The LTE S1 link (between the RAN and EPC) is a new domain, different to all other network interfaces where add-on security is applied. Network elements developed for the SGi (Core to Internet) or S8 (Operator-to-Operator) interfaces have unique capabilities within that environment, but do not possess the processing capacity, low latency, flexibility, and interoperability needed at the specific location of the S1 link. The S1 interface carries all data plane traffic and critical control plane traffic and the Security GW is the only network element with aggregate visibility into both. Control of this interface can protect EPC elements from signaling overload resulting from extraordinary operating conditions or from malicious attack.
In this white paper, Stoke offer guidelines about the criteria for selection of an LTE security solution, and provide detailed deployment and testing criteria to help operators avoid such issues. This paper provides insight into why and how operators successfully secure their LTE networks from initial LTE launch, including best practice guidelines for designing, testing, and deploying the LTE security gateway (SEG). Part I describes LTE network vulnerabilities and threats and the rationale for securing the S1 interface from launch. Part II provides design, test, and deployment recommendations, based upon Stoke’s combined experience with multiple security gateway deployments.