SlideShare a Scribd company logo

Securing the LTE Core: the Road to NFV

Download as PPTX, PDF
Mary McEvoy Carroll
Mary McEvoy Carroll

Any LTE security framework must address five key points of vulnerability. This presentation examines the specific risks to critical EPC infrastructure at the S1 link (the border between RAN and core, reviews emerging trends and threat vectors at that interface, details some pertinent use cases, and outlines the steps to virtualization.

Technology
1 of 8
© 2014 Stoke Securing the LTE Core – the Road to NFV | Proprietary and Confidential Dilip Pillaipakam Vice President, Product Management and Marketing
© 2014 Stoke The LTE Security Framework 2 S9 S1-C Internet S1-U S5/S8 S6A Gx Gz/Gy Other LTE Network S11 RAN-Core Border SEG The border between RAN and Core (S1) requires protection against specific risks to critical infrastructure at that interface Control Plane Functions - IKE - AAA - Routing DRA SBC IMS Core SGW MME CSCF Internet Border Policy / Charging Control SGi Data Plane Functions - Forwarding - QoS - ACL - Packet Inspection Device and Application
© 2014 Stoke LTE Security at the S1 Link – Emerging Trends 3 Challenge Requirements Stronger Security • 2048 bit key length • PKI Signaling Protection - New Threat Vectors • Protect core - exponential transaction increase • S1 protocol/state validation VoLTE Rollout • Low latency transport • Sub-1 second recovery Elastic Deployment • Virtualized security gateway on COTS • SDN integration Scalable Small Cell Deployments • Dense session aggregation • Intelligent load balancing
© 2014 Stoke Use Case: Macro and Small Cell Security 4 » Unsecured backhaul » Rapidly increasing throughput » High tunnel density » Ultra-low latency » Directly impacts subscriber QoE 44 MME SGW Office Home Outdoor Metrocell Small Cells 4G LTE EPC MME SGW EPC E2E Latency Budget = 100 ms VoLTE: Low Latency Small Packets
© 2014 Stoke Office Home Outdoor Metrocell Small Cells Use Case: Signaling Overload » Signaling Overload Threats » Application initiated » Compromised eNodeBs » Natural disasters » Prioritized Traffic » Already connected subscribers » Specific eNodeBs SGW 4G LTE EPCMillions of Service Requests MME Application Update Server QoE: Prioritize 5
© 2014 Stoke The LTE Security Framework vSEG Phase 1 6 S9 Internet S5/S8 S6A Gx Gz/Gy Other LTE Network S11 RAN-Core Border Control Plane Functions - IKE - AAA - Routing DRA SBC IMS Core SGW MME CSCF Internet Border Policy / Charging Control SGi Data Plane Functions - Forwarding - QoS - ACL - Inspections Device and Application » vSEG on COTS hardware on Linux » Similar deployment and operational model as today » Benefits: » Removes restriction of physical chassis » scale to very large number of line cards SEG v-SEG (DP) v-SEG (CP)
© 2014 Stoke The LTE Security Framework vSEG Phase 2 7 Other LTE Network SGW MME DRA SBC CSCF Internet Border Policy / Charging Control Internet S1-C S1-U Internet V-EPC RAN-Core Border v-SEG (DP) v-SEG (CP) Security Gateway Cloud QoS InspectionACLs IKE AAA Routing SEG Controller SDN Controller » Disaggregate control plane and data plane functions to scale each function independently. » Can be integrated with Operator's SDN infrastructure » Benefits » Fully elastic on-demand deployment » Capacity can be added dynamically by adding more service nodes » Scale some functions disproportionately
© 2014 Stoke Conclusions 8 » Each domain of the LTE Security Framework provides protection against specific threats and therefore has unique functional and performance requirements » S1 Link has stringent performance and latency requirements » Purpose built platforms will remain the mainstay for next few years » Virtualization has benefits, but is not the answer for all use cases | Proprietary and Confidential

Recommended

Sec conf london_v07
Sec conf london_v07Sec conf london_v07
Sec conf london_v07
Mary McEvoy Carroll
 
New world IP traffic, new dimensions for Diameter management
New world IP traffic, new dimensions for Diameter managementNew world IP traffic, new dimensions for Diameter management
New world IP traffic, new dimensions for Diameter management
Innovation Assured
 
