How Service Providers are Using Radware Kubernetes Web and API Protection (KWAAP) Validated on Red Hat OpenShift to Elevate Microservices Security

It would be difficult to find a technology sector that has gone through as many transformations as the service provider industry. It’s even more amazing considering the industry is just over 30 years old. Even though 1G was launched in the early 1980s, it wasn’t until 10 years later that mobile phones dominated the communications landscape.

As soon as their usage became predominant, a new threat landscape was born. Users shared personal information and made purchases on their mobile phones. Credit card information and social security numbers were wirelessly transported around the globe. It forced mobile service providers to rethink their security posture and scramble to stay several steps ahead of threats that could quickly shut down networks and download sensitive data. Also, they needed to deliver the safest and most secure digital experience to users as possible. Reputation, customer churn and revenue were at stake. Like other industries, service providers needed to do a better job modernizing their software architectures and products. Monolithic proprietary appliances are unwieldy, inflexible and hampered innovation.

Breaking Down the Monolith with Microservices

While cumbersome is often used to describe proprietary appliances, agile is the perfect one to describe microservices and containers. They have become an integral part of service providers’ network architectures. Autonomous and small, microservices are small units of software, each handling a function of a larger application. They use APIs extensively and rely on lightweight and lean protocols. Red Hat OpenShift, the industry’s leading enterprise Kubernetes platform, automates the management, deployment and orchestration of containers, which package microservices software. With this evolution to Red Hat OpenShift, service providers can equip themselves with a more consistent platform for building, deploying and running modernized applications. The move to microservices has brought an array of benefits to all industries, not only for service providers. But benefits are only as helpful as the security protecting them.

Building up Microservices Security

Using the layered security capabilities of Red Hat OpenShift, Radware Kubernetes Web and API Protection (KWAAP) brings Radware’s carrier-grade security to the era of microservices and Kubernetes-orchestrated frameworks. With this solution, all components are installed at the protected premise. So, no information needs to be maintained or stored outside of it.

Radware KWAAP delivers security for web applications and APIs, protecting against an array of application attack types, including those in The OWASP Top 10 (Web and APIs). Radware KWAAP offers negative and positive security model protection and behavioral ones. It operates as a native Kubernetes solution and offers simple and easy integration with DevOps and DevSecOps processes, SIEM solutions and monitoring tools.

In short, Radware KWAAP is designed to deliver industry-leading core and edge application protection.

Core and Edge Application Protection for 5G Networks

To facilitate new and emerging real-time services, the 5G network architecture shifts network-critical elements from the core and closer to the edge. But ultra-low latency requirements opened the door for new local breakpoints or attack surfaces by connecting 5G UPFs (user plane functions) to external data networks. This created exposed open borders that became immediate security threats. And, of course, service providers must protect their network infrastructure and edge services from ingress attacks coming from the internet. They need core and edge protection. They need Radware KWAAP. It delivers elevated security for both 5G core cloud-native network functions (CNFs) and 3rd party applications hosted at the network’s edge.

5G Core Application Protection

5G transformation is a complicated process. While a service-based interface (SBI) mesh architecture is the goal, it isn’t the starting point for many service providers. It’s why Radware KWAAP CNF solution validated on Red Hat OpenShift is flexible enough to deliver application and API protection at any step in a service provider’s transformation journey.

Radware KWAAP helps secure 5G service elements against web and API injections, lateral movements, exfiltrations and zero-day usage and application attacks. It is an air-gapped, container-based solution that seamlessly works with Kubernetes orchestration and is deployed as a native citizen within user clusters.

5G Edge Application Protection

While service providers’ core network holds critical CNF, edge enterprise applications are becoming an ever-growing threat to 5G networks. Each day, more services are being pushed closer to the edge due to ultra-low latency, high bandwidth availability and how it elevates the user experience. As a result, it seems that edge computing’s threat landscape will only grow. As an example, enterprise applications add several vulnerabilities, including east-west attacks, lateral movement, exfiltration, zero-day attacks, and more.

Radware KWAAP protection reduces the mobile edge threat landscape by providing comprehensive application and API protection to distributed applications running at the network edge.

Monetizing Service Providers’ Security Efforts

While reducing exposures and minimizing edge computing vulnerabilities are the primary goals, Radware KWAAP offers service providers another enticing benefit — the creation of a new revenue stream. We designed our KWAAP solution to work as a multi-tenant offering so service providers deploying SaaS multi-tenant models can monetize their security resources. Revenue generation and higher ROI — two great ancillary benefits.

Need More Information?

Radware KWAAP is a game-changer for service providers who need to elevate their network core and edge security. We know that ensuring your organization and customers are protected takes precedence over all else. Without that laser focus on security, customer churn, reputation, market share, innovation and revenue will soon follow. That’s why your first step should be reaching out to the cybersecurity experts at Radware. They have years of expertise and empirical experience securing service providers’ networks. They would love to hear from you.

Samuel Bercovici

Samuel Bercovici is Director of Product Management at Radware in charge of integrating Radware’s load balancer services with cloud systems. With more than fifteen years of experience in SW development to accompany his business and product management expertise, Samuel possesses extensive knowledge of virtualization and cloud. He is a frequent presenter at industry events, such as the OpenStack Summit.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center