Securing the 5G Edge: Why Telcos Need Kubernetes-Native Protection

Service providers are actively transforming their networks and computing infrastructure to dramatically change the user experience and support new services in an app-driven world. The vision for the next generation of telecom infrastructure is that 5G and Edge computing will enable a new class of novel applications and use cases. Edge computing, in particular, is vital for service providers, distributing data processing and services closer to end users to reduce latency and bandwidth usage, enabling ultra-low latency use cases and supporting decentralized 5G architectures.

Deploying and managing cloud-native infrastructure and applications at the edge presents unique challenges for service providers. Edge sites often have resource constraints and limited technical staff. Furthermore, the highly distributed nature of edge infrastructure significantly increases the risk of cyberattacks, and managing thousands of dispersed environments adds considerable complexity. As Kubernetes adoption expands, particularly at the edge, the security surface area grows. Traditional security tools often struggle to keep up with the dynamic, containerized environments required for 5G and edge applications, leading to security gaps. App-layer threats, API abuse, and compliance risks are increasing, and legacy tools are insufficient to address the full stack.

To address these demands, service providers need a scalable, secure platform purpose-built for the edge one that integrates Kubernetes-native security throughout the stack.

This blog explores how the SUSE Telco Cloud and Radware KWAAP integration enables service providers to securely scale 5G and edge-native applications, delivering full-stack protection from ingress to runtime to API in highly distributed environments. Radware KWAAP is officially SUSE-certified for integration with SUSE Rancher Prime ensuring trusted, production-grade security for Kubernetes-native edge deployments.

Overview of SUSE Telco Cloud and Radware KWAAP

SUSE Telco Cloud is a telco-optimized, edge computing platform built from the ground up to support the performance, scalability, and reliability demands of modern telecommunications. It delivers a modular, cloud-native infrastructure combining SUSE Linux, K3s (lightweight Kubernetes), SUSE Rancher Prime, storage, and security into a flexible, customizable stack. Designed for deployment across bare metal and cloud edge environments, SUSE Telco Cloud supports resource-constrained nodes with K3s, and simplifies orchestration and governance at scale with SUSE Rancher Prime. It ensures consistent management, deployment, and policy enforcement across highly distributed edge locations enabling operators to manage hybrid and multi-cloud environments efficiently. 

While SUSE provides the essential foundation for managing scalable edge infrastructure, securing applications in this dynamic environment requires Kubernetes-native protection—this is where Radware excels. A global leader in application and network security, Radware delivers agentless DDoS protection, advanced WAF, bot management, and low-latency load balancing embedded directly into Kubernetes clusters. Radware KWAAP (Kubernetes Web Application and API Protection) ensures autonomous, zero-touch security with ingress control, API-level protection, bot defense, and intelligent DDoS mitigation—delivering high-performance, edge-optimized security for modern cloud-native workloads.

Joint Solution for Secure, Scalable 5G and Edge Deployments

SUSE Telco Cloud and Radware KWAAP form a joint, Kubernetes-native solution purpose-built to protect applications, APIs, and workloads from within the cluster across any environment. This makes it ideal for telcos and CSPs deploying 5G and edge-native services. The solution delivers a production-grade, secure, and resilient platform for running modern service provider applications at scale. It supports the deployment and centralized management of secure Kubernetes clusters across thousands of edge locations, providing full-stack security and operational consistency across edge, cloud, and on-premises infrastructures.

Deployment Scenario

A large telecom provider is deploying a 5G-powered smart city platform to enable connected traffic systems, surveillance, public Wi-Fi, and IoT-based utilities. These latency-sensitive workloads must run at thousands of distributed edge sites near users and devices to ensure ultra-low latency and high availability. The deployment faces key challenges including infrastructure complexity in managing Kubernetes clusters at scale, significant security risks such as DDoS attacks, bots, and zero-day exploits targeting containerized workloads and APIs, and high operational overhead due to limited or no IT presence at remote edge locations.

SUSE Telco Cloud provides the lightweight, scalable Kubernetes platform and centralized management needed to run edge-native applications efficiently. Radware KWAAP adds zero-touch, embedded security with WAF, API protection, bot mitigation, and adaptive DDoS defense—ensuring secure, resilient services across the edge, cloud, and data center.

Integration Benefits:

• Efficient Edge Cluster Deployment
  Deploy Kubernetes clusters at scale with a minimal resource footprint, ideal for constrained edge environments.
• Workload-Level Security Without Complexity
  Radware KWAAP deploys as a Kubernetes-native sidecar or inline, enabling seamless  protection at the workload level without requiring complex configurations.
• Application Resilience Under Adversity
  Maintain performance and availability even during network volatility or cyberattacks. Radware’s advanced DDoS mitigation intelligently identifies and neutralizes malicious traffic in real-time.
• End-to-End Kubernetes Security
  Address the full Kubernetes security spectrum—from ingress to runtime to API—with a layered security model. Radware KWAAP secures ingress and API traffic, while SUSE Rancher Prime provides embedded runtime container security and compliance enforcement.
• Streamlined Operations with Certified Integration
  Accelerate secure production deployments using pre-integrated, SUSE-certified components that reduce operational overhead and risk.
• DevSecOps-Ready Automation
  Empower platform teams with policy automation via Rancher Fleet, and integrate seamlessly into existing CI/CD pipelines for secure, scalable edge deployments.

The solution is modular, open, and DevSecOps-aligned, supporting flexible customer architectures and avoiding vendor lock-in. By combining SUSE’s robust Kubernetes management and edge platform capabilities with Radware’s advanced, Kubernetes-native application and API security, service providers can confidently deploy and operate secure, scalable, and performant edge computing environments essential for realizing the full potential of 5G and enabling a new class of innovative digital services.

To learn more, read our white paper, “Top 5 Considerations for Deploying a Telco Cloud-Native Data Center Optimized for Performance and Security,” or email us at isv-cosell@suse.com.