New world IP traffic, new dimensions for Diameter management
New world IP traffic, new dimensions for Diameter managementNew world IP traffic, new dimensions for Diameter management
New world IP traffic, new dimensions for Diameter management
Innovation Assured
 
SDN-architecture
SDN-architectureSDN-architecture
SDN-architecture
walid lakehal
 
Brkcld 2215
Brkcld 2215Brkcld 2215
Brkcld 2215
JuanCarlosMuruchi
 
The Need for an Access Grandmaster Clock
The Need for an Access Grandmaster ClockThe Need for an Access Grandmaster Clock
The Need for an Access Grandmaster Clock
ADVA
 
Webinar: The Software Matters in Open Networking
Webinar: The Software Matters in Open NetworkingWebinar: The Software Matters in Open Networking
Webinar: The Software Matters in Open Networking
Storage Switzerland
 
Service Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioService Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with Istio
Michelle Holley
 

Recommended

Sec conf london_v07
Sec conf london_v07Sec conf london_v07
Sec conf london_v07
Mary McEvoy Carroll
 
New world IP traffic, new dimensions for Diameter management
New world IP traffic, new dimensions for Diameter managementNew world IP traffic, new dimensions for Diameter management
New world IP traffic, new dimensions for Diameter management
Innovation Assured
 
New world IP traffic, new dimensions for Diameter management
New world IP traffic, new dimensions for Diameter managementNew world IP traffic, new dimensions for Diameter management
New world IP traffic, new dimensions for Diameter management
Innovation Assured
 
SDN-architecture
SDN-architectureSDN-architecture
SDN-architecture
walid lakehal
 
Brkcld 2215
Brkcld 2215Brkcld 2215
Brkcld 2215
JuanCarlosMuruchi
 
The Need for an Access Grandmaster Clock
The Need for an Access Grandmaster ClockThe Need for an Access Grandmaster Clock
The Need for an Access Grandmaster Clock
ADVA
 
Webinar: The Software Matters in Open Networking
Webinar: The Software Matters in Open NetworkingWebinar: The Software Matters in Open Networking
Webinar: The Software Matters in Open Networking
Storage Switzerland
 
Service Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioService Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with Istio
Michelle Holley
 
5 g reference network architecture techplayon
5 g reference network architecture techplayon5 g reference network architecture techplayon
5 g reference network architecture techplayon
RobertHsiung
 
Securing Micro Services in Cloud Foundry
Securing Micro Services in Cloud FoundrySecuring Micro Services in Cloud Foundry
Securing Micro Services in Cloud Foundry
PLUMgrid
 
OSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and Beyond
OSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and BeyondOSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and Beyond
OSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and Beyond
Lumina Networks
 
Introducció a les xarxes 5G
Introducció a les xarxes 5GIntroducció a les xarxes 5G
Introducció a les xarxes 5G
TICAnoia
 
Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...
Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...
Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...
Open Mobile Alliance
 
Network Slicing overview_v6
Network Slicing overview_v6Network Slicing overview_v6
Network Slicing overview_v6Marie-Paule Odini
 
Realising the Immediate Benefits of SDN and NFV
Realising the Immediate Benefits of SDN and NFVRealising the Immediate Benefits of SDN and NFV
Realising the Immediate Benefits of SDN and NFV
Napier University
 
Introduction to Tungsten Fabric and the vRouter
Introduction to Tungsten Fabric and the vRouterIntroduction to Tungsten Fabric and the vRouter
Introduction to Tungsten Fabric and the vRouter
Liz Warner
 
NovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAPNovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAP
ITU
 
5G Microservices
5G Microservices5G Microservices
5G Microservices
Lumina Networks
 
CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?
CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?
CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?
AreaNetworking.it
 
SDN/NFV architecture vision and reality
SDN/NFV architecture vision and reality SDN/NFV architecture vision and reality
SDN/NFV architecture vision and reality
Colt Technology Services
 
Open Network Edge Services Software for 5G and Edge
Open Network Edge Services Software for 5G and EdgeOpen Network Edge Services Software for 5G and Edge
Open Network Edge Services Software for 5G and Edge
Liz Warner
 
Fostering the Evolution of Network Based Cloud Service Providers.
Fostering the Evolution of Network Based Cloud Service Providers.Fostering the Evolution of Network Based Cloud Service Providers.
Fostering the Evolution of Network Based Cloud Service Providers.
Cisco Service Provider
 
