Security has been considered in every aspect of Symworld design and functionality
June 1, 2022
This is particularly pertinent to telecom operators as they are the backbone of all digital services. Therefore, they need to stand up and look holistically over their entire domain and ask if they are doing enough to keep their companies and customers safe.
An operator cannot stand still and allow fear, uncertainty, and doubt (FUD) to detract from its innovation and digital transformation plans. Instead, they must move forward, adapt and realize that security is an essential component in their business strategy and on an equal standing as the acquisition of a new customer.
So, as operators address new challenges and adopt new delivery models with containerization, container orchestration, open interfaces, and the latest generation of mobile standards, they should be continually asking themselves an important and valid question: Is this new world secure?
Unfortunately, you are under attack if you're an operator, and it is impossible to mitigate against everything. So how you respond, react, and what you ultimately learn will be crucial to your defense.
Symworld is the beating heart of Rakuten Symphony, a platform developed to reimagine telecom and break the shackles of the traditional approach to Telecom Networks. A modern, industrial-scale automation platform explicitly built for telecom with the ability of seamless integration to create a cloud-native marketplace.
Security has been considered in every aspect of Symworld design and functionality. Nothing has been taken to chance, with every interface and component following an extensive review to ensure security is front and center in the platform. As a result, the Symworld platform is not only thoroughly tested, but is challenged every single day as it is already deployed and successfully working in a fully functional cloud-native, software-defined 5G network in Japan.
Following a rigorous procedure of Security by Design, there is no one-size-fits-all when it comes to security. Rakuten Symphony understood early on that no single reference architecture or standard can address every possible vulnerability or detect every potential threat. Instead, we strongly believe in a pragmatic, dynamic, and always-on cyber security framework to help identify, respond, and recover from vulnerabilities or compromises to systems.
We follow a comprehensive zero-trust approach to security and follow a step-by-step process to ensure every attack vector, threat and eventuality has been considered.
Design with Zero Trust, Secure Coding
Immutable container images, signed container images and signature verification
Continuous monitoring and remediation of vulnerabilities
Ensure strict access control for resources as well as resource limit configurations
Securing cloud platforms with hardening best practices
Runtime observability and security based on cloud-native best practice
Symworld has been built to maximize automation and minimize the need for human intervention.
Symworld Zero Touch Provisioning (ZTP)
All base stations are commissioned and brought online without the need for human configuration, including the security of all node aspects, with the generation, securing and vaulting of all interfaces and involved services. Subsequent configuration changes are handled through the Symworld Automation Studio. At no stage does a human manually write and run a configuration script and at no stage does any operational staff have any direct access to any security credentials. This is just one example of how security has been embedded into the operational model of Symworld as a first-class citizen and at birth.
Rakuten Symphony's approach has been driven by our early adoption of the "new ways of building networks" and the lack of any reference implementation of a successful nationwide Open RAN, cloud-native network deployment. As a result, we had to leverage 21st-century technologies for our 21st-century networks to achieve our objectives with the utmost resilience and privacy with user and data integrity in mind.
In the area of security, standing still is a much riskier strategy than moving forward. Actors are becoming increasingly sophisticated, and you must constantly evolve, as failure to evolve will sadly end with drastic consequences. Therefore, security cannot be an afterthought and needs to be designed into the fabric of the operator's business processes and procedures.
https://symphony.rakuten.com/blog/security-in-symworld |
Thread abonnieren
