Real-Time Edge Analytics for ISP Security

April 16, 2018 • Jim Hunter

The internet is a war zone: ISPs need real-time edge analytics for security

With the annual RSA conference just around the corner, digital security news will be getting some much-deserved attention. A lot of the headlines will be frightening — in many ways, the internet has become a battlefield. The Pentagon and NATO have long since designated cyberspace as an “operational domain” for war (just like land, sea, and air), but even completely neutral civilian businesses and consumers are continually under threat from an increasingly wide variety of cyberattacks. It’s dangerous in cyberspace. Rapidly evolving digital threats via myriad attack vectors mean that real-time response capability is essential to any modern security effort. Internet-service providers (ISPs) and their home network customers need automated defense solutions that are dynamic, enable end-to-end protection for users, and can work with legacy systems. Real-time edge analytics are now integral to fulfilling this need, as I’ll explain. But first, let’s examine the current “battlefield” geography.

The ISP Security Landscape

As our conveyance to the internet, ISPs face the full range of cyber threats — and that range is expanding. Symantec’s recent 2018 Internet Security Threat Report notes that “digital security threats can come from new and unexpected sources. With each passing year, not only has the sheer volume of threats increased, but the threat landscape has become more diverse, with attackers working harder to discover new avenues of attack and cover their tracks while doing so.” Among the report’s more alarming statistics are a 46% increase in new ransomware variants; a 54% increase in mobile malware variants; a 200% increase in attackers injecting malware implants into the software supply chain to infiltrate unsuspecting users or organizations (often by hijacking software updates); a 600% increase in IoT attacks; and a whopping 8,500% increase in coin miner detections (where cyber criminals “steal computer processing power and cloud CPU usage from consumers and enterprises to mine cryptocurrency”). Cyber threats move fast, often go unseen for some time, and are largely automated.

Real-Time Edge Analytics

Edge analytics involve automated computation on data at or near where it enters a network (a sensor, switch, etc.), instead of waiting for the data to be sent back to a centralized data store like the cloud. Edge analytics are being adopted across industry to derive real-time business value from the explosion of data generated by people, processes, and IoT “things.” Edge data can be diverse, highly unstructured, and dynamic compared to “traditional” network traffic. But once harnessed, such data can enable real-time response and provide real-time visibility into the state of a network. Such capability is obviously attractive in industrial applications for, say, predictive maintenance on high-value assets or in financial applications where microseconds can mean millions. But the capability is also essential to meeting the challenges posed by emerging cyber threats.

ISP Security with Real-Time Edge Analytics

The sooner an ISP can identify and shut down a security problem, the better. Just as with predictive maintenance or automated trading applications, real-time edge analytics can enhance network security positioning via anomaly detection and automated defense capabilities. Malware is more quickly detected and/or blocked. Unusual traffic immediately signals alarms or triggers corrective action. And all of it occurs automatically.

In the face of today’s imposing threat landscape, proactive security capabilities are essential to ISPs — and to any networked organization. Thus, real-time edge analytics capabilities are key and Greenwave stands ready to provide them. We recently partnered with CUJO AI to establish an end-to-end home security solution to help ISPs protect their subscribers. Greenwave Systems’ AXON Platform supplies real-time edge analytics that interface with CUJO AI’s data security to enable ISPs to manage critical data and services at the edge of a network. Similar proactive solutions can be utilized for enterprise.

We all want to travel safely, engage freely, and conduct business efficiently across cyberspace, but we can’t ignore the proliferation of threats to those needs or the virtual wars being waged around them. ISPs have to protect themselves and their customers. If the internet is a battlefield and cyberspace a domain for war, then real-time edge analytics represent the state-of-the-art in frontline defense and proactive threat resistance — supplying the intelligence to identify threats and intrusions and the means to act on time-sensitive data locally, before the network is overrun.