July 26, 2022 by Andre Viera

Are You Doing Enough To Keep Your Broadband Network Protected?


Andre Viera

Director, Access Network Product Marketing, Calix


In this new era of connectivity, it is often hard to gauge the size or number of cybersecurity threats your network faces and it’s a central challenge for all broadband service providers (BSPs). The National Institute of Standards and Technology (NIST) is taking a lead in this area, with their National Vulnerability Database (NVD). This database is continually updated with the latest threats identified by vendors, researchers, and cybersecurity professionals—generating an ever-expanding list of what the industry calls common vulnerabilities and exposures (CVEs).

NIST identified a record number of new CVEs last year, surpassing 20,000 for the first time and with more than 50 new vulnerabilities emerging every day (see chart below). It is not a coincidence that this increase occurred when many companies were transforming their IT capabilities to support remote working and service delivery during the COVID-19 pandemic.

Growth in the Cybersecurity Threat, 2001 to 2021

Source: NIST, US Department of Commerce

How To Keep Your Broadband Network Security One Step Ahead of Cybercriminals

Your network counts as critical infrastructure. You have a responsibility to keep your network operating securely, and your subscribers—and their confidential data—safe from cybercriminals.

So how do you maintain effective security defenses when new threats emerge every day? It starts with building an assessment of where your network is today and, crucially, running these vulnerability checks as frequently as possible to defend against new threats.

Here are the seven key steps you should take to conduct your network security audit:

  1. Test where the network is complying with internal or external criteria and standards
  2. Use data analytics and machine learning to identify security vulnerabilities
  3. Check private and public network authorizations
  4. Ensure best practice policies are being followed
  5. Confirm software releases are up to date
  6. Conduct regular staff security training
  7. Keep subscribers informed of the latest threats

Implementing an End-to-End Broadband Network Security Framework

You need to implement security features end to end—from the central office to the subscriber facing network and all the way into your subscribers’ homes. This may sound daunting, but, thankfully, help is available.

By providing a simplified network architecture, the Calix end-to-end solution reduces the number of systems you need to manage and secure. It also provides you with a range of robust security features and tools.

In the Calix Intelligent Access EDGE solution, for example, we recently introduced an advanced routing module (ARm) enhancement, which guards against unauthorized network traffic flowing between interfaces in the subscriber-facing network. This prevents bad actors from introducing traffic that could overwhelm the network—ensuring more bandwidth for subscribers. Meanwhile, inside the home, Calix offers managed security services via Revenue EDGE which keep subscribers safe from thousands of attack types and breaches of privacy. These services include home network protection (via ProtectIQ®), parental controls (ExperienceIQ®), connected security cameras (Arlo Secure), and online safety (Bark).

Staying one step ahead of cybercriminals doesn’t need to keep you awake at night. Calix can provide you with the tools and the end-to-end network security to run comprehensive vulnerability assessments as often as you need. This will enable you to build an effective security framework that will drive customer loyalty and satisfaction—and even unlock new revenue opportunities.

Download the eBook, “Is Network Security Keeping You Awake at Night?” to learn more about how you can deploy broadband network security best practices.