5G Versus Wi-Fi 6 – Demystifying the Technology

By: Jacob Chacko Regional Business Head – Middle East, Saudi & South Africa (MESA) at HPE Aruba

The hype continues to grow for 5G technology, with many carriers promoting it as a way to target the enterprise networking and IoT markets with an end-to-end service that spans indoor and outdoor coverage.

But will 5G be the answer to all decision-makers’ prayers? There is a lot of understandable confusion about the role Wi-Fi will play in the 5G era, and how they might work together. Although carriers are just beginning to deploy 5G networks, customers need to decide whether it is worth hanging around for 5G offerings, or whether it won’t actually deliver what they need.  

Is 5G more secure than Wi-Fi?

There is a misperception that cellular technologies are more secure than Wi-Fi. Although LTE is relatively secure, it’s not perfect. According to researchers at the University of Iowa and Purdue University, LTE is vulnerable to a range of attacks, including data interception and device tracking. 5G improves upon LTE security with multiple authentication methods and better key management. At the same time, Wi-Fi security continues to advance. Of course, Wi-Fi implementations that do not follow best practices, such as those without even basic password protection, are not optimal. Those configured with proper access controls and passwords are highly secure, and with new standards – specifically WPA3 and Enhanced Open – Wi-Fi network security is even better. It’s also important to keep in mind that that enterprises have made enormous investments in security and compliance solutions tailored to their specific needs. With cellular networks, including 5G, enterprises lose the ability to deploy their chosen security and compliance solutions, as well as most visibility into traffic flows. With macro 5G, from a security perspective, you get what you get.

Does 5G have more features than Wi-Fi?

Although everyone is talking about the incredible speed of 5G, you would be hard-pushed to argue that Wi-Fi 6 couldn’t match it int terms of speed, latency, spectral efficiency, connection density (number of devices connected in a given area) and reliability. The 5G standard does add some new capabilities that 4G doesn’t have, such as the ability to network splice, higher connection density and integrated Edge Compute (MEC). However, while these features are new for cellular, they aren’t new in the market. Enterprise networks, including Wi-Fi, have featured high connection density, network virtualisation and edge computing capabilities for decades. When comparing 5G to Wi-Fi 6, the most important functional difference is 5G’s ability to offer macro-area coverage and high-speed mobility. Wi-Fi was not designed to incorporate either of these capabilities. Conversely, Wi-Fi economics are more favorable from both per-square-foot and lifecycle cost perspectives – devices that only need Wi-Fi are cheaper than those that also have LTE, which would also have the added cost of having to manage SIM cards/subscriptions. So, if a customer values macro coverage and high-speed mobility – and is willing to pay the additional cost for them – 5G is a better fit.

Which is more reliable?

Both Wi-Fi 6 and 5G are extremely reliable when deployed correctly. Although macro 5G is deployed using licensed spectrum, which is less subject to interference than unlicensed spectrum, operating on licensed spectrum doesn’t always translate to higher levels of reliability. Numerous enterprise Wi-Fi customers have achieved extremely high levels of reliability and performance in demanding environments, such as large, sophisticated manufacturing plants. Wi-Fi 6 improves reliability even further. Still, for certain applications, it might make sense to segment a specific private network on either a licensed spectrum, or a different band of unlicensed spectrum (for example, CBRS).

The reality is that Wi-Fi and 5G are both evolving to better serve end users, and both markets will grow to address the macro trend of connecting devices and analysing the data generated by these devices. 5G will serve applications requiring high-speed mobility and macro coverage, while Wi-Fi 6 will continue to prove its value as a reliable, secure and cost-effective access technology for most enterprise applications, as it does today.

Autodesk Signs BlueTech as Distributor for African Market

BlueTech Holding Ltd., part of Midis Group and providing end-to-end technology advisory solutions for business partners across the Levant, Gulf and Africa, today signed an exclusive distribution agreement with Autodesk for North, West and Central Africa. BlueTech will be responsible for developing, creating and enabling the right partner ecosystem for Autodesk that can design, promote, sell, implement and deploy successful digital transformation solutions for end customers.

