Cisco Gears Up for 5G with Security-Focused Cloud-Native Acquisitions

Cisco has announced two key acquisitions in the last month that will provide a nice addition to its secure 5G toolset: Portshift and Banzai Cloud. The first is an Israeli startup that focuses on cloud-native application security. The second is a Hungarian outfit developing secure cloud-native applications. Both solutions address Kubernetes security challenges. The acquired teams and the assets will be folded into Cisco’s Emerging Technologies and Incubation group, which looks to develop new projects for cloud-native networking, security, and edge computing environments.

The acquisitions are a great fit for the fifth generation of cellular technologies that Communication Service Providers (CSP) have started rolling out. 5G is a significant departure from its predecessors, in that it embraces software-based solutions and cloud-native environments right at the core itself. Virtualization and cloud being the operative words, CSPs will need to integrate these capabilities if they want to quickly spin up network slices as well as provide edge compute services. The key technologies that will enable such functionalities include containers (like Kubernetes), service meshes, microservices, and declarative APIs, among other tools, and so having capabilities in these technologies is critical, whether through in-house R&D or through acquisition. But more to the point, leveraging virtualization and creating a virtual 5G core presents many new and unknown risks. And not just for the telecommunications industry itself, which is nominally considered to be a critical infrastructure, but also for all the new industries and enterprise use cases that will be leveraging the many enhanced capabilities that 5G has to offer. As such, the stakes are high for infrastructure and service providers to ensure the new technologies leveraged in 5G are secure.

This concern is at the forefront of industry stakeholders, from potential enterprise users, to service providers and vendors, to governments and national security agencies. 5G presents many exciting opportunities for the IoT, from consumer to industrial, and this broad range of potential use cases means that the threat landscape is that much bigger. Ensuring that security is designed, tested, and verified in the underlying 5G infrastructure and the fabric itself is not an option, but a requirement. The question is, who will be the one to offer these security guarantees in a multi-vendor 5G environment?

As the first enhanced mobile broadband applications are being rolled out, paving the way for eventual URLLC and mMTC applications, ecosystem players are already in position, ready to identify and quickly seize the next revenue-generating opportunity in the security market. Doing so will require both agility (in adapting a solution) and flexibility (depending on the use case) to gain enterprise trust. Container technology, and Kubernetes as the prime example, has emerged as that ideally suitable technology for developing cloud-native applications, and Cisco is right to capitalize on the talents that are focused on securing it. Above all, they will form the founding blocks of a broader secure service ecosystem for 5G.

Container-managed platforms allow organizations to pursue agile development, and more easily adopt shift left methodologies, where testing is performed much earlier at the software development lifecycle. Not only can it significantly cut costs relative to identifying and fixing software defects, but it can allow for much quicker project delivery and through use of automation, enabling Continuous Integration and Continuous Delivery (CI/CD) models. These are the key requirements for 5G applications, but will be a big change for CSPs, more used to static test strategies and managed staged delivery cycles. 5G requires CPSs become lean and agile entities; in fact, those are the same requirements that have made hyperscalers so successful in the cloud world. They are lined up to benefit greatly from 5G applications, not least for enterprise security.

For Cisco and other network providers, it is important to consider how their portfolio can cater to a 5G world, whether working with CPS, other NEPs, security vendors, or hyperscalers. Certainly, pure play security and network vendors like Juniper Networks, Palo Alto Networks, and A10 Networks are all looking to ensure they have pertinent security offerings for 5G, and the right partnerships in place to showcase their abilities. Traditional cellular behemoths and monopolies are unlikely to endure, and so the lucrative 5G future is wide open to the quick and nimble with a good security case.