With the improved technological capabilities of 5G, operators are encountering a significantly increased attack surface with more potential entry points for attackers to access end devices and infrastructure. Technological advancements, such as Multi-Access Edge Compute (MEC), Mobile Private Networks (MPN) and network virtualisation, together with the operators’ desire to use an open standard/white box architecture and leverage greater automation, create an increasingly complex landscape for operators to manage.
With an increasing number of actors in the 5G ecosystem, security considerations and challenges will differ depending on their role. A few considerations from differing perspectives:
Security is one of the fundamental key factors for customers considering MPN, although other functional or performance aspects may be more of a draw for businesses.
An example of one of these aspects is confidentiality. This is considered a positive attribute of 5G private networks; however, it is reliant on the implementation of the network slice by the service provider being made to a standard appropriate to the customers’ requirements. Operators will have variances of MPN services. Net Reply foresee security becoming one of the key service differentiators and intricate security considerations will be observed across the following flavours of MPN services:
Identity and access monitoring is a key aspect. Private 5G will allow access to the 5G core network for numerous entities, these will need to be verified and monitored. Zero-Trust philosophy and Privileged Identity Management (PIM) controls including Role Based Access Control (RBAC), just-in-time, and just-enough-access must be applied to support a defined approval process and a clear audit trail. Customers will route many different applications through their network and each service has different sensitivity levels which should be carefully assessed where they wish to expose service traffic. Operators will need to consider to what level their Private 5G services are secured, and what level of control to give to customers. Here we would ask two questions:
Operators will be able to leverage significant aspects of pre-existing 4G, fixed access and network core security controls. However, in addition to these, 5G networks lend themselves to being able to utilise cloud-based operations, enabling the efficient management and security of an increasingly complex, multivendor environment.
If you have any questions, or would like to understand more about how Net Reply UK can help you to understand and secure your 5G network, please get in contact with me here: .