CisCon 2018 - Analytics per Storage Area Networks
CisCon 2018 - Analytics per Storage Area NetworksCisCon 2018 - Analytics per Storage Area Networks
CisCon 2018 - Analytics per Storage Area Networks
AreaNetworking.it
 
Independent Validation of Cisco’s Multi Vendor Support
Independent Validation of Cisco’s Multi Vendor SupportIndependent Validation of Cisco’s Multi Vendor Support
Independent Validation of Cisco’s Multi Vendor Support
Cisco Service Provider
 
SDN-Based Enterprise Connectivity Service
SDN-Based Enterprise Connectivity ServiceSDN-Based Enterprise Connectivity Service
SDN-Based Enterprise Connectivity Service
Open Networking Summit
 
Design of integrated mine safety monitor system based on zig bee
Design of integrated mine safety monitor system based on zig beeDesign of integrated mine safety monitor system based on zig bee
Design of integrated mine safety monitor system based on zig bee
impulsetechembedded12
 
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFVRevolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
PLUMgrid
 
Microservices K8S
Microservices K8SMicroservices K8S
Microservices K8S
Lumina Networks
 
Computer network
Computer networkComputer network
Computer network
CarolinaSepulvedabetancur16
 
{Ca} SDN NFV in wireless networks 2015 for LTE world Summit
{Ca} SDN NFV in wireless networks 2015 for LTE world Summit{Ca} SDN NFV in wireless networks 2015 for LTE world Summit
{Ca} SDN NFV in wireless networks 2015 for LTE world Summit
Patrick Lopez
 

More Related Content

What's hot

5 g reference network architecture techplayon
5 g reference network architecture techplayon5 g reference network architecture techplayon
5 g reference network architecture techplayon
RobertHsiung
 
Securing Micro Services in Cloud Foundry
Securing Micro Services in Cloud FoundrySecuring Micro Services in Cloud Foundry
Securing Micro Services in Cloud Foundry
PLUMgrid
 
OSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and Beyond
OSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and BeyondOSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and Beyond
OSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and Beyond
Lumina Networks
 
Introducció a les xarxes 5G
Introducció a les xarxes 5GIntroducció a les xarxes 5G
Introducció a les xarxes 5G
TICAnoia
 
Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...
Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...
Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...
Open Mobile Alliance
 
Realising the Immediate Benefits of SDN and NFV
Realising the Immediate Benefits of SDN and NFVRealising the Immediate Benefits of SDN and NFV
Realising the Immediate Benefits of SDN and NFV
Napier University
 
Introduction to Tungsten Fabric and the vRouter
Introduction to Tungsten Fabric and the vRouterIntroduction to Tungsten Fabric and the vRouter
Introduction to Tungsten Fabric and the vRouter
Liz Warner
 
NovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAPNovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAP
ITU
 
5G Microservices
5G Microservices5G Microservices
5G Microservices
Lumina Networks
 
CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?
CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?
CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?
AreaNetworking.it
 
SDN/NFV architecture vision and reality
SDN/NFV architecture vision and reality SDN/NFV architecture vision and reality
SDN/NFV architecture vision and reality
Colt Technology Services
 
Open Network Edge Services Software for 5G and Edge
Open Network Edge Services Software for 5G and EdgeOpen Network Edge Services Software for 5G and Edge
Open Network Edge Services Software for 5G and Edge
Liz Warner
 
Fostering the Evolution of Network Based Cloud Service Providers.
Fostering the Evolution of Network Based Cloud Service Providers.Fostering the Evolution of Network Based Cloud Service Providers.
Fostering the Evolution of Network Based Cloud Service Providers.
Cisco Service Provider
 
CisCon 2018 - Analytics per Storage Area Networks
CisCon 2018 - Analytics per Storage Area NetworksCisCon 2018 - Analytics per Storage Area Networks
CisCon 2018 - Analytics per Storage Area Networks
AreaNetworking.it
 
Independent Validation of Cisco’s Multi Vendor Support
Independent Validation of Cisco’s Multi Vendor SupportIndependent Validation of Cisco’s Multi Vendor Support
Independent Validation of Cisco’s Multi Vendor Support
Cisco Service Provider
 