Speaking about the agreement, Mr. Toni Azzi, General Manager at BlueTech Holding Ltd. comments, “Autodesk is a global leader in design and make software for architecture, engineering, construction, media and entertainment, and manufacturing industries. We believe that there is huge potential for the company’s solutions in the African market as enterprises in the region evolve towards complete digitization.”

“BlueTech has been a valued IBM and Lenovo Distributor for more than twenty years. Adding Autodesk will further strengthen our portfolio and solution offering and is in line with our vision ‘to be the preferred strategic partner in MEA, by delivering innovative solutions that enable and support the digital transformation agenda of regional enterprises’.”

BlueTech will have an active engagement with Autodesk to ensure alignment on the go-to-market strategy. The distributor and vendor will work closely together to develop and enable the regional channel community. Partner recruitment events will be held frequently such as partner summits, roadshows, roundtables and bootcamps, as well as partner enablement and technical training workshops. Training will also be provided to end-customers to help them derive maximum benefit from the implementations.

“With rapid urbanization, a rising middle class, economic growth and increased government investments, we are witnessing a growth in the construction, infrastructure and manufacturing sectors in Africa. Technology adoption can play a critical role in driving this growth, and we are excited about working with BlueTech to bring these best-in-class solutions to Africa. As we aim to expand into new markets and new territories in Africa, it is critical to have a strong distribution framework that enhances the operational efficiencies across the supply chain and maximizes business outcomes. The addition of BlueTech to our existing VAD family is a significant step in this direction,” explains Louay Dahmash, Director Field Sales for EMEA Emerging at Autodesk.

Over the last several decades, Autodesk has driven innovation in every industry its software touches. Below are some of the areas that the company is revolutionizing through its market leading technology:

  • Building Information Modelling (BIM) – BIM is an intelligent 3D model-based process that gives Architecture, Engineering and Construction (AEC) professionals the insight and tools to more efficiently plan, design, construct, and manage buildings and infrastructure. Autodesk is helping AEC professionals move towards more collaborative, automated and successful ways of working.
  • Construction – Autodesk’s vision for the construction industry is based on how cloud-based, collaborative technology can drive the era of connected construction. Autodesk Construction Cloud portfolio combines next-generation technology, a robust network of professionals and firms, and powerful predictive analytics to help the business thrive across all phases of construction.
  • Generative Design for D&M and for AEC – Generative design is a form of artificial intelligence that leverages the power of the cloud to create better outcomes for products, buildings, infrastructure, systems and experiences. It utilizes algorithms, machine learning and computational geometry to quickly explore multiple solutions to a design problem. Generative design yields a wide range of alternatives that are optimized and validated by satisfying the various criteria a design must meet while accelerating the entire design-to-make process. The recent expansion of Autodesk Revit that is now including generative design technology, allows users to explore, optimize and evaluate data-driven design alternatives based on project goals, constraints and inputs.

“For more than 25 years, Autodesk resellers have been delivering the right solutions, software, and services to meet business needs. They understand unique business and industry needs. We are pleased to bring BlueTech as our new distributor in Africa. With over twenty-two years of experience in solution selling and technology advisory, we believe that BlueTech, through its vast channel network, robust logistical engine, and its team of experts, will drive customer success in our key industries in the region to new levels,” concludes Simon Bromfield, Africa Territory Sales Manager at Autodesk.

How are Financial Services Firms Addressing the Requirements of Digital Transformation, Security, and Compliance?

By: Ehab Halablab, Regional Sales Director – Middle East at A10 Networks

The financial services sector is experiencing significant commercial disruption coupled with rapid innovation as established institutions strive to become more agile and meet evolving customer demand. As a result, financial services organisations are undergoing rapid digital transformation to meet changing customer needs and preferences, and to compete with a new generation of digital-native competitors. Hybrid cloud environments play a key role in this strategy, allowing greater speed, flexibility, and visibility over application delivery than on-premises data centres while also reducing costs.

