Digital Transformation
Metaverse Broadband Infrastructure Security
The metaverse is coming—but what does that mean for network infrastructure? We explore expected changes, network challenges, and tips for enhancing network security to minimize cyber risk across the attack surface.
The term “metaverse” was originally coined by author Neal Stephenson for his 1992 cyberpunk novel Snow Crash to describe a virtual reality (VR) world. Nearly 30 years later, Facebook revitalized the term after rebranding themselves as Meta with the intent to focus research and development efforts on building the metaverse.
Since the announcement, Meta has introduced Horizon Worlds; other big-name companies are working on new metaverse-friendly apps. While Gartner predicts that by 2026, people will spend at least one hour every day in the metaverse, it is hard to say when it will truly become a part of society’s main fabric.
However, whether this happens in five or 10 years, businesses still need to prepare for the next-level connectivity and new infrastructure requirements this digital world needs. And they need to figure out how to secure it as well.
This article provides as overview on the metaverse, its data challenges, and tips for securing potential metaverse broadband infrastructure.
What is the Metaverse?
So, what exactly is it? There seems to be no single answer. According to Facebook, “the metaverse will feel like a hybrid of today’s online social experience, sometimes expanded into three dimensions, or projected into the physical world. It will let you share immersive experiences with other people even when you can’t be together – and do things together you couldn’t do in the physical world.”
In Trend Micro Research’s Metaverse or Metaworse report, it is defined as: “The metaverse is a cloud-distributed, multi-vendor, immersive-interactive operating environment that users can access through different categorizes of connected devices (both static and mobile). It uses Web 2.0 and Web 3.0 technologies to provide an interactive layer on top of the existing internet. As proposed, it is an open platform for working and playing inside a VR/AR/MR/XR environment… The metaverse will allow players to seamlessly move between virtual spaces together with their virtual assets. The metaverse is not merely a platform for human users; it will also be a communications layer for smart city devices through which humans and AI can share information.”
Metaverse: new tech, old issues
Yes, metaverse tech is new, but expanding networking infrastructure is a not. As connectivity increases and more data is fired through space and time, the network will evolve in-line.
Take the UK Land Registry for example. Its commitment to making the registry “the world’s leading land registry for speed, simplicity, and open approach to data” has led to several network infrastructural changes.
In the spring of 2021, Her Majesty’s Land Registry announced plans to launch a live test of Digital Street, which is purpose-built to allow property ownership changes to close instantaneously. It will also allow the registry to hold more granular data than is presently possible. As a result, the registry plans to use blockchain technology to support its goals.
The metaverse is similar. Instead of needing enough bandwidth to send low-impact SMS messages, metaverse broadband infrastructure will need to support hybrid local and remote real-time rendering, video compression, edge computing, cross-layer visibility, etc. An outstanding amount of network data will need be managed all with imperceptible delays.
Metaverse network challenges
The “Metadata Catastrophe” will become vastly more prevalent as the number of packets and the frequency of service invocation spikes with metaverse use. Existing infrastructure assumes a certain lifespan, and architects' assumptions about use counts and index ranges during that lifespan. The accelerated pace of service invocation generated by 5G will further drive workloads past these architectural limits. Other key challenges include:
- Scalability and capacity: One of the most important requirements of the metaverse is you need to be able to scale up technology quickly without interruption to provide a seamless user experience.
- Minimizing latency: In VR the “jitter” needs to be imperceptible, meaning as close to the speed of light in a vacuum as possible. The rollout of 5G promises low latency with a goal of 0.2 milliseconds according to the 3rd Generation Partnership Project.
- Proximity to users: To increase response times and transfer rates, the client data needs to be processed at the periphery of the network, as close to the user as possible. Many experts predict that edge computing will address this issue, however, it requires higher levels of both processing power and storage.
- Storage capabilities: There’s three areas for storage requirements that need to be considered: the actual virtual world, the object rendered in the metaverse, and the data generated within the metaverse. All of which will need to be stored separately and privately.
- Security: More users and endpoints mean the attack surface will continue to rapidly expand, increasing the points of entry for cybercriminals to gain access and exfiltrate or corrupt data. Plus, with a significant amount of data being transferred at (almost) the speed of light, traditional security methods like point products and reactive processes can’t keep up in the metaverse.
- Exceeding Limits: All programs have limits. Every variable the program uses resides in memory and has a fixed size. That size represents the largest value the variable can take. Usually, these limits are far beyond what normal use cases would ever reach. But occasionally programs run into those limits and the program stops working. The most familiar limit was the Y2K bug, which we caused by encoding years as two digits. When those programs were written in the 1970s and 1980s, no programmer thought they would ever run for twenty or thirty years. But they did, and when the year approached 2000 the programs had to change, or they would stop working. Since then, we’ve run into more limits like the ten-digit counters in older GPS satellites rolled over causing disruptions to some air travel and knocking the New York City free WiFi offline for a week.
Improving network infrastructure security
While there is plenty debate around whether edge computing and/or 5G will be enough to support metaverse network demands, there will still be some type of network infrastructure that needs to be secured – just like today. Consider these best practices from CISA for improving network infrastructure security:
- Segment and segregate networks and functions
- Limit unnecessary lateral communications
- Harden network devices
- Secure access to infrastructure devices
- Perform out-of-band (OoB) network management
- Validate integrity of hardware and software
A secure access service edge (SASE) architecture can help address some of the above. SASE includes capabilities from two discrete areas – network and security – covering the underlying network infrastructure and the application of network security as a layer across this infrastructure.
SASE core elements include zero trust network access (ZTNA), secure web gateway (SWG), and cloud access security broker (CASB) capabilities that work in tandem to produce more granular, streamlined protection. Keep in mind, convergence is key when it comes to implementing SASE. While you may want to diversify your security stack and avoid vendor lock-in, look for security offerings that are not only internally integrated but also play nice with third-party solutions, ensuring you’ll have the most comprehensive visibility across network.
Lastly, with any big digital transformation comes internal hesitation. It can be challenging to let go of old methods and learn new tricks. Establishing a security-minded culture from the top-down is prudent. Furthermore, break down barriers between teams and encourage collaboration. Developers need to be heavily involved as they have more influence to segmenting the network infrastructure. Ultimately, the security tools are important, but keeping staff trained and morale up is vital to success when adopting new technology.
Next steps
For more information on the metaverse and SASE, check out the following resources: