NTT DATA and Palo Alto Networks have partnered to enhance private 5G security for industrial deployments to empower enterprises to securely embrace the next wave of digital transformation and drive innovation with confidence.
Why Visibility Is Critical in Private 5G Networks
5G as a technology is acknowledged to be secure. It is possibly the most secure wireless technology commercially available today. With SIM-based access control, a plethora of security features built into the service-based architecture of the core, as well as the end-to-end encrypted traffic, the technology certainly lives up to its “most secure” mantra.
But, when it comes to deploying this technology into an enterprise or factory, is all this security good news? Surely more security is always better?
The answer to this question depends on where the 5G network is deployed, who owns the 5G core, and what level of traffic and network monitoring is needed. From a carrier's perspective, the built-in security provided by 5G is both essential and adequate. Carriers are primarily concerned about protecting their networks and less concerned about what traffic the users and systems are generating.
However, an enterprise deploying a Private 5G network is also concerned about the actual traffic being transported. After all, Zero Trust security relies on knowing who's talking with whom, what’s talking to what while using only authorized services, and when and from where they are authorized to use them.
Generally, on an enterprise LAN or WAN, these questions are reasonably easy to answer because enterprises typically do not encrypt local traffic. Thus, it can be scanned and analyzed by standard IT tools. Furthermore, additional user information can be gleaned from the IT authentication, authorization and accounting (AAA) systems.
Enter a private 5G network and the network has local SIM-based access control, meaning a user requires a SIM that is preregistered with the 5G core to be able to access the network. After access is granted, traffic is encrypted from the radio access network to the core. Once the traffic leaves the core it is decrypted and visible to enterprise IT analytics systems.
Secure? Yes. Adequate in the enterprise environment? Not really.
The higher levels of security blind existing IT analysis and monitoring tools as to what is happening inside the private 5G network. And for many deployments, especially those in the industrial sector, this is unacceptable.
Highly secure and encrypted bad actor traffic is still bad actor traffic; it needs to be identified to be mitigated. Enterprises must ensure that exploit attempts, malware (both known and unknown), malicious URLs and DNS queries are all detected and prevented. Encrypting data does not make it inherently secure.
Visibility and Security — Better Together
As organizations turn toward implementing Private 5G networks, the excitement can quickly wane as the reality of all the needed steps sinks in. Small Cell planning, device onboarding and provisioning, new security requirements, as well as integration with existing systems are just some of the tasks that must be accomplished. Partnering with a global managed network and security services provider, like NTT DATA, and a cybersecurity leader, like Palo Alto Networks, is crucial to ensuring a successful and business-relevant solution. Designing, building and managing the private 5G network is one aspect, but ensuring it is integrated into the existing enterprise communications and application landscape is a complex but necessary process. This is especially important when the deployed network is supporting mission-critical applications. When the security and visibility components are added to this integration, it quickly becomes clear that enterprises need experienced teams who can deliver the desired outcomes.
Both NTT DATA and Palo Alto Networks are proven leaders in private 5G and network security. We’ve combined forces to provide enterprises with a solution that both maintains the inherent security of private 5G and simultaneously provides the required visibility into the network needed for effective Zero Trust network access (ZTNA).
A New Standard for Private 5G Security
NTT DATA’s new managed security service powered by Palo Alto Networks industry-leading technologies provides enterprises a Private 5G network with the visibility and security needed in today’s OT environments.
The new offering combines Palo Alto Networks Next-Generation Firewall (NGFW), OT / IoT subscriptions with NTT DATA’s Private 5G architecture to empower clients with improved network visibility, access control, as well as automated threat detection and response capabilities.
With Palo Alto Networks NGFW, organizations can apply a Zero Trust security posture, incorporating machine learning (ML) to safely enable only the relevant connections, applications and protocols needed for their network. These are then delivered through NTT DATA as a turnkey managed service, unique to each customer.
In addition to providing Zero Trust security capabilities, the joint solution offers insight into the various IoT and OT devices running on the network. This capability uses machine learning (ML) models to profile devices based on their behavior patterns and other characteristics, providing insights into the risks associated with each device, along with the ability to prevent threats before they occur, rather than just alerting users.
The Palo Alto Networks SOAR platform, Cortex XSOAR™, can also interact with the Private 5G network, process threat logs from the NGFW, and push device information to the NGFW for enhanced visibility.
The NTT DATA Private 5G and Palo Alto Networks offering is easy to set up and manage, seamlessly integrating into enterprise IT/OT environments. This allows organizations to focus on innovation and new ideas while ensuring a high level of security.
The NTT Private 5G Solution
To learn more about this solution or to request a demo, please reach out to the NTT Private 5G team or visit the NTT DATA Private 5G webpage.