But the move to hybrid cloud introduces new challenges as well. So, as financial services organisations plot their strategy for transformation, firms must make critical technical decisions about the clouds and form factors best suited to host their hybrid environment. They also need to consider how they will secure web applications against evolving threats such as ransomware, data theft, and DDoS attacks through measures such as DDoS protection and using a Zero Trust model. At the same time, they must also maintain regulatory compliance, governance, and auditability across complex, fast-evolving infrastructures.

To understand more about these challenges, we recently conducted a survey with Gatepoint Research involving senior decision-makers to gain insight into the current state of financial services technology and the future direction for organisations in this sector. Here are some of the key findings:

Today’s Financial Services Technology Landscape

Although financial services businesses are making a steady move to the cloud for application delivery, on-premises data centres continue to play an important role.

While adoption of public cloud infrastructure is strong, with almost half of those surveyed hosting applications primarily in the cloud, most respondents (58 percent) continue to rely primarily on their private on-premises data centre for application delivery. 35 percent of organisations described their environment as a hybrid cloud, though with an emphasis on their own private data centre. This shows that even as transformation continues, the traditional data centre remains prominent in the technology strategy of financial services organisations.

That said, the balance between on-premises and cloud infrastructure may well shift soon. When respondents were asked about their plans for the coming year, 57 percent of decision-makers reported that they intend to move more applications to the cloud.

Ransomware and PII Lead Security Concerns

Today, financial services organisations face a broad spectrum of security threats, including many being targeted at sensitive customer data. The survey highlighted that organisations’ biggest security concerns or consequences were ransomware (57 percent); personally identifiable information (PII) data theft (55 percent); and phishing or fake sites (49 percent).

While threats to customers and their data are seen as the highest risk, dangers to the company’s brand image and reputation were not far behind. 38 percent of leaders cited concerns about hacking and cyber defacement, tied with brand damage and loss of confidence. Nearly as many (37 percent) were concerned about DDoS attacks, which can undermine a firm’s perception among customers through impaired service quality and customer experience. Meanwhile, insider attacks remain an issue, named by 28 percent of respondents, if not quite at the same level as most external threats.

To address the changing security landscape, many organisations have started initiatives around the Zero Trust model, in which traditional concepts of secured zones, perimeters, and network segments are updated with a new understanding that a threat can come from anywhere or anyone inside or outside the organisation. As of June 2020, 41 percent of respondents had already established a timeline for their Zero Trust model initiative with 15 percent having projects currently underway. Still, nearly two-thirds have no current plans or initiatives around the Zero Trust model.

Moving to Improve Flexibility, Agility, Scalability and Security

Technologies and strategies planned for the coming year reflect a key focus on the competitive requirements of fast-paced digital markets. The top-two initiatives included moving from hardware appliances to more flexible software form factors and deploying hybrid cloud automation, management, and analytics to increase operational efficiency.

With DDoS attacks a prime concern, 29 percent of respondents planned to deploy or replace an existing web application firewall (WAF) or DDoS protection solution. Surprisingly, even several years after the introduction of modern Perfect Forward Secrecy (PFS) and Elliptical Curve Cryptography (ECC) encryption standards for enhanced security, 29 percent of organisations are only now working to upgrade their Transport Layer Security (TLS) capabilities to support these technologies.

Even as cloud adoption continues to be strong, five percent of decision makers intend to repatriate applications from private cloud environments to their private data centre. While not a high number, this is not entirely insignificant. Given the diversity of form factors, architectures, and deployment methods to choose from, it is important to make sure that the approach fits the organisation’s needs before proceeding.

Addressing the Requirements of Hybrid Cloud and Rising Demand

Moving forward, decision-makers view capabilities related to risk as especially important for their financial platforms. When it comes to the most important capabilities for financial platforms running in hybrid cloud environments, regulatory compliance, comprehensive application security and redundancy/disaster recovery are top must-haves.

In addition to the importance placed on redundancy/disaster recovery, many respondents (43 percent) named centralised management and analytics as important capabilities. Along with elastic scale for variable/seasonal demands (25 percent), this shows a recognition of the requirements to provide effective service through redundancy, scalability, and a sound infrastructure.

Compared with risk-related and operational priorities, cost saw considerably less emphasis in the survey. While 28 percent of respondents placed importance on automation for operational efficiency and reduced costs, just 18 percent prioritised flexible licensing and pricing.

