SecureRAN
B2B Network Protection Suite
Enabling telecom operators to detect, analyze, and respond to threats within O-RAN environments.
OVERVIEW
An Opportunity to Help
SecureRAN was developed as a unified solution for real-time threat detection - and my focus is simplifying the interface to present complex network data with clarity, streamline investigative workflows, and give operators precise control.
TEAM
2 Product managers
8 Engineers
PROBLEM
New Technologies = New Challenges
The evolving nature of complex modern O-RAN environments presented a unique set of security hurdles:
Overwhelming Choice - As security features expand, the market offers more detection possibilities. Users might struggle to navigate and choose which priority vulnerabilities to act upon. A clear information architecture and intuitive categorization are crucial.
Unclear Value Proposition - Security teams face significant challenges in monitoring network traffic, detecting threats, and responding to incidents due to fragmented tools, limited visibility, and a lack of unified management.
Balancing Innovation with Familiarity - SecureRAN needs to push the boundaries of security while maintaining a sense of familiarity for users. The interface should be innovative but not jarring, ensuring a smooth transition between traditional security management and constant-updating features.
USER-CENTRIC OBJECTIVES
Speaking Security and Encouraging Trust
Granular Insights: Users can receive clear real-time visibility and drill down into specific vulnerabilities, gaining insights into their origins and implications.
Proactive Security Posture: By correlating data, users can anticipate potential threats and take preventive measures.
Time Efficiency: A unified interface reduces the time spent switching between different functions, enabling users to respond more quickly to threats.
GOAL
Transforming complex security data into user-centric platform with actionable insights & simplified workflows that allows operators to secure breaches effectively.
Design Process & Approach
01
Discovery
Interviewed telecom NOC teams and security experts to map O-RAN-specific workflows and pain points - such as difficulty correlating traffic anomalies with physical or virtual network elements.
02
Information Architecture
Designed a modular IA, positioning SecureRAN as a distinct, accessible module within the console, while ensuring smooth transitions between O-RAN, core network, and application security views.
03
Wireframing & Prototyping
Created workflows for traffic monitoring, anomaly detection, and incident response tailored to O-RAN environments. Prototypes were validated in usability sessions with both security and network operations users.
04
Design System
Built a component library optimized for large data set network visualizations (topologies, traffic flows) and real-time alerting. Which is also reusable for the entire management console.
05
Collaboration
Worked closely with full stack engineers and product managers to align on technical data sources, visualization needs, and integration points with other console modules.
SOLUTION OVERVIEW
Key Features & Highlights
Threat Detection Dashboard
Provides real-time network traffic data graphs and anomaly alerts.
Displays prioritized events with contextual
drill-downs - enabling rapid investigation from alert to raw packet trace.
❇️ Result: Operators are able to pinpoint granulated suspicious activity at first glance. Guiding them to act quickly towards targeted vulnerabilities.
Remote Deployment & Removal of Controlled Clusters
Enables Secure deployment/removal of clusters remotely, streamlining complex onboarding & decommissioning processes.
The UI guides users through each step, abstracting technical details & reducing manual effort.
❇️ Result: Operators reduced onboarding time by 60% & eliminated most manual errors. Operational efficiency was also improved & allowed telecom teams to scale & adapt their O-RAN networks with greater agility.
Pattern Database Updates
Allows operators to keep threat detection patterns up to date through flexible update options.
❇️ Result: Ensures continuous protection against emerging threats while giving operators full control and transparency over the update process.
Role-Based Access Controls
Admin, Operator, and Auditor roles with clear, granular permissions. Intuitive interface streamlines user and role management.
❇️ Result: Improves security by ensuring only authorized personnel could access sensitive functions, reduces the risk of misconfiguration and data breaches, & helped operators meet regulatory requirements with simplified permission management.
Actionable notifications
Users receive real-time alerts about critical security events & system anomalies, with clear calls to action to take immediate measures.
❇️ Result: Actionable alerts, not noise. Operators experienced reduced alert fatigue and can prioritize where their attention is most needed.
*Concept prototype - not final design
RESULTS & IMPACTS
Measuring Success
40% reduced time to detect & respond to O-RAN threats (QA testing feedback).
Pioneered as the reference interface for O-RAN security by four major telecom operators.
Enabled seamless workflows across SecureRAN & other security modules within the console.
LOOKING AHEAD
What's Next?
Close(r) Visions
As the product is still under development, I think that there are huge potentials in how the users can receive and interact with the detected vulnerabilities.
Transforming the console into an intelligent platform that leverages AI summarization to detect historic trends and predict future events.
IDEATING CONCEPT WIREFRAMES
Anomaly Detection
Auto detection of an anomaly indicating potential unauthorized access. It correlates this with recent integrity issues in specific nodes, alerting the user to a possible security breach.
Predictive Analytics
Auto-prediction of an increased risk of vulnerabilities in specific software components due to recent updates, advising users to prioritize security patches.
Natural Language Processing (NLP)
Auto-extraction of critical information about recent vulnerabilities and behavioral anomalies, presenting a summary that highlights key threats and recommended actions.
Adaptive Learning
Learn historic pattern and trends of vulnerabilities. Providing increasingly accurate and relevant insights, and enhancing user satisfaction and security effectiveness.
Project Takeaways
(SO FAR)
Talking to People - My ideas for constructing SecureRAN's IA came from my own experiences and chats with PM and stakeholders. But to really get a good grasp of how people operate on security products, I want to do more user research and talk to actual users.
Fleshing it out - As there are no O-RAN specific security products in the market (right now), this development was like building a flying car using modern cars as reference – we had to work with some heavy research-based hypothesis and blank blueprints! More discussions between teams (R&D;PM...) on respective new findings would help us all understand the user needs better, which in turn build the product linearly in an efficient manner.
Seamless Integration - Exploring ways to weave other products along with SecureRAN directly into the unified management console, could create a more intuitive and unified user journey.
