The Mobile Network is under attack from multiple directions
Mobile carriers are witnessing attacks not only from the internet targeting their Gi-LAN but also from the RAN and the roaming networks targeting the packet core. The mobile carriers have the challenge of defending against these attacks while maintaining an always-on network and the best possible subscriber experience.
With the mobile infrastructure moving to full IP-based technologies it is more vulnerable to attacks and intrusions coming in from the internet. The rapid increase in mobile traffic has compounded this challenge where these attacks have to be defended against in hyperscale in terms of both throughput and concurrent sessions. Additionally, the increasing use of mobile network for mission-critical applications makes it imperative to ensure high availability and high performance.
Mobile Signaling Threats
With growth in roaming traffic as well as increase in number of roaming partners the risk and business impact from mobile signaling attacks is more pronounced than ever before. Moreover, the signaling protocols such as GTP and SCTP are inherently insecure as they were not designed with security in mind.
Targeted Infrastructure Attacks
Multi-vector DDoS attacks against resources, such as NAT IP pools, can negatively impact service availability and customer experience. The massive adoption of IoT device with little to no security makes them vulnerable for use in large-scale botnet attacks.
Evolution of Security in 5G Networks
As communications service providers (CSPs) upgrade their networks to support 5G and IoT applications, new security considerations will come into play. Beyond just scaling up traditional protection against DDoS and improving SGi/GiLAN firewalls, CSPs need to take a more comprehensive view of mobile security.
This joint analyst webinar between SDxCentral and A10 Networks highlights new security and architectural considerations that CSPs must understand to protect their 5G networks.Register Now
How We Can Help
Our comprehensive security solution for the mobile carrier networks ensures protection of your mobile core and Gi-LAN infrastructure from attacks coming in from RAN, roaming networks and internet.
- Deploy a carrier-class Gi/SGi firewall that protects the Gi-LAN
- Reduce network functions sprawl through consolidation of Gi/SGi firewall, CGNAT and application visibility and control
- Advanced logging features to help meet stringent compliance requirements
Mobile Signaling Protection
- Deploy GTP firewall with granular SCTP filtering to protect the packet core from attacks coming in on roaming interfaces
- Securely connect eNodeB/gNodeB and MME through IPsec VPN tunnels
Integrated DDoS Protection
- Defend NAT IP address pools from targeted DDoS attacks for maximum service uptime
- Defend critical mobile infrastructure such as MME against DDoS attacks coming in on GTP protocol
Flexible Deployment Options
- Comprehensive deployment options including physical, bare-metal, as well as virtual form factors
- Interoperability with leading NFV MANO platforms and NFVI solutions such as OpenStack
Mobile network infrastructures are moving physical machines to virtualization platforms, vastly increasing operational agility and flexibility. 5G has requirements in performance and carrier grade reliabilities. This document has two goals. The first sections provide a conceptual overview of network function virtualization. The remaining sections provide a high-level view of the technology components of a server platform, focusing on performance acceleration and optimization technologies.Download White Paper