Upload File

securing the shared network

6
© 2014 Stoke Securing the Shared Network | Proprietary and Confidential Stoke Inc

Upload: mary-mcevoy-carroll

Post on 28-Nov-2014

141 views

Category:

Technology


0 download

Report

DESCRIPTION

As LTE adoption grows, network sharing strategies enable faster, broader and more effective participation by mobile broadband operators in new and existing markets. Shared networks, however, are at greater risk of breach or service disruption and must be protected at all points of vulnerability.

TRANSCRIPT

Page 1: Securing the shared network

© 2014 Stoke

Securing the Shared Network

| Proprietary and Confidential

Stoke Inc

Page 2: Securing the shared network

© 2014 Stoke 2

The LTE Security Framework

S9

S1-C

Internet

S1-U S5/S8

S6A

Gx

Gz/Gy

Other LTE Network

S11

RAN-Core Border

SEG

The border between RAN and Core (S1) requires protection against specific risks to critical infrastructure at that interface

Control Plane Functions- IKE- AAA- Routing

DRA

SBCIMS Core

SGW

MME

CSCF

Internet Border

Policy / Charging Control

SGi

Data Plane Functions- Forwarding- QoS- ACL- Packet Inspection

Device and Application

Page 3: Securing the shared network

© 2014 Stoke

LTE Network Sharing Drivers

3

» Accelerates market entry, addresses growing consumer demand, stimulates competition

» Enables cost reduction and economies of scale, enabling service innovation, market price reduction, broader network coverage

| Proprietary and Confidential

Mobile operators in Australia, Sweden, Zimbabwe, Cameroon, Nigeria, Ghaa and Kenya have implemented LTE network sharing agreements

Page 4: Securing the shared network

© 2014 Stoke

Greater Need for Security Gateway

4

» Operator LTE networks are vulnerable to security breaches because of flat IP architecture.» Untrusted and shared backhaul, if unsecured, exposes the EPC to

DoS attacks, eavesdropping, and data tampering.» Without IPsec security implementation, customers are exposed to

spam and data or identity theft.» More vulnerable small cells, increase opportunity for malicious access.

» In shared networks, any breach or disruption will impact multiple service providers, therefore impact / risk is greater» Any individual MVNO has less control over the other devices, users,

backhaul that can impact overall network.» Some regulators require IPsec in shared networks» For both competitive protection and subscriber security, MVNOs will

require their network provider to encrypt.

| Proprietary and Confidential

Page 5: Securing the shared network

© 2014 Stoke 5

S9

S1-C

InternetS1-U

S5/S8

S6A

SGi

GxGz/Gy

Other LTE Network

S11

SPRAN-Core

Border

CSCF

MNOEPC

MME

SGW

MVNO 2EPC

S5/S8SGW

SGi

MVNO 1EPC

S5/S8SGW

CSCF

CSCF

SGi

S1-US1-U

MVNO 3EPC

S5/S8SGW

MBA

SGi

SGi

IPsec Gateway Secures the Shared Network

Page 6: Securing the shared network

© 2014 Stoke

www.stoke.com

6| Proprietary and Confidential


Securing Network Access with Open Source solutions

Securing Your Network with ArcOS®

SECURING NETWORK COMMUNICATION

Securing a Wireless Network

Securing the Network Infrastructure

Securing Network Automation (Troopers 2017) · Securing Network Automation Ivan Pepelnjak ([email protected]) Network Architect ipSpace.net AG

Securing Your Small Business Network

Securing Wireless Network Topology and Routing - · PDF fileSECURING WIRELESS NETWORK TOPOLOGY AND ROUTING ... SECURING WIRELESS NETWORK TOPOLOGY AND ROUTING ... 4.2.3 Underwater

Securing the Intelligent Network...WHITE PAPER Securing the Intelligent Network Securing the Intelligent Network Figure 1. Security in the network WAN Content Security WAN Optimization

SECURING THE WIRELESS NETWORK - Bitdefenderdownload.bitdefender.com/.../Main/file/Safe_Wireless_Networking.pdf · SECURING THE WIRELESS NETWORK GUIDE 2 Table of Contents Table of

Chapter 5: Securing the Network Infrastructure

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES Establish secure topologies. Secure

Fine-Grain Access Control for Securing Shared Resources …rblee/ELE572Papers/finegrainAccessGRID.pdf · Fine-Grain Access Control for Securing Shared Resources in Computational Grids*

Fine-Grain Access Control for Securing Shared Resources in

securing the expanded network

2009 SRS 03 Securing Network Devices

Chapter Secure Network 3 Architecture and Securing Network Components€¦ ·  · 2012-08-28Chapter 3 Secure Network Architecture and Securing Network Components THE CISSP EXAM TOPICS

Chapter 12 Securing A Network

Shared Car Network

Securing Your Network with pfSense

Securing Underwater Wireless Communication Network

Securing Your Network and Application Infrastructure...Securing your network and application infrastructure is a long-term process. When choosing the right network security appliances

Securing the UC Network

Securing Your Network and Application Infrastructure · Securing your network and application infrastructure is a long-term process. When choosing the right network security appliances

CSCU Module 07 Securing Network Connections.pdf

Network Security Fundamentals Chapter 6: Securing Network Transmission

Securing wireless network

1 Module 5 Securing Network Resources with Shared Folder Permissions

Securing Network Connected Applications with Proposed

Network Shared

Securing Shared Workstations with Novell SecureLogin

Securing Web Applications at the Network Layer

06- Securing the Local Area Network

Securing Your Network

Securing Optical Network Data - STAR TAP · Securing Optical Network Data IGrid 2005 Carter Bullard September 26-29, 2005