SDN-Based Enterprise Connectivity Service
SDN-Based Enterprise Connectivity ServiceSDN-Based Enterprise Connectivity Service
SDN-Based Enterprise Connectivity Service
Open Networking Summit
 
Design of integrated mine safety monitor system based on zig bee
Design of integrated mine safety monitor system based on zig beeDesign of integrated mine safety monitor system based on zig bee
Design of integrated mine safety monitor system based on zig bee
impulsetechembedded12
 
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFVRevolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
PLUMgrid
 
Microservices K8S
Microservices K8SMicroservices K8S
Microservices K8S
Lumina Networks
 

What's hot (20)

5 g reference network architecture techplayon
5 g reference network architecture techplayon5 g reference network architecture techplayon
5 g reference network architecture techplayon
 
Securing Micro Services in Cloud Foundry
Securing Micro Services in Cloud FoundrySecuring Micro Services in Cloud Foundry
Securing Micro Services in Cloud Foundry
 
OSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and Beyond
OSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and BeyondOSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and Beyond
OSN Bay Area Feb 2019 Meetup: ONAP Edge, 5G and Beyond
 
Introducció a les xarxes 5G
Introducció a les xarxes 5GIntroducció a les xarxes 5G
Introducció a les xarxes 5G
 
Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...
Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...
Introduction to OMA LightweightM2M by OMA Device Management Chairman (IoT Wor...
 
Network Slicing overview_v6
Network Slicing overview_v6Network Slicing overview_v6
Network Slicing overview_v6
 
Realising the Immediate Benefits of SDN and NFV
Realising the Immediate Benefits of SDN and NFVRealising the Immediate Benefits of SDN and NFV
Realising the Immediate Benefits of SDN and NFV
 
Introduction to Tungsten Fabric and the vRouter
Introduction to Tungsten Fabric and the vRouterIntroduction to Tungsten Fabric and the vRouter
Introduction to Tungsten Fabric and the vRouter
 
NovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAPNovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAP
 
5G Microservices
5G Microservices5G Microservices
5G Microservices
 
CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?
CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?
CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?
 
SDN/NFV architecture vision and reality
SDN/NFV architecture vision and reality SDN/NFV architecture vision and reality
SDN/NFV architecture vision and reality
 
Open Network Edge Services Software for 5G and Edge
Open Network Edge Services Software for 5G and EdgeOpen Network Edge Services Software for 5G and Edge
Open Network Edge Services Software for 5G and Edge
 
Fostering the Evolution of Network Based Cloud Service Providers.
Fostering the Evolution of Network Based Cloud Service Providers.Fostering the Evolution of Network Based Cloud Service Providers.
Fostering the Evolution of Network Based Cloud Service Providers.
 
CisCon 2018 - Analytics per Storage Area Networks
CisCon 2018 - Analytics per Storage Area NetworksCisCon 2018 - Analytics per Storage Area Networks
CisCon 2018 - Analytics per Storage Area Networks
 
Independent Validation of Cisco’s Multi Vendor Support
Independent Validation of Cisco’s Multi Vendor SupportIndependent Validation of Cisco’s Multi Vendor Support
Independent Validation of Cisco’s Multi Vendor Support
 
SDN-Based Enterprise Connectivity Service
SDN-Based Enterprise Connectivity ServiceSDN-Based Enterprise Connectivity Service
SDN-Based Enterprise Connectivity Service
 
Design of integrated mine safety monitor system based on zig bee
Design of integrated mine safety monitor system based on zig beeDesign of integrated mine safety monitor system based on zig bee
Design of integrated mine safety monitor system based on zig bee
 
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFVRevolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
 
Microservices K8S
Microservices K8SMicroservices K8S
Microservices K8S
 

Viewers also liked

Computer network
Computer networkComputer network
Computer network
CarolinaSepulvedabetancur16
 
{Ca} SDN NFV in wireless networks 2015 for LTE world Summit
{Ca} SDN NFV in wireless networks 2015 for LTE world Summit{Ca} SDN NFV in wireless networks 2015 for LTE world Summit
{Ca} SDN NFV in wireless networks 2015 for LTE world Summit
Patrick Lopez
 
LTE - 3GPP Standard Perspective
LTE - 3GPP Standard PerspectiveLTE - 3GPP Standard Perspective
LTE - 3GPP Standard Perspective
Muhannad Aulama
 
