Protecting Mobile Network Services and SLAs

Securing 4G/GiLAN and 5G/NG6 Interfaces

EPC/5G-NGC to Internet/PDN (4G's Gi/sGi and 5G NG6 interfaces) Security Challenges

Challenged with the explosion of mobile business solutions, cloud, IoT’s multiple use cases, and the promise of 5G on the horizon, mobile core to Internet traffic bandwidth and volume are expected to drastically increase. Alongside the sheer volume increase, the criticality of mobile Internet services continues to increase and with it, the need for security and compliance. As the capacity of the network expands, the mobile core to Internet/PDN connectivity (the Gi-LAN for 4G and NG6 for 5G) need to deliver the appropriate scalable security services to safeguard the operator’s core infrastructure from the potential increase in malicious attacks coming into the network.

mobile-carrier-clouds-pdn-security-fortios.jpg

FortiGate: Scalable and Proven Best-of-Breed Gi/sGi Firewall

Fortinet’s security operating system (FortiOS) empowers physical and virtual firewalls, provides a complete set of NGFW and UTM security services for IPv4/IPv6 networks, dynamic contexting of subscribers, and device-type policies. This provides highly scalable, best-of-breed Gi-LAN/NG6 firewalling. Multi-media messaging service (MMS) Scanning extends the content filtering, anti-malware, and data loss prevention (DLP) capabilities into rich, content-based services. The rich UTM capabilities enable the provisioning of security-related revenue generating services.

 

User Security Services from Gi-LAN/Telco Cloud

Granular security user services can be provided by FortiOS at the Gi-LAN and Telco cloud based on a rich set of security services and functionalities, such as antivirus, intrusion prevention (IPS), application control, and more. These services, such as clean-pipe internet connectivity and others, can be used as competitive advantages and revenue-generating services.

 

file

Physical Appliance (PNF) or Virtual Network Function (VNF)

FortiGate and its hundreds of mobile-specific security features can be implemented as a PNF with high availability (HA) and the highest proven scalability. Fortinet’s custom security processors provide hardware acceleration to meet today and tomorrow’s traffic and session volume with minimum latency and no compromise on the depth and range of Gi-LAN/NG6 Internet/PDN security.

The same capabilities are provided by FortiGate virtual machines (VMs) acting as  VNFs. With the industry’s smallest footprint and fastest boot time, they provide a unique consolidated security NGFW & UTM VNF for 4G/4.5G and 5G environments. Dynamic and massive auto scaling is achieved via proven integration with software-defined networking (SDN) and European Telecommunications Standards Institute (ETSI) NFV management and orchestration (MANO) platforms such as Amdocs, Ciena’s Blue Planet, HPE, Ericsson, Nokia, Cisco, and more.

file

SDN Integration

Fortinet technology and Fabric-Ready Partner programs ensure SDN integration via Fortinet Connectors and Fortinet APIs (available via the Fortinet Developer Network). These include integration with Nuage Networks, Cisco ACI, and VMware NSX.