Meeting Mobile Operator Challenges with DNS

Delivering Security, Efficiency, and Visibility

Doug Miller

doug.miller@nominum.com May 24, 2012

Company Overview We are the WORLD LEADER

in DNS & DHCP solutions

• Our Chairman, Dr. Paul

Mockapetris, invented the DNS

• Team comprised of BIND 8, BIND

9 & ISC-DHCP creators

• 40 Issued and pending patents

Our solutions run the world’s

MOST DEMANDING networks

• A decade of service provider

experience

• Over 140 Fixed and Mobile service

providers

• Serving over 500 million Internet

users worldwide

The first & only DNS/DHCP

INTEGRATED ARCHITECTURE

• DNS/DHCP engines provide

efficiency, lower costs, higher QoS

• Platforms enable agility & faster

application development

• Applications create differentiation

and new revenue sources

2

Our Customer Base Includes:

Putting Mobile into Perspective

3 Source: Chetan Sharma Consulting

Challenges for Mobile Providers

4

• Mobile market growth1

– Mobile Services Revenue exceeded $1 Trillion for the first time in 2011

• Global Mobile Revenues to hit $1.5 Trillion in 2012

– Represents over 2% of Global GDP

– Global Subscriptions to exceed 7 Billion in early 2013

• Data explosion

– No end in sight as mobile devices continue to grow

• Hundreds of thousands of new devices provisioned daily

• 5-year growth CAGR in mobile data traffic of 92%2

– Growth in data far outpacing voice growth

• Mobile Data will be 95% of the global mobile traffic by 20151

• Documented declines in profitability

– Data revenue declining faster than data costs3

• Cost/GB falling by a factor of 3x

• Revenue/GB falling by a factor of 10x

– Must generate new revenue sources & control expenses

1Note: Chetan Sharma Consulting 2Note: Cisco Visual Networking Index, 2012 3Note: Strategy Analytics – Sue Rudd, 2012 Interview

Ericsson Traffic and Market Data

Report (November, 2011)

The Changing Face of Mobile

5

• Connected devices are expanding

– Not just mobile phones

• PCs, laptops, and tablets are becoming more common*

– 175M laptops on the mobile network in 2011

• 22x more traffic than more traffic than smartphones

– Tablets will exceed 10% of global mobile data traffic in 2016

– In 2016, 4G will be 6 percent of connections, but 36 percent

of total traffic

• Home broadband is being replaced with mobile contracts

– Mobile devices aren’t as protected as home networks

• Spectrum consumption is a constant battle

– “We don't have anywhere near [enough] usable spectrum left”

• CNET News – February, 2012

– “Frequency allocations alone are not the only solution. We

need to be as smart as possible in managing our capacity.”

• Philipp Humm, President and CEO of T-Mobile USA – CTIA 2012

*Note: Cisco Visual Networking Index, 2012

eCommerce on Mobile is Increasing

6

Mobile is clearly becoming a new way people shop [eBay has] nearly tripled mobile GMV (gross

merchandise value) year-over-year to nearly $2 billion, with strong holiday shopping momentum

in Q4. In 2011, we expect Mobile GMV to double to $4 billion.

- John Donahoe, President & CEO, eBay CQ4:10 Earnings Call

US Dept. of Commerce (CQ2:10), Morgan Stanley Research

The Point of the Research

7

This applies to legitimate and malicious behavior alike

Profitability of Internet Crime

8

Trend Total market share, % Amount, million USD

Online banking fraud 21.3% $490

Cashing 16.0% $367

Phishing 2.4% $55

Theft of electronic funds 1.3% $30

Total 41.0% $942

Trend Total market share, % Amount, million USD

Spam 24.0% $553

Pharma and counterfeits 6.2% $142

Fake software 5.9% $135

Total 36.1% $830

Trend Total market share, % Amount, million USD

Sale of traffic 6.6% $153

Sale of exploits 1.8% $41

Sale of loaders 1.2% $27

Anonymization 0.4% $9

Total 10.0% $230

Trend Total market share, % Amount, million USD

DDoS attacks 5.6% $130

Other 7.3% $168

Total 12.9% $298

Total 100% $2,300

Spam

Online Fraud

Internal market (C2C)

