There are a number of well-established security tools for defending and protecting networks. Many of the concepts were originally developed for the enterprise network environment and are finding use in mobile carriers. Just to clarify, when I say mobile carriers’ environment, I do not mean the enterprise systems and internal connectivity and services. I mean the subscriber service network of Radio, Core Packet, Intelligent Network and Service Platforms.
The security of the subscriber-serving infrastructure is clearly a critical business focus for mobile carriers and media exposure to the lack of baked-in security obviously has to be addressed. Mobile carriers need to offer security for network users and secure new IoT infrastructure. This security will be a prerequisite for the mission critical segments on new 5G infrastructure.
We all know that mobile network infrastructure today is not secure, (2G, 3G and 4G networks have all been compromised). To enhance security, mobile networks require the addition of some significant security capability add-on functionality. I wanted to review the options and what the relative values are:
What are the options?
- Security Penetration Testing: This is generally conducted from outside of a mobile network where a 3rd party is recruited to test the network security. These can be used as a once off study or as a repeated process.
- Passive Security Analysis: This is generally conducted with an offline platform analysing all of the network traffic from SS7, DIAMETER, GTP-C, SIP or ISUP connections. 5G protocols will be the next evolution. The data is processed, by applying pre-configured rules and may go through additional stages of automated analysis or manual study. Note: to affect the network blocking rules, they have to be deployed on network nodes such as STPs or DEA/DRAs and/or Active Security Firewalls.
- Active Security Firewall: This is a real-time pre-configured firewall that can block security threats based on pre-configured rules and detection algorithms.
- Security Intelligence Services: These are services that add expert knowledge and domain perspective in the form or a consulting engagement or as an intelligence information feed into a security team or function.
Which option offers best protection for my network?
There are 2 dimensions to consider. Firstly, the range of security services deployed, all of these services offer value in different ways and form the basis for an end-to-end security capability for all mobile network service providers. When used in combination these techniques make for a state-of-the-art signaling security capability.
The second dimension to consider is the network interface that is protected. For example, protecting HSS with an SS7 Firewall will be compromised if the same HSS can be accessed by DIAMETER protocols that are unprotected by a firewall. One of my colleagues describes this as a venue charging at the front door for entrance but leaving the backdoor open.
The way in which these services are stitched into a cohesive security process will determine their success. Remember the objective is to secure the network and using the strengths of each service is ultimately the best way to achieve this objective.
Best in Class Mobile Network Security Process
Best in class mobile network security requires the creation of a process that is reactive to information in a cyclic nature.
There is a security mindset that must be developed and maintained. Networks are normally designed with a stable set of functions and features tested thoroughly before being deployed into the network. Cycle-times for this activity is normally months or years and this is not a suitable cadence for security functionality.
Security responses have to be much faster than the cycle time of the network. A security platform needs to be updated within days to maintain security. This can best be achieved with a security process and platform that has been designed to allow functionality updates and enhancements.
At AdaptiveMobile Security, we offer the very best mobile network security toolbox to the world’s leading mobile carriers. With global scale and visibility, our security solutions provide our customers with real-time insight into what is happening across their networks and the actionable intelligence to respond to these threats faster. If you wish to better protect your network and subscribers contact our experts to learn more.