or know-how to launch these services on their own. CCI is investing in infrastructure, talent, and software systems to enable our clients with services ranging from Wi-Fi to virtual CPE solutions. Clients will be able to white-label CCI’s solutions to quickly build a managed service offering in their footprint.

Investment 4: Orchestration and Programmability

Service provider’s networks are becoming increasingly complex and the speed at which new services must be deployed is accelerating. CCI is investing in Cisco Network Services Orchestrator, or NSO, to provide our customers with automated solutions for some of their top business use cases. CCI’s engineers are learning Python and other automation tools. We are investing in new talent and creating industry partnerships to bring the best solutions to our service provider customers.

CCI wants to translate our 60 plus years of expertise into benefits for service providers by addressing their biggest challenges today while preparing them for changes down the road. We work with our customers as a true ‘across the network’ solutions providing partner—enabling them to increase subscriber satisfaction, reduce costs, expand their footprint and grow revenue.

For more information on what CCI can do to help, contact us.

How to Build a Strong Service Provider Business

By: Matt Reath, CTO

The world of the service provider, specifically for cable and telco providers, is becoming an ever-changing environment. Previous funding models, like USF and ConnectAmerica, are in flux. Customer demands are shifting from lower bandwidth consuming web browsing to immersive video, cloud services, the Internet of Things, and other bandwidth intensive applications. These changes, if not planned for and adapted to, can weaken service provider operations and customer satisfaction.

Developing a strong service provider business that can pace itself with these changes and stay profitable along the way requires focus in four primary areas:
 

1. Customers
2. Service Offerings
3. Talent
4. Network

Customers

It is essential that each provider understand their customer’s motivators and incentives for adopting certain technology and use patterns. Cisco VNI forecasts 132 Exabytes per month of IP traffic by 2018—over 2X more than 2013 traffic (figure 1). Embrace this growth rather than fight the adoption of new technologies like peer-to-peer, video streaming, and cloud applications by creating services with marketing programs that embrace and celebrate the growth of broadband. Be the customer advocate—make your customers fall in love with your services.

Make sure to keep current and understand consumer technology and the implications it will have on your business. If unable to attend the CES, follow it in social media or through other sources. Understand where consumer technology is evolving to and adapt the business strategy for customer adoption of these trends.

Keep your customers, their feedback and behavior at the center of your service strategy.

Figure 1. Cisco VNI Forecasts 132 Exabytes per Month of IP Traffic by 2018

Service Offerings:

It is hard to stay profitable by offering only broadband and make the network changes required to keep pace with data consumption patterns. Providers need to create business models that provide additional customer-focused services for residential, mobile and business customers. Use customer feedback and industry trends to create a unique, differentiated set of services that meet the potentially unique demands of each provider’s serving areas. These new services should become the most profitable. As the services become ubiquitous or expected, new services should be developed to keep customers engaged or sticky.

Some common services offered today include:

• SP WiFi – Cisco VNI forecasts substantial growth in WiFi by 2018 (figure 2). Capitalize on this growth and create new revenue opportunities by blanketing common areas, downtown corridors, venues and other high population areas with WiFi to provide cell offload, analytics, location services, hotspot access for customers, and pay for access. Also providing custom SSIDs, portals, and advertisements for businesses are a compelling value add.

Figure 2. Global Internet Traffic, Wired and Wireless

• Managed IT – Businesses should be focused on what they are best at and options for outsourcing their IT needs to their local provider can be compelling.
• Managed Security – Security for businesses and even residential users is a growing revenue source for providers. From managed firewall services to hosted malware protection— there are plenty of options to customize for different customer types.
• Cloud + Circuit Bundles – Guarantee SLAs by building a private or hybrid data center. Providers can offer 1G or 10G pipes to their business customers in conjunction with DR storage or hosted applications.

Cisco Q2 FY’15 shows Data Center and Wireless as large growth areas (figure 3). This is in line with the above analysis of creating service-oriented businesses and networks.

Figure 3. Cisco Q2 FY’15 Revenue Highlights (from Cisco’s Investor Relations website).

• Linear content + Video Anywhere – Create a uniquely branded solution by developing a ROKU-based solution that brings together linear or live content in conjunction with video anywhere options like HBO Go or the up and coming Disney and CBS.
• Many other services are out there—for example, Hosted VoIP or Collaboration.

Talent

The saying goes, keep your employees happy and they will keep your customers happy. Every provider should have a strategy built around attracting, acquiring and retaining knowledgeable and talented employees. Happy and knowledgeable employees work more efficiently and are more likely to go above and beyond to solve customer problems and keep customer satisfaction high. This doesn’t mean you have to hire the most expensive employees—sometimes that’s just not in the cards. Develop strong training programs and development plans for as many employees as possible. Provide employees with a career progression and attainable goals to go after. Don’t only focus on technical skills but train soft skills, especially those that are related to customer and social interactions. By engaging and mentoring all employees you will bring out the best talent, and in some cases, talent you didn’t know you had.

Network

A provider builds the foundation for success by creating a customer centric strategy, researching and building a compelling service set, and training and hiring the best talent. The last piece of the puzzle is to create, manage, and maintain the infrastructure that delivers the service to the customer. Always plan ahead and have a running 3-5 year network and infrastructure plan. This plan should be built and modified based on customer feedback and trends as well as what service offerings will be relevant both short and long term. Tie your customer and service plans together with your network and infrastructure plan.

Build the infrastructure in as redundant of a way as you can afford. Reliability of delivery is one of the main customer satisfaction metrics. It only takes one outage to tarnish a reputation but takes a long time to get that brand value back. Don’t skimp here.

Create a modular and adaptable network. MPLS provides efficient ways to transport different types of traffic. By creating a base physical layer with a logical MPLS network on top, “virtual” architectures can be created using VPLS, AToM and L3VPNs. This combined with network function virtualization (NFV) can enable modification of services and delivery without rolling a truck to make the changes. The idea is to create the architecture and network in way that it can handle different types of services without making major changes to the network. It must be able to adapt.

Conclusion

A service provider can create a strong business by focusing on the four primary areas: Customers, Service Offerings, Talent, and Network. Customers will be satisfied, engaged and willing to work with the provider to evolve their experience. Each provider will see satisfaction increase when focus areas have strong strategies in place and are kept at the center of decision making.