Security for Small Cell & Wifi Offload


Published on

Radisys’ Jeff Sharpe partners with Heavy Reading’s Patrick Donegan to discuss both the opportunities and security risks associated with small cells in this Light Reading webinar.

Published in: Technology, Health & Medicine
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Security for Small Cell & Wifi Offload

  1. 1. Security for Small Cell & Wifi Offload Jeff Sharpe, Sr. PLM, Radisys Patrick Donegan, Sr. Analyst, Heavy Reading February 15, 2012
  2. 2. Webinar Logistics Participate in the webinar: Ask questions, share feedback via the survey, and access the Information panel. Personalize your experience: Click the buttons at the bottom of your screen to open supporting content and user tools at your own convenience. Technical Issues: Ask the support team for live assistance in the ask-a-question window. Enjoy the webinar and thank you for viewing!
  3. 3. Agenda The Small Cell Era: how & why we’ve come here The Small Cell Market drivers and growth Macro Cell vs. Small Cell technology Security challenges in Small Cell Technology Security for Carrier Deployed Wi-Fi & I-WLAN Key Security requirements Conclusions and Solutions Q&A 3 Small Cell Security Webinar
  4. 4. Small Cell Sizing New Focus: Small Cells Femto Cell PublicCapacity access small Cell Micro Cell According to the Femto Forum - 2 million femtocells were in service as of June 2011 Macrocell Coverage 4 Small Cell Security Webinar
  5. 5. Today’s Market Needs Increased Diversity of Supply Applications Enhanced competition Value proposition beyond coverage Converged Devices Beyond 3G Residential The “Small Cell Option” 3G, LTE - Enterprise, Small Cells 5 Small Cell Security Webinar
  6. 6. Small Cell Era Residential Small Cell ( 2006+ ) Adaptive to Customizations; Point Solutions Not Enough Age of Small Cells ( 2010+ ) Extension of Small Cell • Enterprise • Public Access Radio Interface Progress • 2G / 2.G, 3G HSPA+, LTE • Multi-Mode 6 Small Cell Security Webinar
  7. 7. Fragmented SpectrumChallenge & Opportunity  The Spectrum Challenge 2.6 GHz • 700MHz • 2.6GHz 2.6 GHz • Digital Dividend • 900 / 1800MHz re-farming 2.6 GHz  Frequency Impacts Network Costs • Increases with frequency Cell radius ~30 – 300m  TD-LTE = Opportunity 700 MHz • FDD for Macro • TDD for Small Cell  Multi-Band Deployment • 700MHz for Macro • 2.6GHz for Small Cell Cell radius ~1 – 3km 7 Small Cell Security Webinar
  8. 8. Beachhead Opportunity for LTE SmallCells LTE Act Now! 3G Wait… Long Term LTE = Small Cell’s Biggest Opportunity 8 Small Cell Security Webinar
  9. 9. Mobile Network Evolution createsSecurity Risks 1990’s – 2000’s • TRUSTED 2G / 3G • CS and PS networks are owned / operated by provider – no security concerns Mobile Operators own the Infrastructure • Key operators do not share RAN or Backhaul • INCREASING RISK Current • Wi-Fi Offload to reduce RAN build out 4G Evolution • Replacement of TDM and ATM with IP / Moving toward an all-IP Ethernet throughout the network Network • Heightened risk of flatter LTE and EPC architecture 2012 - Onward • UNTRUSTED • Capital spending in rural areas (secure risk) Capacity Build • Increased sharing of eNodeB facilities Increased Network • Increased usage of Small Cell sites Sharing • Increased usage of X2-u communications 9 Small Cell Security Webinar
  10. 10. 3GPP Interfaces for Small Cell Small Cell 3G Small Cell AAA SGSN Femto Gateway Iu-PS MSC Untrusted IP Iu-CS Iuh Network S1c S1u MME RNC 4G S-GWY (e)NB 4G Macro Cell 10 Small Cell Security Webinar
  11. 11. Security Concerns in Small Cell Market Repudiation / Revenue / Regulatory • Incorrect Billing & Lawful Intercept information Further Attacks to the Network • More attacks against operator infrastructure & subscribers Further Breaches • Packet services prone to attacks and fraud Reputation • Successful attacks impact operators’ & users’ reputations Privacy • Subscriber communications exposed 11 Small Cell Security Webinar
