Rakuten Symphony draws upon its experience in building the world’s largest Open RAN network to put forth a pragmatic and proven approach to securing today’s cloud-native and disaggregated mobile networks.
Previously the approach to security in telecommunications has been characterized as “security through obscurity” — proprietary techniques known only to a small few, and therefore, in theory, reducing the attack surface and the possibility of a compromise. Telecom has traditionally felt protected by these closed, proprietary systems that were hidden behind traditional perimeter-based security and access.
This closed approach is no longer fit for purpose.
"We have the largest real-world security experience on how to run modern cloud-native networks with open interfaces and we wish to share what we know and jointly collaborate on what we all need to do next.”
Head of Security Architecture and Standards, Rakuten Symphony
Telecom networks are modernizing. This is not a choice, but a necessity, to achieve parity with the evolving technology landscape that has grown around the industry since the birth of the internet and the democratization of software. Other large Internet players and public cloud providers also manage massive and distributed infrastructures, operating at a large scale with radically more efficient operations through automation and optimized hardware supply costs through commoditization and disaggregation. Both lead to faster time to market and increased agility that legacy manual and proprietary approaches cannot compete with. Thus telecom is adopting open interfaces and cloud-based infrastructure at a rapid pace and this introduces the need to change how we secure networks.
As a company that embraced the need to adopt a new security posture immediately, Rakuten Symphony has implemented a total security approach that has been live for multiple years. While Rakuten is a strong adherent to O-RAN Alliance and 3GPP security principles, we understand that no single reference architecture or standard for Open RAN can address every possible vulnerability and detect every possible threat. Even for a closed vRAN solution on private cloud, the standards will not specify how to implement the security it recommends. Our approach has been a pragmatic one, driven by our early adoption of the “new ways of building networks” and the lack of any previous reference implementation of a successful nationwide, Open RAN, cloud-native network deployment. In order to achieve our objectives at Rakuten Mobile, we had to leverage 21st century technologies, including proven best practices from the enterprise IT market over the past 20 years, to fortify our 21st century network with the utmost resilience, privacy, user and data integrity in mind.