Desired Benefits from New Technology Investments

As they plan new technology investments, decision-makers are motivated foremost by risk reduction—far outpacing business factors such as revenue, customer experience, and competitive advantage.

By a large majority, security was the most likely benefit to spur funding for new technology. Operational considerations followed, including operational improvements (65 percent) and cost savings (63 percent). Regulatory compliance, emphasised earlier in the survey as a priority for a hybrid cloud requirement, was not necessarily top-of-mind in the technology funding stage—but still of high importance (57 percent). Revenue generation was named as a highly important benefit by only 35 percent, followed by customer satisfaction at 32 percent. Even in an industry undergoing rapid digital transformation, just 32 percent of decision-makers cited business advantage from new technology as a prime factor—and only 17 percent were moved by the ability to accelerate development speed.

The results of the survey offer a snapshot of an industry in transition, as decision-makers seek to keep control over security and compliance and maintain operational consistency, as they look to tap into the agility and scalability of the cloud. It is clear that, while security is important for digital transformation initiatives, application delivery and managing multi-cloud environments are of equal importance.  Above all financial services organisations must maintain their good reputation and ensure customer trust. Firms must demonstrate that they are protecting customer assets, providing an ultra-reliable service, working with trustworthy partners and reducing risk to the business.

FortiGuard Labs Predicts Weaponizing of the Intelligent Edge Will Dramatically Alter Speed and Scale of Future Cyberattacks

Derek Manky, Chief, Security Insights & Global Threat Alliances, FortiGuard Labs said, “2020 demonstrated the ability of cyber adversaries to leverage dramatic changes happening in our daily lives as new opportunites for attacks at an unprecedented scale. Going into 2021 and beyond, we face another significant shift with the rise of new intelligent edges, which is about more than just end-users and devices remotely connecting to the network. Targeting these emerging edges will not only create new attack vectors, but groups of compromised devices could work in concert to target victims at 5G speeds. To get out ahead of this coming reality, all edges must be part of a larger, integrated, and automated security fabric platform that operates across the core network, multi-cloud environments, branch offices, and remote workers.”

The Intelligent Edge Is an Opportunity and a Target

Over the past few years, the traditional network perimeter has been replaced with multiple edge environments, WAN, multi-cloud, data center, remote worker, IoT, and more, each with its unique risks. One of the most significant advantages to cybercriminals in all of this is that while all of these edges are interconnected many organizations have sacrificed centralized visibility and unified control in favor of performance and digital transformation. As a result, cyber adversaries are looking to evolve their attacks by targeting these environments and will look to harness the speed and scale possibilities 5G will enable.

  • Trojans Evolve To Target the Edge: While end-users and their home resources are already targets for cybercriminals, sophisticated attackers will use these as a springboard into other things going forward. Corporate network attacks launched from a remote worker’s home network, especially when usage trends are clearly understood, can be carefully coordinated so they do not raise suspicions. Eventually, advanced malware could also discover even more valuable data and trends using new EATs (Edge Access Trojans) and perform invasive activities such as intercept requests off the local network to compromise additional systems or inject additional attack commands.
  • Edge-enabled Swarm Attacks: Compromising and leveraging new 5G-enabled devices will open up opportunities for more advanced threats. There is progress being made by cybercriminals toward developing and deploying swarm-based attacks. These attacks leverage hijacked devices divided into subgroups, each with specialized skills. They target networks or devices as an integrated system and share intelligence in real time to refine their attack as it is happening. Swarm technologies require large amounts of processing power to enable individual swarmbots and to efficiently share information in a bot swarm. This enables them to rapidly discover, share, and correlate vulnerabilities, and then shift their attack methods to better exploit what they discover.
  • Social Engineering Could Get Smarter: Smart devices or other home-based systems that interact with users, will no longer simply be targets for attacks, but will also be conduits for deeper attacks. Leveraging important contextual information about users including daily routines, habits, or financial information could make social engineering-based attacks more successful. Smarter attacks could lead to much more than turning off security systems, disabling cameras, or hijacking smart appliances, it could enable the ransoming and extortion of additional data or stealth credential attacks.
  • Ransoming OT Edges Could Be a New Reality: Ransomware continues to evolve, and as IT systems increasingly converge with operational technology (OT) systems, particularly critical infrastructure, there will be even more data, devices, and unfortunately, lives at risk. Extortion, defamation, and defacement are all tools of the ransomware trade already. Going forward, human lives will be at risk when field devices and sensors at the OT edge, which include critical infrastructures, increasingly become targets of cybercriminals in the field.