CDMA
CDMACDMA
CDMA
Mshari Alabdulkarim
 
Code Division Multiple Access- CDMA
Code Division Multiple Access- CDMA Code Division Multiple Access- CDMA
Code Division Multiple Access- CDMA
ViVek Patel
 
Basic of telecommunication presentation
Basic of telecommunication presentationBasic of telecommunication presentation
Basic of telecommunication presentationhannah05
 
telecommunication-ppt
telecommunication-ppttelecommunication-ppt
telecommunication-pptsecomps
 
Wireless communication
Wireless communicationWireless communication
Wireless communicationDarshan Maru
 

Viewers also liked (8)

Computer network
Computer networkComputer network
Computer network
 
{Ca} SDN NFV in wireless networks 2015 for LTE world Summit
{Ca} SDN NFV in wireless networks 2015 for LTE world Summit{Ca} SDN NFV in wireless networks 2015 for LTE world Summit
{Ca} SDN NFV in wireless networks 2015 for LTE world Summit
 
LTE - 3GPP Standard Perspective
LTE - 3GPP Standard PerspectiveLTE - 3GPP Standard Perspective
LTE - 3GPP Standard Perspective
 
CDMA
CDMACDMA
CDMA
 
Code Division Multiple Access- CDMA
Code Division Multiple Access- CDMA Code Division Multiple Access- CDMA
Code Division Multiple Access- CDMA
 
Basic of telecommunication presentation
Basic of telecommunication presentationBasic of telecommunication presentation
Basic of telecommunication presentation
 
telecommunication-ppt
telecommunication-ppttelecommunication-ppt
telecommunication-ppt
 
Wireless communication
Wireless communicationWireless communication
Wireless communication
 

Similar to Securing the LTE Core: the Road to NFV

Securing the shared network
Securing the shared networkSecuring the shared network
Securing the shared network
Mary McEvoy Carroll
 
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native InfrastructureSecuring the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native Infrastructure
MyNOG
 
[cb22] Tales of 5G hacking by Karsten Nohl
[cb22] Tales of 5G hacking by Karsten Nohl[cb22] Tales of 5G hacking by Karsten Nohl
[cb22] Tales of 5G hacking by Karsten Nohl
CODE BLUE
 
LTE: Building next-gen application services for mobile telecoms
LTE: Building next-gen application services for mobile telecomsLTE: Building next-gen application services for mobile telecoms
LTE: Building next-gen application services for mobile telecomsNuoDB
 
 Network Innovations Driving Business Transformation
 Network Innovations Driving Business Transformation Network Innovations Driving Business Transformation
 Network Innovations Driving Business Transformation
Cisco Service Provider
 
PLNOG 7: Klaudiusz Staniek - MPLS a QoS - praktycznie
PLNOG 7: Klaudiusz Staniek - MPLS a QoS - praktyczniePLNOG 7: Klaudiusz Staniek - MPLS a QoS - praktycznie
PLNOG 7: Klaudiusz Staniek - MPLS a QoS - praktycznie
PROIDEA
 
Colt SD-WAN experience learnings and future plans
Colt SD-WAN experience learnings and future plansColt SD-WAN experience learnings and future plans
Colt SD-WAN experience learnings and future plans
Colt Technology Services
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco Canada
 
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
Nur Shiqim Chok
 
Edge / Far Edge: Convergent Access & Transport Infrastructure
Edge / Far Edge: Convergent Access & Transport InfrastructureEdge / Far Edge: Convergent Access & Transport Infrastructure
Edge / Far Edge: Convergent Access & Transport Infrastructure
Dmitry Timerkhanov
 
BRKCRS-2110.pdf
BRKCRS-2110.pdfBRKCRS-2110.pdf
BRKCRS-2110.pdf
Asif Qureshi
 
Module 2-lte architecture and protocol
Module 2-lte architecture and protocolModule 2-lte architecture and protocol
Module 2-lte architecture and protocol
ravikbdayal
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Canada
 
Cisco connect winnipeg 2018 gain insight and programmability with cisco dc ...
Cisco connect winnipeg 2018 gain insight and programmability with cisco dc ...Cisco connect winnipeg 2018 gain insight and programmability with cisco dc ...
Cisco connect winnipeg 2018 gain insight and programmability with cisco dc ...
Cisco Canada
 
