Page 290 - Kaleidoscope Academic Conference Proceedings 2024
P. 290

2024 ITU Kaleidoscope Academic Conference




           •   Enhance network security: The isolation between    Whether it is adding security features or adjusting
               network  slices  ensures  independence  between    security resources, it can be quickly implemented.
               different  slices,  not  only  preventing  potential
               interference between slices, but also enhancing the  •  Reduce costs and improve efficiency: Through the
               security of the sliced network.                    cloud based security function, NSaaS achieves the
                                                                  sharing and reuse of security resources, reduces the
           •   Rapid response to market changes: The flexibility of  security cost of individual users, and improves the
               network slicing enables telecommunications operators  efficiency of security investment.
               to respond quickly to market changes and meet new
               business needs by quickly creating slices.     •   Improve the efficiency of security management
                                                                  operations: NSaaS achieves centralized management
           6.3   NSaaS                                            and flexible scheduling of security services, simplifies
                                                                  network security management processes, reduces
           Shifting an enterprise’s applications and data to the cloud  operating  costs,  and  improves  the  operational
           introduces numerous benefits, such as reducing operational  efficiency of operators.
           costs and increasing competitive advantages. However, it
           also expands an organization’s cyber-attack surface and           7.  CONCLUSION
           makes them vulnerable to many cyber threats. NSaaS is a
           new cloud-native network security deployment service  Based on the above analyzation, this article provides
           solving this challenge. NSaaS inspects and protects against  guidance on the security development of network
           malicious ingress, egress, and east-west traffic within an  virtualization, solves the security threats faced by network
           organization’s network.                            virtualization, and proposes use cases for SD-WAN,
                                                              network slicing, and NSaaS, which can be used to guide
                                                              relevant parties in the industry for reference. Mainly
                                                              including the following aspects:


                                                              •   Introduced the current development status of network
                                                                  virtualization, as well as the relevant work in the
                                                                  industry on network virtualization security.


                                                              •   Sorted and analyzed the security threats faced by
                                                                  network  virtualization,  including  virus  attacks,
                                                                  malware    implantation,  information  leakage,
                                                                  unauthorized use and access, etc.
                 Figure 5- NSaaS Based on SDN and NFV

           At present, there are use cases applying the NSaaS in  •  Introduced the characteristics of network virtualization
           carrier networks, leveraging the technology of network  and analyzed the components and architecture of
           virtualization security. In this case, PoP nodes are deployed  network  virtualization,  including  virtualization
           on the private cloud network, and cloud-based security  network infrastructure, virtual network function, and
           functions are deployed on the PoPs to form a security  management system.
           resource pool. SDN and network virtualization technologies
           drain user traffic in the private cloud network and use  •  Provided network virtualization security control
           security resource pools to implement IDS, IPS, AV, etc.  measures, mainly proposing detailed security control
           NSaaS provides centralized, flexible orchestration and  measures for virtualization network infrastructure
           scheduling network security services for individuals,  security, virtual network function security, and virtual
           households, and enterprise connected to carrier networks.  network management security.
           The advantages and benefits of deploying NSaaS include:
                                                              •   Analyzed typical use cases and achievements of
           •   Enhance safety protection capabilities; Operators can  network virtualization security, including SD-WAN,
               monitor network traffic in real-time, accurately   network slicing, and NSaaS.
               identify and block malicious entrances, exits, and east-
               west traffic, effectively reducing the success rate of  In the future, with the deepening application of artificial
               network attacks and protecting the integrity and  intelligence and big data technology, network virtualization
               confidentiality of user data.                  will become more intelligent and automated, achieving
                                                              more accurate risk identification and more efficient threat
           •   Flexibility and Scalability: NSaaS is a cloud native  response. Network virtualization security is a complex and
               security deployment service that can be flexibly  arduous task that requires joint efforts from the industry to
               configured and expanded according to business needs.  continuously achieve technological innovation.





                                                          – 246 –
   285   286   287   288   289   290   291   292   293   294   295