Innovations in Computing Performance Will Also Be Targeted

Other types of attacks that target developments in computing performance and innovation in connectivity specifically for cybercriminal gain are also on the horizon. These attacks will enable adversaries to cover new territory and will challenge defenders to get ahead of the cybercriminal curve.

  • Advanced Cryptomining: Processing power is important if cybercriminals want to scale future attacks with ML and AI capabilities. Eventually, by compromising edge devices for their processing power, cybercriminals would be able to process massive amounts of data and learn more about how and when edge devices are used. It could also enable cryptomining to be more effective. Infected PCs being hijacked for their compute resources are often identified since CPU usage directly impacts the end-user’s workstation experience. Compromising secondary devices could be much less noticeable.
  • Spreading Attacks from Space: The connectivity of satellite systems and overall telecommunications could be an attractive target for cybercriminals. As new communication systems scale and begin to rely more on a network of satellite-based systems, cybercriminals could target this convergence and follow in pursuit. As a result, compromising satellite base stations and then spreading that malware through satellite-based networks could give attackers the ability to potentially target millions of connected users at scale or inflict DDoS attacks that could impede vital communications.
  • The Quantum Computing Threat: From a cybersecurity perspective, quantum computing could create a new risk when it eventually is capable of challenging the effectiveness of encryption in the future. The enormous compute power of quantum computers could render some asymmetric encryption algorithms solvable. As a result, organizations will need to prepare to shift to quantum-resistant crypto algorithms by using the principle of crypto agility, to ensure the protection of current and future information. Although the average cybercriminal does not have access to quantum computers, some nation-states will, therefore the eventual threat will be realized if preparations are not made now to counter it by adopting crypto agility.

AI Will Be Critical To Defending Against Future Attacks

As these forward-looking attack trends gradually become reality, it will only be a matter of time before enabling resources are commoditized and available as a darknet service or as part of open-source toolkits. Therefore, it will take a careful combination of technology, people, training, and partnerships to secure against these types of attacks coming from cyber adversaries in the future.

  • AI Will Need To Evolve: The evolution of AI is critical for future defense against evolving attacks. AI will need to evolve to the next generation. This will include leveraging local learning nodes powered by ML as part of an integrated system similar to the human nervous system. AI-enhanced technologies that can see, anticipate, and counter attacks will need to become reality in the future because cyberattacks of the future will occur in microseconds. The primary role of humans will be to ensure that security systems have been fed enough intelligence to not only actively counter attacks but actually anticipate attacks so that they can be avoided.
  • Partnerships Are Vital for the Future: Organizations cannot be expected to defend against cyber adversaries on their own. They will need to know who to inform in the case of an attack so that the “fingerprints” can be properly shared and law enforcement can do its work. Cybersecurity vendors, threat research organizations, and other industry groups need to partner with each other for information sharing, but also with law enforcement to help dismantle adversarial infrastructures to prevent future attacks. Cybercriminals face no borders online, so the fight against cybercrime needs to go beyond borders as well. Only by working together will we turn the tide against cybercriminals.
  • Enabling Blue Teams: Threat actor tactics, techniques, and procedures (TTPs), researched by threat intelligence teams, such as threat actor playbooks, can be fed to AI systems to enable the detection of attack patterns. Similarly, as organizations light up heatmaps of currently active threats, intelligent systems will be able to proactively obfuscate network targets and place attractive decoys along attack paths. Eventually, organizations could respond to any counterintelligence efforts before they happen, enabling blue teams to maintain a position of superior control. This sort of training gives security team members the ability to improve their skills while locking down the network.