4G-5G Interworking

Security for 4G-5G RAN and Core Networks Interworking

THE NEED TO SECURE 4G-5G INTERWORKING

The availability of 5G infrastructure (NR and NC) capabilities and services will be carried out gradually. 5G cell deployment will be gradual and the availability and adaption of 5G-capable UE will not open overnight. It is therefore important to be able to integrate elements of different generations in different configurations with 5G, as defined by 3rd Generation Partnership Project (3GPP):

  • Stand Alone (SA) scenario uses only one radio access technology (5G-NR or the evolved LTE) and the core networks (EPC and 5G-NGC) are operated alone.
  • Non Stand Alone (NSA) scenario combines NR and LTE radio cells using dual connectivity to provide radio access and the core network may be either EPC or 5G-NGC.

As 5G will need to coexist and interwork with 4G for many years to come, we’re likely to see the vast majority of these deployments as NSA initially, as a way of reducing time to market and ensuring good coverage and mobility.

The following table provides 4G and 5G deployment options. Five deployment options are available for 5G and there can be multiple paths to reach the target configuration. It is essential to consider migration steps that would comprise different paths and would require some scope and depth on 4G-5G interworking.

Deployment Type

EPC

5GC

SA

 

Option #2: NR under 5G-NGC

Option #5: LTE under 5G-NGC

NSA

Option #3: LTE and NR under EPC

Option #4: NR and LTE under 5G-NGC

Option #7: LTE and NR under 5G-NGC

Based on the migration path taken by the operator, 4G-5G interworking may be required to ensure 5G services availability and seamless continuity. These interworking points include RAN/NR to core networks and EPC/IMS to 5G-NGC.
 

mobile-carrier-graphics-na-lte.jpg

Diagram 1

Securing RAN/NR to EPC/5G-NGC Interworking

In the first years of 5G deployment, NSA RAN will be implemented where access to the EPC and 5G-NGC (when available) will be mostly done via the LTE/LTE-A RAN infrastructure due to relatively low density of 5G NR cells.

Whatever migration path is taken (see diagram 1), 4G-5G RAN-CN interworking used the combination of  S1-U/S1-C, X2/Xn and N2/N3 interfaces that are secured by FortiGate PNF and VNF.

 

Securing EPC - 5G-NGC Interworking

On top of RAN interworking, the different migration paths also require network core integration between the EPC and 5G-NGC. This can be achieved via the implementation of the optional N26 interface between LTE's Mobility Management Entity (MME) and 5G's Access Management Function (AMF) to enable interworking between the two cores and provide seamless session continuity. Interworking without the N26 interface is possible via interworking of the appropriate EPC and 5G-NGC components, as outlined in diagram 2.

The interfaces and protocols used for these core interactions, whether legacy EPC protocols such as SCTP, Diameter, or GTP, or protocols such as HTTP/2, JSON-based API calls, other native Internet protocols, the same FortiGate VNFs and PNFs used to secure overall core signaling can be used and extended to secure the required 4G-5G interworking.

 



mobile-carrier-non-roaming-architecture.jpg

Diagram 2