We’ve already witnessed a massive evolution with mobile networks across the globe as 4G-LTE continues to expand. Mobile network operators, or MNOs, are now evolving these networks rapidly with an eye toward reaching 5G, but there remains a large gap in their security architectures that only widens as they add more bandwidth, lower network latency, and expand overall network capacity to accommodate the exponential growth in device connections and digital application usage that 5G will bring.
This is a perfect storm for cybercriminals, especially as more mobile subscribers with advanced devices are added, along with massive numbers of connected “things” that are projected to attach to mobile networks in the billions of numbers worldwide. Traffic growth between interconnected roaming LTE networks is also accelerating, giving cybercriminals yet another expanding threat vector they can exploit – the roaming interfaces between these networks. Within EU countries, for example, there was approximately 800 percent growth in roaming traffic in 2017. All these factors are increasing business risk over time for mobile operators, and the internet of things, or IoT, is especially a game changer.
A continued reliance on legacy security approaches leaves networks blind and unable to effectively see and stop the accelerating numbers of security threats that will only expand and continue to increase. To close the gap between the 4G/5G networks and security architectures and stay ahead of today’s and tomorrow’s advanced cyberthreats, mobile operators need to adopt new tools and technologies that allow them to:
- See deep inside their network traffic – both data and signaling.
- Apply big data analytics with automation of security at scale.
- Establish an adaptive security architecture that allows for rapid security innovations over time.
At Palo Alto Networks, we are delivering breakthrough security technologies for mobile networks that allow MNOs to not only close their network security gap but also make sure their ongoing network evolutions are matched with a strong evolutionary security architecture that enables them to protect and maximize their future business growth.
Now, for the first time, MNOs can leverage deep traffic inspection of data and signaling traffic to enable complete and unprecedented levels of visibility within 4G/5G networks, and tightly couple this visibility with an advanced, cloud-based threat analysis environment to efficiently and effectively process these unique sets of mobile network data and deliver automated protection mechanisms. MNOs can now establish the advanced and automated mobile network security framework needed to stay ahead of their network evolution curve.
These key breakthrough mobile network technologies, which we will be officially unveiling next week at Mobile World Congress in Barcelona, include:
- GTP-U content inspection: Inspection of IP traffic encapsulated within the GTP-U packets across both RAN and roaming interfaces of the mobile carrier network. See and stop threats that are targeting attached devices and impacting mobile network services and resources.
- GTP-C content inspection and protections: Inspection of IP traffic encapsulated within the GTP-C packets within the Mobile Network Enhanced Packet Core (EPC). Enable stateful inspection, protocol validation, filtering, application of GTP-C flood signatures, and other advanced security capabilities, with complete support of GTPv2-C.
- IMSI and IMEI correlation: Ability to correlate data from the GTP inspection with mobile subscriber and mobile device data – identify specific users and devices that are infected and compromised. Take rapid action to isolate, quarantine, and resolve security-related issues.
- Network protections from GTP-based attacks and message floods: Prevention of advanced threats traversing the RAN and roaming interfaces. See and stop traffic anomalies that are impacting networks and services – both malicious and benign in nature.
- Network protections from signaling-based attacks: Inspection of mobile network signaling traffic across SCTP, SS7, and diameter signaling channels. Detect signaling anomalies and prevent signaling-related attacks and incidents.
- Automated analysis and correlation of big data to prevent threats: This enables MNOs to link unique sets of threat data to specific subscribers and devices, which gives them the ability to take rapid action on infected devices and users. MNOs can also automatically deliver new network protections.
With our Next-Generation Security Platform, MNOs will transform their overall security posture, enabling them to deal with the expanded attack vectors across their 4G/5G networks and the continually increasing cyberattacks that are impacting their mobile users and disrupting delivery of their mobile services. Our platform also provides the flexibility and agility needed by MNOs to ensure the same levels of security and performance are achieved across all deployment scenarios, plus an open Application Framework that will allow for MNOs to continue to easily integrate new security innovations over time as needed.