Multi-access Edge Computing
Safeguarding the Edge Cloud with a Rich Set of Security VNFs and Services
Multi-access Edge Computing (MEC) and the Edge Cloud
MEC offers application developers and content providers cloud-computing capabilities and an IT service environment at the edge of the mobile network. This environment is characterized by ultra-low latency and high bandwidth as well as real-time access to radio network information that can be leveraged by applications. MEC provides a new ecosystem and value chain. Operators can open their Radio Access Network (RAN) edge to authorized third parties, allowing them to flexibly and rapidly deploy innovative applications and services to mobile subscribers, enterprises, and vertical segments.
Although MEC is often considered a 5G-only feature, the MEC reference architecture, defined by European Telecommunications Standards Institute (ETSI), is agnostic to the mobile network evolution, so that a MEC host deployed in a 4G network can be reused to support 5G services as well as via a software upgrade.
A consolidated vision of the MEC platform is about deploying it as part of an NFV environment where MEC applications would be deployed as virtual network functions (VNFs). The MEC platform would be virtualized as well and offered as a network service that introduces additional challenges in all life-cycle and enablement procedures for the MEC application (VNFs). Also, the management and orchestration systems from both MEC and NFV are meant to co-operate in order to carry out their respective functions.
MEC-related security services are important for several reasons:
- Rich security gateway (SecGW) services are required to deliver security between the MEC platform and applications to the core network. It is also required to secure the interworking to other Multi-access Edge platforms that may be hosted on the edge cloud.
- Security micro-segmentation is required to ensure applications isolation and network slice isolation while delivering the appropriate security services.
- Rich set of user-facing security services to secure user’s access and use of MEC applications.
- Web application security to ensure the MEC's web applications’ integrity and resilience.
- IoT security services are required as IoT-related MEC, applications, services, and network slices are expected to be an important MEC use case.
These security services VNFs can be deployed as an application VNF under the management of the MEC platform or as a VNF under the NFV orchestrator and VNFM. The MEC platforms and application's ability to deliver network slice-based services with the appropriate latency, scalability, and resilience requires auto scaling of security VNFs via software-defined networking (SDN) integration.
Fortinet Security Solutions for Multi-access Edge Computing
Fortinet's security VNFs and their integration with ETSI NFV framework in 4G RAN and EPCs work in production networks all around the world.
- Fortinet provides a rich set of security VNFs meeting all MEC's internal and user-facing security services and requirements.
- Fortinet VNFs VNFO and generic VNFMs integration spans major technologies and providers for fast MEC onboarding.
- Fortinet's Security VNFs integration with SDN spans major vendors such as Nokia's Nuage Networks, Cisco ACI, and VMware's NSX.
- Fortinet's low footprint VNFs with SDN integration allows massive scale out of security services at the MEC cloud.
- Fortinet's FortiGate VNF provides a rich set of IoT-related security capabilities to safeguard edge cloud IoT applications, services, and network slices.