Introduction to Segment Routing
Introduction to Segment RoutingIntroduction to Segment Routing
Introduction to Segment Routing
MyNOG
 
CTIA 2010 Corporate Overview
CTIA 2010 Corporate OverviewCTIA 2010 Corporate Overview
CTIA 2010 Corporate Overview
Continuous Computing
 
Skt.2013.innovation technology for future convergence network
Skt.2013.innovation technology for future convergence networkSkt.2013.innovation technology for future convergence network
Skt.2013.innovation technology for future convergence network
son6971
 
Cisco at v mworld 2015 theater presentation brfarnha
Cisco at v mworld 2015 theater presentation brfarnhaCisco at v mworld 2015 theater presentation brfarnha
Cisco at v mworld 2015 theater presentation brfarnha
ldangelo0772
 
Introducing Application Engineered Routing Powered by Segment Routing
Introducing Application Engineered Routing Powered by Segment RoutingIntroducing Application Engineered Routing Powered by Segment Routing
Introducing Application Engineered Routing Powered by Segment Routing
Cisco Service Provider
 
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with ViptelaUnderstanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
Cisco Canada
 

Similar to Securing the LTE Core: the Road to NFV (20)

Securing the shared network
Securing the shared networkSecuring the shared network
Securing the shared network
 
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native InfrastructureSecuring the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native Infrastructure
 
[cb22] Tales of 5G hacking by Karsten Nohl
[cb22] Tales of 5G hacking by Karsten Nohl[cb22] Tales of 5G hacking by Karsten Nohl
[cb22] Tales of 5G hacking by Karsten Nohl
 
LTE: Building next-gen application services for mobile telecoms
LTE: Building next-gen application services for mobile telecomsLTE: Building next-gen application services for mobile telecoms
LTE: Building next-gen application services for mobile telecoms
 
 Network Innovations Driving Business Transformation
 Network Innovations Driving Business Transformation Network Innovations Driving Business Transformation
 Network Innovations Driving Business Transformation
 
PLNOG 7: Klaudiusz Staniek - MPLS a QoS - praktycznie
PLNOG 7: Klaudiusz Staniek - MPLS a QoS - praktyczniePLNOG 7: Klaudiusz Staniek - MPLS a QoS - praktycznie
PLNOG 7: Klaudiusz Staniek - MPLS a QoS - praktycznie
 
Colt SD-WAN experience learnings and future plans
Colt SD-WAN experience learnings and future plansColt SD-WAN experience learnings and future plans
Colt SD-WAN experience learnings and future plans
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
 
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
 
Edge / Far Edge: Convergent Access & Transport Infrastructure
Edge / Far Edge: Convergent Access & Transport InfrastructureEdge / Far Edge: Convergent Access & Transport Infrastructure
Edge / Far Edge: Convergent Access & Transport Infrastructure
 
BRKCRS-2110.pdf
BRKCRS-2110.pdfBRKCRS-2110.pdf
BRKCRS-2110.pdf
 
Module 2-lte architecture and protocol
Module 2-lte architecture and protocolModule 2-lte architecture and protocol
Module 2-lte architecture and protocol
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
 
Cisco connect winnipeg 2018 gain insight and programmability with cisco dc ...
Cisco connect winnipeg 2018 gain insight and programmability with cisco dc ...Cisco connect winnipeg 2018 gain insight and programmability with cisco dc ...
Cisco connect winnipeg 2018 gain insight and programmability with cisco dc ...
 
Introduction to Segment Routing
Introduction to Segment RoutingIntroduction to Segment Routing
Introduction to Segment Routing
 
CTIA 2010 Corporate Overview
CTIA 2010 Corporate OverviewCTIA 2010 Corporate Overview
CTIA 2010 Corporate Overview
 
Skt.2013.innovation technology for future convergence network
Skt.2013.innovation technology for future convergence networkSkt.2013.innovation technology for future convergence network
Skt.2013.innovation technology for future convergence network
 
Cisco at v mworld 2015 theater presentation brfarnha
Cisco at v mworld 2015 theater presentation brfarnhaCisco at v mworld 2015 theater presentation brfarnha
Cisco at v mworld 2015 theater presentation brfarnha
 
