Wedge Networks Making Mobile Networking Secure

With the proliferation of mobile devices comes an exponential increase in attempts by bad actors to compromise not just the devices, but the networks they attach to. This includes those of enterprises now dealing with the bring-your-own-device (BYOD) phenomenon. And the problem is only getting worse.

In fact, Kaspersky Labs estimates there was a 540-percent increase in mobile malware in 2011 alone. They concluded that “Malicious users essentially automated the production and proliferation of mobile threats.” This led Forrester Research to conclude at the end of 2011 that “Mobile Security has been the top priority for security and risk executives for the past twelve months.”

In short, as a result of all of our increased reliance on mobile devices as our preferred tools for communications, the protection of our critical communications and information is a real and present danger. 

The reality is that malware of all shapes and sizes can and has slowed mobile networks to a crawl. Its impact has been felt not just by mobile operators and their individual customers, but by enterprise IT shops looking to mitigate risk. After all, unfortunately, BYODs represent a relatively easy to open backdoor to corporate assets which now are squarely in harm’s way.

The challenge for mobile service providers (SP) who like it or not are customers “first throats to choke,” has been to: 

• Provide a customer experience that users of personal devices can trust, cutting down on customer dissatisfaction and ultimately churn.
• Turn what has been a forgotten step-child of networking, security, into a competitive advantage as well as a revenue generator rather than a cost center.

The good news coming out of the TIA show in Dallas is that Wedge Networks, headquartered in Calgary, Canada and with offices in Santa Clara, USA and Beijing, China, has announced a solution that will allow mobile SPs the ability to meet both challenges head on. Built on its industry leading deep content inspection (DCI) platform—architected for malicious-code detection and filtering at the application layer—Wedge introduced its Mobile Security Module. It is something SPs and enterprise customers alike should take a very careful look at.

A light touch that packs a punch

The Mobile Security Module is a network appliance that features comprehensive mobile threat intelligence, with rapid deployment and a zero device footprint. It enables SPs to protect their network, enterprise customers and individual subscribers from mobile malware and other malicious threats to messaging capabilities and applications, including those downloaded from popular app stores. Until now the problem has been using URL filtering and device security apps to combat these threats has proven to be insufficient. It is also hard to manage from operator and user perspectives, and adverse to the device performance it is designed to protect as a result of significant time spent on scans and the drain on battery life. 

What are the benefits of the Mobile Security Module? Wedge points out the following:

• Most comprehensive mobile security solution: World-class threat intelligence partners, cloud sourcing and research labs provide the most up-to-date and dynamic threat protection.
• Multi-threat/multi-protocol security platform: Patented cross-session/cross-protocol support enables protection, identification and intelligence on blended threats that affect mobile devices including everything from outbound data leaks to threats hidden in messages, social networking Web pages, mobile apps and rich content.
• Build a trusted relationship between the operator and subscriber by stopping threats at the network: Utilize WedgeOS Deep Content Inspection (DCI) technology to conduct real-time full content/context analysis, detecting and blocking threats at the network before they reach vulnerable end-user mobile devices.
• Increase revenue streams from enterprise accounts:  Security-as-a-service and new programs are offered to subscribers. From subscriber security value added services to supporting enterprises with Bring Your Own Device (BYOD) policies; service providers now have a new viable revenue stream.
• Reduced operational costs: The Mobile Security Module helps control compromised devices, reducing support calls, encouraging self-management and eliminating illegitimate traffic on the network.
• Rapid deployment into existing networks: WedgeOS’s industry-leading performance, combined with its unique inline, L2 transparent network stack allows service providers and operators to rapidly enable mobile security without reengineering their existing network and without loading anything onto the mobile devices.

The network is the place to ensure security

In speaking with MobilityTechzone about the solution, Hongwen Zhang, President and CEO at Wedge Networks, and Joe Bulman, Senior Systems Architect, both emphasized that SP networks leveraging the provisioning of security from the cloud is the rightful place to address growing mobile malware issues. This included obvious reasons such as the ability to stop problems before they hit devices. 

They also mentioned that using the power of the network to quickly spot anomalies and remediate problems was an enormous benefit. Wedge is painfully aware that the bad guys are constantly improving the lethal nature of their attacks, and as noted above are quickly automating them to increase their reach and impact. As a result, device-based security cannot keep up with all of the anti-virus definitions in the way a network operator can nor stop harm in more than one device. 

It is all about TRUST

“Ensuring the security of mobile devices while continuing to deliver an uncompromised level of service is paramount for mobile operators and service providers to maintain customer trust,” said CEO Zhang in his remarks at TIA, describing the multi-headed landscape the solution addresses. “At Wedge, we have worked closely with partners and customers to develop and validate this innovative mobile security solution to effectively protect mobile devices at the network transport layer. This solution not only allows operators to provide comprehensive security, but also enables new revenue and customer acquisition opportunities while avoiding the high costs of provisioning and managing security software on mobile devices.”

Martha Vazquez, Global Network Industry security analyst, Frost & Sullivan, agreed: “Today’s evolving workforce needs an alternative and high-level pathway to secure sensitive data on mobile devices. At Frost & Sullivan, we have seen an increase in enterprise and government organizations with BYOD policies looking for network security as a key feature when selecting their service providers.”

Vazquez’s last point is a grabber. Truth is that business organizations are looking closely at security as a differentiator is choosing their service provider, and the mass market is likely to be a fast follower as 3G contracts expire and the world awaits a 4G iPhone. 

Zhang said five significant service providers are already evaluating the solution for commercial deployment. They fully understand the value of trust being handled by service provider and that the best place for signature updates should come from the SP and not be device-centric. 

Deep content inspection is key

The secret sauce here is Wedge’s DCI capability. In a single platform they can not only protect against multi-threat/multi-protocol attacks, but provide real-time updates. They do so with very low latency on the network and can look at not just anomalous packets but by pulling out entire objects which they then decode they have a comprehensive view of bad apps. This is how they can alert users of problems, inform them of remediation efforts, and even inform them of pending problems with potential downloads.

The beauty here is that this is done at carrier speeds with no impact on the device. Plus, the appliance itself has a small footprint, can handle multiple types of network signaling, enable enterprise customers to opt in and out so they would only need to pay for what they use, and it is dynamically scalable.   

Over the past few years, numerous studies from various vendor and independent research organizations have found a growing customer wiliness to pay a premium for mobile security. The trick has been to bring to market a solution that can provide a level of trust that fits the customer comfort zone for perceived value. It seems Wedge, by providing a light foot print, low-latency, appliance based and cloud delivered security solution has found a sweet pot in a market that is ready and willing to listen and likely to pay for increased peace of mind for the customer, and differentiated value, reduced cost and new revenues for the service providers.