search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
industryopinion


Centre for Policy Studies (CPS) it was found that a potential £34.1bn of additional economic output could be created if the government delivers its 5G target of covering the majority of the population by 2027. But the key to achieving this is speed, with networks built faster leading to higher regional gains, and there are concerns around whether the UK will be able to meet these deadlines. If these targets aren’t met, not


only do we face the potential of missing out on this huge economic boost, but we also risk dampening the UK’s position as a world leader in connectivity. A large part of those concerns came from delays caused by the COVID-19 pandemic, which of course had huge ramifications for numerous industries across the board and was responsible for a great deal of disruption. On top of this, while trying to make their recovery, network


operators are now being faced with new challenges posed by legislation around the security of data exchanged across the network. With various mission-critical use cases, security for 5G needs to be tighter, leading to a global mandate for the 5G core to use the newest and highest level of control plane encryption and privacy, TLS 1.3.


What TLS 1.3 means for network operators TLS 1.3 and PFS (perfect forward secrecy) is a major improvement on its predecessor, TLS 1.2, offering increased performance and security. It brings about faster handshakes between client and server, improved latency times, and removes several security vulnerabilities found in the previous version. The issue for network operators, however, is that TLS 1.3 also poses several new decryption challenges. Due to its high-speed, low-latency infrastructure, inline passive


devices can no longer be used to efficiently decrypt network traffic visibility at the control plane. Additionally, with the higher levels of encryption and PFS, passive inspection monitoring is no longer a viable option for TLS 1.3. This has meant that network operators are left with limited options, to either down-rev the TLS 1.3 standard protocol to allow for network visibility but expose the network to security risks, or to implement TLS 1.3 encryption but sacrifice the ability to inspect and monitor traffic. Alternatively, they can implement complex measures into the service mesh, but this brings its own complications and security issues. To be able to keep up with demand and achieve the targets set


by the UK government, network operators need a more robust solution that will enable acceptance of modern TLS 1.3 encryption, yet still grants the carrier visibility over their network for security, inspection, and monitoring purposes.


www.pcr-online.biz


Breaking down the decryption barrier: introducing SKI In order to bypass the additional challenges to 5G rollout brought on by the TLS 1.3 standard protocol, network operators need a pure- play decryption solution that will show complete details of traffic without security risks. In its 2019 workshop on enterprise visibility, the Centre for


Cybersecurity Policy and Law set a baseline criteria for the acceptability of solutions for visibility challenges. In keeping with these criteria, any proposed solution to the challenges associated with TLS 1.3 must be scalable, relatively easy to implement/deploy, usable in real time and post-packet capture, effective for both security and troubleshooting purposes, and widely available and supported in mainstream commercial products and services. Such a solution exists in Session Key Intercept (SKI). It builds


on the previous concept of Keylogging, the basic idea of getting and using keys to decrypt sessions and makes it a viable solution for scaled and secure mission-critical use. SKI works by extracting the individual TLS session encryption keys developed during the handshake and using these to bulk decrypt the communication – discarding them after use. Once these keys become accessible, then bulk, fast, and low CPU power decryption is achievable. The solution plugs into existing tools already in use and works in


any environment where TLS encryption is used, providing a plug- and-play style solution to network operators which allows them to bypass the complexities of trying to decrypt traffic using a native service mesh technology. By implementing SKI, network operators can break down the


barriers of TLS 1.3 decryption and keep full visibility over their networks, which will allow them to accelerate the roll out of 5G without sacrificing security or the ability to inspect and monitor traffic.


October 2022 | 17


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44