Securing Virtualized Networks: A Pure Software Approach, Using Advanced Privileged Access Management

Service providers have spent billions virtualizing network functions and moving applications to the cloud; this calls for new approaches to software-driven security solutions.

Privileged Access Management (PAM) is now extending into software-driven networking environments, at the carrier, service provider and large enterprise levels. After years of success controlling basic infrastructure, including servers, computers, and applications within internal networks, network devices have been proven to be vulnerable as the general attack surface grows – a playground for external cybercriminals, as well as internal admins who intentionally or unintentionally cause harm.

Krontech, the only PAM provider with extensive depth of experience in the large mobile service provider space, is a leader in bringing extreme levels of privileged access security including authentication, authorization and auditing, to network devices of many kinds, in addition to the more traditional Windows, Unix and Linux servers.

Why is this more important than ever? Because after billions of dollars have been spent by carriers, network operators and communications service providers to virtualize network functions, and adopt open telco standards (including Red Hat certified technologies), it’s important to now lock these new more digital environments down across routers, switches and firewalls in the core, but also all the way out to the edge of the network, where the most value is being created (Multi-access Edge Computing, or MEC, for IoT and more).

With more and more regulation of privacy and personalized data, combined with hyper-digital use of personal and business devices and applications occurring in parallel, ensuring compliance across all vulnerability points is also no longer optional – it’s critical.

Today’s NFV networks are more integrated, more open, and are accessed by employees, partners, and other participants, including those buying data through APIs.

There is no better time to upgrade the approach to access management than now, with insight into how the new virtualized networks are rolling out and interconnecting – before a breach happens.

While there are tools out there to address the challenges, the older tools are in fact a mix of disparate code and different admin portals and user experiences, leaving gaps in control and visibility. Krontech is the first PAM company to bring a comprehensive set of modern tools – built from the ground up to work across all environments, including those virtualized and in the cloud – with a unified view and proven results enjoyed by some of the largest CSPs and enterprises in the world.

As Gartner’s analyst team put it, “While support for cloud infrastructure is rapidly maturing and more vendors are adding behavior analytics and privileged task automation, pricing and licensing remain variable.”

Gartner’s report goes on to say:

  • Requirements arising from increased adoption of cloud-based infrastructure and applications are fueling the growth of privileged access management (PAM) as a service, albeit from a low base.
  • Privileged task automation, user and entity behavioral analytics (UEBA), and support for IaaS and PaaS are increasingly important differentiators for PAM products and services.
  • PAM deployments without proper scoping, roadmap development and stakeholder support, struggle to achieve the desired business value and risk reduction, due to a mixture of political and cultural issues.
  • Complex and highly variable pricing models across PAM vendors complicate product selection.

Their recommendations include planning ahead, forcing vendors to supply pricing transparency, looking for high-availability and built in features, including multifactor authentication, and “ensuring integration support, scalability and auto-discovery features if you are a large and global organization.”

They also recommend deploying “session recording as soon as possible, because this capability will add accountability and visibility for privileged activity” – and these are all features Krontech has lead in terms of innovation and real-world deployments.

But what may be most telling, and related to the opportunity and urgency for CSPs to ensure their virtualized environments are secure is this prediction:

By 2019, 30% of new PAM purchases will be delivered as a service or run in the cloud, reflecting needs to manage virtual infrastructure and cloud services.

Stay tuned for more information on Krontech’s innovation in virtualized and cloud architectures; because we work closely with our customers and influence each other’s roadmaps and timelines, we’re ahead of the competition when it comes to building what works for tomorrow – in a software world where the hardware that software runs on needs to be fully protected, along with the applications and data being created, shared, and managed.

Author: Dmitry Belyavskiy