Mobile Edge Computing

Safeguarding the Edge Cloud with a Rich Set of Security VNFs and Services

Securing Mobile Edge Computing (MEC) and the Edge Cloud

MEC offers application developers and content providers cloud-computing capabilities and an IT service environment at the edge of the mobile network. This environment is characterized by ultra-low latency and high bandwidth as well as real-time access to radio network information that can be leveraged by applications. MEC provides a new ecosystem and value chain. Operators can open their Radio Access Network (RAN) edge to authorized third parties, allowing them to flexibly and rapidly deploy innovative applications and services to mobile subscribers, enterprises, and vertical segments.

Although MEC is often considered a 5G-only feature, the MEC reference architecture, defined by European Telecommunications Standards Institute (ETSI), is agnostic to the mobile network evolution, so that a MEC host deployed in a 4G network can be reused to support 5G services as well as via a software upgrade.

A consolidated vision of the MEC platform is about deploying it as part of an NFV environment where MEC applications would be deployed as virtual network functions (VNFs). The MEC platform would be virtualized as well and offered as a network service that introduces additional challenges in all life-cycle and enablement procedures for the MEC application (VNFs). Also, the management and orchestration systems from both MEC and NFV are meant to co-operate in order to carry out their respective functions.

MEC-related security services are important for several reasons:

  • Rich security gateway (SecGW) services are required to deliver security between the MEC platform and applications to the core network. It is also required to secure the interworking to other mobile edge platforms that may be hosted on the edge cloud.
  • Security micro-segmentation is required to ensure applications isolation and network slice isolation while delivering the appropriate security services.
  • Rich set of user-facing security services to secure user’s access and use of MEC applications.
  • Web application security to ensure the MEC's web applications’ integrity and resilience.
  • IoT security services are required as IoT-related MEC, applications, services, and network slices are expected to be an important MEC use case.

These security services VNFs can be deployed as an application VNF under the management of the MEC platform or as a VNF under the NFV orchestrator and VNFM. The MEC platforms and application's ability to deliver network slice-based services with the appropriate latency, scalability, and resilience requires auto scaling of security VNFs via software-defined networking (SDN) integration.

 

mobile-carrier-mec-edge-cloud.jpg

Fortinet Security Solutions for Mobile Edge Computing

Fortinet's security VNFs and their integration with ETSI NFV framework in 4G RAN and EPCs work in production networks all around the world.