  12. 12. Security Challenges with Small Cells  Small Cell volume will increase due to IP connectivity needs  Macro Cells have very strong physical security, Small Cells can be easily compromised  Small Cells in many instances will utilize existing Broadband networks for Core access (Untrusted).  No native or embedded encryption in LTE between eNB and Core  3G Public Access Small Cells can bypass the RNC which the operator will need to encrypt Security group claims Vodafone Small Cell hack enables call interception ZDNet July 14, 2011 12 Small Cell Security Webinar
  13. 13. Small Cell Security for Small Cells3GPP 33.320 B Small Cell AAA SGSN 3G Small Cell GatewayA Secure with IPSec Tunnel MSC C Untrusted IP Network E D MME AAA 4G F 4G S-GWYVarious threats occur at various points on the Small Cell interconnect:A: Mobile Device Compromise of Small Cell credentials from the UEB: Physical attacks on the Small Cell for data access, cloning and false configurationsC: Configuration attacks on a Small Cell (outdated SW versions loaded, Access control alterations)D: Protocol Attacks on a Small Cell (Man-in-the-middle, DOS)E: Attacks on the Core network via faked Small CellF User data and identity privacy attacks 13 Small Cell Security Webinar
  14. 14. IWLAN 3GPP 33.234Mobile Offload Tunnel Terminating Gateway (TTG) SGSN GGSN 3G Iu-PS Gn (Trusted) HSS/ Wifi HLR Data Offload AAA Gn’A AAA Password Login Wm Internet Air Interface • None UE • WEP B D • WPA • WPA2 WiFi Internet AP (Untrusted) Wu C PDG/TTG Secure with IKE/IPSec (Wu)Various threats occur at various points in the Hotspot (WLAN) Provider or Partition:A: Mobile Device:, e.g., spoof IP addresses of other devices, DoS, floods, …B: Air Interface: WEP cracking, TKIP hijacks/cracks, session hijacksC: AP: Physical & Logical Threats: Physically replace APs, replace AP s/w with rouge s/wD: Transport: Impersonate Ap’s, snoop subscriber packets & network control packets, alter control & subscriber communications 14 Small Cell Security Webinar
  15. 15. Radisys Security Macro Backhaul Security Small Cells Backhaul Security 3GPP 33.210/310 3GPP 33.320 MME Small Cell MME Security Security S11 Untrusted IP Network S-GWY X2 S1u S-GWY Metro eNodeB Complete Mobile Network Security Secure WiFi Offloading SEG + TTG/ePDG + Small 3GPP 33.234 Cell I-WLAN TTG AAA Wm LTE NDS PGW Security Small Cell Security Untrusted IP Gn’ Integrated Firewall Network Wu ePDGWiFiAP ePDG 3G Security 15 Small Cell Security Webinar
  16. 16. Summary Next Generation RAN = HetNet • Multi-mode providing flexibility • Small Cells for capacity & coverage Challenges & Opportunities Embedded • HetNets beget complexity Wireless • Delivering value beyond the 3Cs Infrastructure Solutions Up Next: LTE-Advanced • CA & Relay leveraging Small Cells Continued • Standards delivering needed features Momentum 16 Small Cell Security Webinar
  17. 17. Radisys at a glanceEmbedded, Wireless, Infrastructure, Solutions Platforms Servers & Modules Systems Software & Services Security Gateway Media Server Load Balancer 17 Small Cell Security Webinar
  18. 18. Summary  Mobile networks can be more susceptible to intruders & attacks – Especially in the Small Cell market  Carriers are increasing their usage of Small Cell and Wifi Offload for consumer data services  Small Cells have unique security requirements addressed by 3GPP via the Security Gateway  Applications such as LTE-A, LTE-VoIP will require more access to carrier’s network via Small Cell and Wifi offload  SEG can serve as a common platform for 3G and LTE femto, WiFi, 3G small cells; LTE macro, micro and small cells  More carrier-grade security products will be required with the highest performance available 18 Small Cell Security Webinar
  19. 19. Question and Answers 19 Small Cell Security Webinar
  20. 20. Thank you for attending! Upcoming Light Reading Webinars 20 Small Cell Security Webinar
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.