Prior to addressing my thoughts on the security question, I’d like to ask a question, which one might think is rhetorical: “Is there a difference between a service provider (SP) and an enterprise network?” Note that in this blog, my reference to an “enterprise” means a large enterprise as opposed to an SMB.
Both SP and enterprise networks provide communication services to their respective employees. Both have applications running through their networks. But where the a fundamental difference lies is in the fact that an SP’s network provides communication services not only to its own employees, but also to its customers, acting as a transit pipe carrying various types of traffic.
Saying that, there are enterprises providing similar “transitive” services for their customers, but the distinction is that SPs make their revenues based on access and services, while enterprises focus on services. SP infrastructures are built to offer fast and reliable access via large transit pipes to provide various types of communication services. Enterprise infrastructures, on the other hand, are built to offer intra-company connectivity to their employees and services to their customers.
So as to the security question, one might think that SP and enterprise security requirements are similar. Both need to protect their respective core infrastructures and data centers. And sure, SP and large enterprise data centers do have a lot in common. In fact, one could claim that security requirements are very similar, if not the same. From the core infrastructure perspective—putting aside specifics of certain protocols for mobile operators, like SCTP and GTP—one could also claim that the basic requirements are similar, if not the same between an SP and a large enterprise.
However, one of the major differences between SP and enterprise networks is the type of traffic that traverses each. SP infrastructures are traversed by their customers’ transit traffic, while enterprise infrastructures are traversed only by their own traffic. That’s where I see the majority of confusion, differences, and challenges arising from a security perspective.
SPs, not wanting to act as a “dumb pipe,” aim to provide value-add services, such as the ability to offer “clean” traffic to their customers. Hence, SPs are interested in incorporating various security intelligence elements into their infrastructures that would allow them to offer customer traffic protection—as well as increase their respective ARPU. These services range from DDoS to IDP, from IPSec VPNs to antivirus. SPs need to be able to differentiate between various customers and corresponding security services for each one.
Those are my high-level thoughts on delineating SP and enterprise security needs. What about yours?
SPs, interested to increase ARPU, are challenged with scaling factors. That, of course, leads us to the cloud and SDN—two topics which I’ll be discussing in a forthcoming blog.