Introducing Application Engineered Routing Powered by Segment Routing
Introducing Application Engineered Routing Powered by Segment RoutingIntroducing Application Engineered Routing Powered by Segment Routing
Introducing Application Engineered Routing Powered by Segment Routing
 
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with ViptelaUnderstanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
 

More from Mary McEvoy Carroll

Hadoop top 20 influencers of 2015
Hadoop top 20 influencers of 2015Hadoop top 20 influencers of 2015
Hadoop top 20 influencers of 2015
Mary McEvoy Carroll
 
Machine learning's 2015 top influencers
Machine learning's 2015 top influencersMachine learning's 2015 top influencers
Machine learning's 2015 top influencers
Mary McEvoy Carroll
 
What is the connected retail environment?
What is the connected retail environment?What is the connected retail environment?
What is the connected retail environment?
Mary McEvoy Carroll
 
A guided tour to the internet of things in the sim connected world
A guided tour to the internet of things in the sim connected worldA guided tour to the internet of things in the sim connected world
A guided tour to the internet of things in the sim connected world
Mary McEvoy Carroll
 
Connectem VCM powered by VMware - partner brief
Connectem VCM powered by VMware - partner briefConnectem VCM powered by VMware - partner brief
Connectem VCM powered by VMware - partner brief
Mary McEvoy Carroll
 
Latency considerations in_lte
Latency considerations in_lteLatency considerations in_lte
Latency considerations in_lte
Mary McEvoy Carroll
 
Top5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalTop5 protectiondomains infographic_final
Top5 protectiondomains infographic_final
Mary McEvoy Carroll
 
Infonetics and Stoke webinar: Security at the speed of VoLTE
Infonetics and Stoke webinar: Security at the speed of VoLTEInfonetics and Stoke webinar: Security at the speed of VoLTE
Infonetics and Stoke webinar: Security at the speed of VoLTE
Mary McEvoy Carroll
 
Lte security concepts and design considerations
Lte security concepts and design considerationsLte security concepts and design considerations
Lte security concepts and design considerations
Mary McEvoy Carroll
 
Secure from GO: Design considerations for the integration of security into L...
Secure from GO: Design considerations for the integration of security into L...Secure from GO: Design considerations for the integration of security into L...
Secure from GO: Design considerations for the integration of security into L...
Mary McEvoy Carroll
 
Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Secure from go: Stoke Guide to Securing LTE Networks from Day 1Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Mary McEvoy Carroll
 
Infonetics white paper: Security at the Speed of VoLTE
Infonetics white paper: Security at the Speed of VoLTEInfonetics white paper: Security at the Speed of VoLTE
Infonetics white paper: Security at the Speed of VoLTE
Mary McEvoy Carroll
 

More from Mary McEvoy Carroll (13)

Hadoop top 20 influencers of 2015
Hadoop top 20 influencers of 2015Hadoop top 20 influencers of 2015
Hadoop top 20 influencers of 2015
 
Machine learning's 2015 top influencers
Machine learning's 2015 top influencersMachine learning's 2015 top influencers
Machine learning's 2015 top influencers
 
What is the connected retail environment?
What is the connected retail environment?What is the connected retail environment?
What is the connected retail environment?
 
A guided tour to the internet of things in the sim connected world
A guided tour to the internet of things in the sim connected worldA guided tour to the internet of things in the sim connected world
A guided tour to the internet of things in the sim connected world
 
Connectem VCM powered by VMware - partner brief
Connectem VCM powered by VMware - partner briefConnectem VCM powered by VMware - partner brief
Connectem VCM powered by VMware - partner brief
 
Latency considerations in_lte
Latency considerations in_lteLatency considerations in_lte
Latency considerations in_lte
 
Top5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalTop5 protectiondomains infographic_final
Top5 protectiondomains infographic_final
 
Infonetics and Stoke webinar: Security at the speed of VoLTE
Infonetics and Stoke webinar: Security at the speed of VoLTEInfonetics and Stoke webinar: Security at the speed of VoLTE
Infonetics and Stoke webinar: Security at the speed of VoLTE
 
Lte security concepts and design considerations
Lte security concepts and design considerationsLte security concepts and design considerations
Lte security concepts and design considerations
 
Secure from GO: Design considerations for the integration of security into L...
Secure from GO: Design considerations for the integration of security into L...Secure from GO: Design considerations for the integration of security into L...
Secure from GO: Design considerations for the integration of security into L...
 
Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Secure from go: Stoke Guide to Securing LTE Networks from Day 1Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Secure from go: Stoke Guide to Securing LTE Networks from Day 1
 
Lte transport requirements
Lte transport requirementsLte transport requirements
Lte transport requirements
 
Infonetics white paper: Security at the Speed of VoLTE
Infonetics white paper: Security at the Speed of VoLTEInfonetics white paper: Security at the Speed of VoLTE
Infonetics white paper: Security at the Speed of VoLTE
 

Recently uploaded

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 

Securing the LTE Core: the Road to NFV

  • 1. © 2014 Stoke Securing the LTE Core – the Road to NFV | Proprietary and Confidential Dilip Pillaipakam Vice President, Product Management and Marketing
  • 2. © 2014 Stoke The LTE Security Framework 2 S9 S1-C Internet S1-U S5/S8 S6A Gx Gz/Gy Other LTE Network S11 RAN-Core Border SEG The border between RAN and Core (S1) requires protection against specific risks to critical infrastructure at that interface Control Plane Functions - IKE - AAA - Routing DRA SBC IMS Core SGW MME CSCF Internet Border Policy / Charging Control SGi Data Plane Functions - Forwarding - QoS - ACL - Packet Inspection Device and Application
  • 3. © 2014 Stoke LTE Security at the S1 Link – Emerging Trends 3 Challenge Requirements Stronger Security • 2048 bit key length • PKI Signaling Protection - New Threat Vectors • Protect core - exponential transaction increase • S1 protocol/state validation VoLTE Rollout • Low latency transport • Sub-1 second recovery Elastic Deployment • Virtualized security gateway on COTS • SDN integration Scalable Small Cell Deployments • Dense session aggregation • Intelligent load balancing
  • 4. © 2014 Stoke Use Case: Macro and Small Cell Security 4 » Unsecured backhaul » Rapidly increasing throughput » High tunnel density » Ultra-low latency » Directly impacts subscriber QoE 44 MME SGW Office Home Outdoor Metrocell Small Cells 4G LTE EPC MME SGW EPC E2E Latency Budget = 100 ms VoLTE: Low Latency Small Packets
  • 5. © 2014 Stoke Office Home Outdoor Metrocell Small Cells Use Case: Signaling Overload » Signaling Overload Threats » Application initiated » Compromised eNodeBs » Natural disasters » Prioritized Traffic » Already connected subscribers » Specific eNodeBs SGW 4G LTE EPCMillions of Service Requests MME Application Update Server QoE: Prioritize 5
  • 6. © 2014 Stoke The LTE Security Framework vSEG Phase 1 6 S9 Internet S5/S8 S6A Gx Gz/Gy Other LTE Network S11 RAN-Core Border Control Plane Functions - IKE - AAA - Routing DRA SBC IMS Core SGW MME CSCF Internet Border Policy / Charging Control SGi Data Plane Functions - Forwarding - QoS - ACL - Inspections Device and Application » vSEG on COTS hardware on Linux » Similar deployment and operational model as today » Benefits: » Removes restriction of physical chassis » scale to very large number of line cards SEG v-SEG (DP) v-SEG (CP)
  • 7. © 2014 Stoke The LTE Security Framework vSEG Phase 2 7 Other LTE Network SGW MME DRA SBC CSCF Internet Border Policy / Charging Control Internet S1-C S1-U Internet V-EPC RAN-Core Border v-SEG (DP) v-SEG (CP) Security Gateway Cloud QoS InspectionACLs IKE AAA Routing SEG Controller SDN Controller » Disaggregate control plane and data plane functions to scale each function independently. » Can be integrated with Operator's SDN infrastructure » Benefits » Fully elastic on-demand deployment » Capacity can be added dynamically by adding more service nodes » Scale some functions disproportionately
  • 8. © 2014 Stoke Conclusions 8 » Each domain of the LTE Security Framework provides protection against specific threats and therefore has unique functional and performance requirements » S1 Link has stringent performance and latency requirements » Purpose built platforms will remain the mainstay for next few years » Virtualization has benefits, but is not the answer for all use cases | Proprietary and Confidential