Other

Source: Group IB

Source: Group IB Source: Microsoft Security Intelligence Report – 2011

Computers Reporting Malware

Malware Distribution on Mobile

9

The Lifecycle of a Bot Network

10

3 – Bot gets

instructions from

Command and Control

(C&C) server

C&C

Botnet

Bot Master

1 – Spam (or “something”)

entices user to badsite.com

2 – User visits site and

is infected via “drive

by download” Malware

and becomes part of

Botnet

4 – Newly infected

machine (bot) joins

Botnet in DDOS attack

on a legitimate Web

site

Innocent

User

Cache Poisoning Threat – Kaminsky

11

• Attacker redirects unsuspecting customers

– Entries in cache are changed by an attacker

– Customer going to www.mybank.com is given incorrect

information

• Does not require phishing or any unsafe behavior

– Attacker directs customers to controlled sites

• Financial and identity theft, malware installation, etc.

• Statistical attack

– Send query so server listening for answer

– Send guesses while target DNS waits for real answer

– Repeat until success

Three-Tiered Integrated Architecture

Subscriber Services Analytics

Interoperability (SDK & APIs)

Network Services and

Security

Un

ifie

d U

ser

Inte

rface &

Man

ag

em

en

t Subscriber

Messaging SIEM

Configuration

Management

Custom

NOMINUM APPS 3rd PARTY CERTIFIED APPS

ISP-DEVELOPED APPS

Custom

Content

Blocking

Outbound

Anti- Spam

Subscriber

Analytics

Anti-Virus

Upsell

Parental

Control

Botnet

Control

Navigation

Assistance

Network

Monitoring

More…

More…

12

Network and User Security Solution

13

• Security is a mobile issue

– Mobile networks are the new

playground for hackers and

thieves

– End user threats are not just a

PC problem

• “Mobile threats are evolving

quickly—sophistication that took

decades to reach on the PC is

taking just a few years on

mobile”

- Lookout Mobile

– New access to content in new

ways has made users careless

• Addressing the security problem

on multiple levels

– Protect DNS network assets

• Server security ensures network

access is available

– Caching data is highly valuable

• End users must be confident

they’re going where they want to

– The network must be clean

• Think about spectrum efficiency

– End users should have options

• Network-based solutions

remove complexity and

confusion

“We believe that the observed attack traffic originating from known mobile networks is likely being

generated by infected PC-type clients connecting to wireless networks through mobile broadband

technologies, and not by infected smartphones or similar mobile connected devices.”

- Akamai - The State of the Internet (2nd Quarter, 2011 Report)

Protecting the Network

14

Service Provider Network

MDR

Vantio DNS

System

botC&C.com

NXDomain

goodsite2.com

Response

goodsite1.com

Response

Nom

inu

m B

ot

Dom

ain

Fee

d

Vis

ibility

an

d

Rep

ortin

g

Protecting the End User

15

• A brief introduction

– Opt-in service for managing mobile

data access

– Broad application categories

supporting multiple services

• Online Security

• Parental Control

• Scheduling

– Network-based DNS service

• No need to download anything to the

end-user mobile device

Nominum Mobile Suite

16

• Anywhere/Anytime information access

– Efficiency: Highest network performance at the lowest TCO

– Differentiation: Pre-built apps to provide new services/revenues

– Agility: Adapt to market changes and innovate quickly

• Real business issues are addressed by a DNS platform

– Core network functionality is only the beginning

– Enhanced applications are built right on top of this existing asset

• Consider the DNS as a critical network element

– DNS must be carrier grade more so now than ever before

– DNS is a critical network element & is more so every day

Wireless Environments Have Unique Needs

Nominum Knows Mobile

Doug Miller doug.miller@nominum.com

www.nominum.com

Twitter: @Nominum

Facebook: http://www.facebook.com/nominum

YouTube: http://www.youtube.com/nominumwebinar

LinkedIn: http://www.linkedin.com/company/nominum