How do you solve a problem like Huawei?


This article was published in Telecoms News from NTSI on May 16, 2021. You can read the original article here

Network function disaggregation is the answer to telcos’ security challenges


Written by Hannes Gredler, founder and CTO of RtBrick

More than ever before, data is power. Citizens and governments alike should feel confident that those who are entrusted with their data will act legally and in their interests. This puts telecommunications companies in a position of great responsibility when selecting the technology with which to build networks – especially in the global 5G rollout, but also in the fixed broadband networks we have relied on so heavily in the last year. 

Huawei under the spotlight

Huawei – one of the world’s largest providers of telecoms equipment – has recently been in the firing line for precisely this reason. There are widespread concerns about Huawei’s close links to the Chinese state, and therefore the possibility of espionage by the company. Some have also suggested the possibility of sabotage in future, including network shutdowns.

Many also allege that Huawei steals intellectual property from foreign technology companies, believing that Western countries shouldn’t engage with the company as a matter of principle. A recent survey by American lobby group 5G Action Now found that almost three-quarters of Americans believe Huawei technology should be removed from the US. Currently, American companies are banned via a presidential executive order from working with or buying telecoms equipment from companies deemed a national security – including Huawei.

Rising negative opinion towards Huawei is fast becoming a worldwide phenomenon, with governments including Japan and Australia banning the company’s telecoms technology. Meanwhile, in the UK, the Telecommunications Security Bill is currently passing through the House of Commons. This stipulates that operators should stop procuring new Huawei equipment and must remove all the company’s existing equipment from their networks by the end of 2027.Despite security risks, some companies – especially smaller ones – continue to use Huawei technology in their networks. In such a price-competitive industry, it’s little surprise as to why. Huawei offers low price points, fuelled by access to cheaper labour and materials that domestic vendors don’t have. Plus, the company is a leader in 5G, with over 3,100 patents for related technology. 

A better way forward: network disaggregation

So, how can operators build secure networks without compromising on price? Network function disaggregation might just be the answer. Rather than proprietary hardware and software sourced from a single vendor, disaggregation is the practice of using decoupled, open components which are combined to form a complete switching and routing device.

This means telecommunications companies can purchase “white-box” hardware from suppliers in places such as Taiwan and use these to run independent software from a vendor from a trusted country that doesn’t pose a security risk. Later, even if a security concern emerges with the software, it can be replaced relatively simply. On a network which isn’t disaggregated, making such a change would require the costly ripping out of hardware – something which the UK is about to embark on with its existing Huawei telecoms infrastructure.

Additional benefits of disaggregation include improved scaling – it’s relatively easy to add more white boxes to networks when they need to grow, enabling operators to achieve new levels of efficiency and agility. Plus, by giving operators choice, disaggregation undermines the power held by supplier monoliths, meaning lower prices in the long-term.

It’s worth noting that telecoms hardware itself isn’t typically a security risk – espionage and sabotage threats usually come from the corresponding software. In the future, this might enable Huawei to take a limited position in Western telecommunications networks, whereby the company remains an accepted hardware provider. Unfortunately, for networks which have already installed proprietary Huawei hardware to date, there is little option other than to remove it completely, since it’s not disaggregated.

Going forward, telecommunications companies and governments should remember that Huawei is just one example of a possible security threat. No-one has the gift of perfect foresight, which is why network function disaggregation is a no-brainer. Disaggregation makes it easier to protect against all manner of potential future threats and should simply be regarded as best practice in building networks.