Business & Technology

Fortinet Secures the Path to 5G

By John Maddison | February 19, 2019

Fortinet has just announced its portfolio support for the Mobile Service Provider transformation to a 5G core network. Fortinet has a growing family of advanced security solutions not only designed for, but fully integrated together to protect today’s evolving networks and virtual infrastructures. The latest addition to this portfolio is the introduction of Virtual SPU (Security Processing Unit) technology to power our VM-based security products.

5G brings new service opportunities

Service Providers are embracing 5G transformation to increase network capacity, improve operational efficiency, deliver gigabit speed connectivity, and support new revenue generating use cases—such as enhanced mobile broadband, multiaccess edge computing, and IoT. To accomplish this, they have to support and secure a rapid architectural shift to open, virtual, and cloud infrastructure. In fact, the rapid adoption of these technologies is one of the primary reasons why Service Providers need to implement advanced security techniques designed to protect their new network infrastructures and revenue generating services in order to augment their traditional perimeter-based security measures.

We are at the threshold of remarkable growth and opportunity in the mobile space. 5G has now been commercially launched and there is strong momentum in the global 5G market. In the United States, a major communications service provider launched a 5G fixed in-home service (internet service) at the beginning of October 2018, and all four of the country’s major service providers have now publicly announced that they will begin providing 5G services by mid-2019. On a global level, major 5G network deployments are anticipated beginning in 2020.

Fortinet solutions for 5G transformation

Fortinet offers a suite of strategic security solutions specifically designed to address the unique challenges facing operators as they migrate their core networks to deliver 5G mobility services. These specialized tools provide the ability to build an integrated security framework that optimizes the cost of launching and operating new services and revenue opportunities and enhances the ability to achieve service level goals, all while mitigating advanced threats.

Fortinet has a pedigree of building high performance carrier-class products and solutions. For example, we offer next generation firewalls that not only protect the mobile carrier signaling, roaming, charging, and internet interfaces with our 5G-ready FortiGate 7000 and FortiGate 5000 series, but we also provide secure transport for backhaul and fronthaul traffic with our FortiGate 3000 series. FortiGate NGFWs powered by the FortiCarrier OS offers several key security features including:

Stateful termination of GTP-C and GTP-U traffic (Gn/Gp interfaces and S5/S8 interfaces) to provide complete protection and content inspection to prevent GTP signaling attacks.

Comprehensive SCTP protection and inspection, including SCTP over IPSec VPN, IPS DoS protection, flood attacks, fuzzing attacks, and more.

Extensive protection with hardware acceleration for SIP (Voice) and MMS (multimedia messaging) features, including inspect only and header rewrite modes, complex SIP NAT environments, rate limiting, topology hiding, and more

Highest capacity for virtual domains and very high scale for profiles to enable true multi-tenancy needed to support MVNOs, IoT providers ,etc. Carrier features can be defined per-virtual domain.

For virtualized infrastructures, Fortinet offers a broad range of next generation virtual firewalls and virtual web application firewall virtualized network functions (VNFs). Powered by Fortinet’s Virtual SPU Technology, FortiGate Virtual Network Functions (VNFs) deliver significant increases in application and carrier security performance through innovative security processing optimizations and the latest packet processing acceleration technologies. While the FortiGate NGFW VNFs provide comprehensive network security capabilities along with deep application visibility and control, the FortiWeb WAF VNFs protect web applications and APIs powering cloud-based services.

These VNFs also have a small footprint, boot within seconds, and require less storage, thereby enabling service providers to protect their virtual networks and cloud platforms cost effectively. And for the efficient and agile deployment and utilization of these security VNFs, Fortinet also delivers integrations with NFV platform and SDN vendors. At the same time, FortiSIEM offers service providers offline inspection, security event correlation, and advanced analytics to detect and respond to application and user threats that may have evaded other inline protection systems.

Opportunity

The move to 5G presents service providers with a tremendous opportunity to grow their revenue streams into enterprise service offerings, in addition to improving ARPU with advanced mobile applications for consumers. These new services, however, require the adoption of virtual and cloud-based technologies that open up an entirely new set of vulnerabilities and threats to the infrastructure and services.

By utilizing Fortinet advanced security and high-performance systems, service providers can continuously monitor their extensive and complex mobile core networks and automatically detect and respond to threats. Additionally, Fortinet’s security fabric components provide mobile carriers with improved visibility through comprehensive and correlated analytics, and the ability to thwart complex external and internal security threats that can impact network infrastructure and services through massive scalability, high performance, broad visibility, and deep, granular controls.

Learn more about Fortinet's 5G security solutions.

Read the 5G Security Survey by Heavy Reading or the "Securing 4G, 5G and Beyond" white paper.