The nationwide rollout of 5G can be considered one of the most anticipated technological advancements in recent memory. While many focus on the benefits for consumers, organizations are also ready to reap the benefits. However, despite all the fanfare about next-generation mobile performance and low latency, there are still some concerns about whether 5G for enterprise will meet all the security requirements. of the modern enterprise network.
In fact, mobile-enabled wireless WANs (WWANs) have had enterprise-grade security at the edge of the network for many years. In addition, 5G is probably even more secure than 4G, with new developments at the core level of the network.
Improved security at the network level: from 4G to 5G
Opportunities to improve security arise with each new generation of mobile technology. In particular, 5G has brought a number of important changes:
- New authentication framework: With 5G protocol, New authentication framework has been introduced. This is based on a well-established and widely used IT protocol called the Extensible Authentication Protocol (EAP), which is open, network-agnostic, and more secure.
- Enhance subscriber privacy: 5G provides privacy enhancements against attacks that occur when a base station misfits a user’s equipment to force it to shut down. In 5G, the International Mobile Subscriber Identity (IMSI) is not used in paging, less text is exchanged, and the network performs analysis on the radio environment, detecting anomalous base stations.
- Improve the flexibility and security of the core network: 5G network core moves to Service Based Architecture (SBA). This is delivered by a set of interconnected Network Functions (NFs), with access to each other’s services. SBA enables plug-and-play software creation, rapid programming, and network cutting, helping to streamline operations and support more innovation.
- Extended Roaming Security: The 5G standard represents enhanced interoperability security between network operators, centered on a network function known as Security Edge Protection Proxy (SEPP). SEPP sits at the edge of each operator’s 5G network; Each operator’s SEPP is authenticated and application-layer security protects the traffic.
- Advanced integrity protection of the user plane: The 5G standard introduces a new feature that helps protect users’ aircraft traffic between the device and the cell tower, aimed at reducing man-in-the-middle attacks that interfere with sensitive aircraft information. of unprotected users.
Mobile broadband security at the edge
While companies will continue to use the advanced network security tactics they used with wired broadband and 4G at the edge, now is the time for them to look at the technologies involved. The following 5G:
Private 5G network: Organizations with large areas that require a secure LAN connection can deploy Private mobile network (PCN). Companies can control their own PCNs by deploying localized micro-towers and mini-cells – similar to access points. It is comparable to a miniature version of a public network, except that you control the quality of service as well as the security.
5G is the first mobile network specification to truly adopt virtualization, significantly saving the cost of deploying expensive physical network cores.
Network cut: The reliability, speed and low latency of 5G can only be balanced if the network components are sharing the right information with appropriate Virtual Network Functions (VNFs). This is done through network cut in the SBA.
Consider how cloud computing moves to containerization and VNFs; similar to this, 5G core is moving to this model and building microservices contained in security groups or sections, working to achieve the promises made for specific traffic based on quality. its service markup (Single Network Slice Selection Support Information, or S-NSSAI).
Network slicing allows network service providers to deliver network services tailored to the unique needs of each organization. At the same time, it gives companies the ability to choose the right level of security for each use case.
Wired and wireless network security
If cybersecurity professionals have not yet installed new and adaptive security protocols to protect their traditional wired networks, now is the time to deploy these security architectures to secure both wired and wireless end.
Zero Trust Network Access (ZTNA): ZTNA is a security concept that assumes anyone trying to gain access to the network or application is a malicious actor – and someone will need to be constantly verified. It uses an adaptive verification policy on a per-session basis that can take into account things including the user’s device, location, identity, time and date of the request, as well as any usage patterns that have occurred. previously observed.
The rapid growth of the Internet of Things (IoT) and other connected use cases means that organizations will need to work harder and remotely control authentication and identity of devices and flows. data between them. With that in mind, ZTNA will be a key component of 5G security at the edge of the network.
Secure Access Service Edge (SASE): With so much data now headed to the cloud, most of the security services are also there. Combining network and security functions, SASE is a cloud-delivered security model in which traffic is encrypted and directed to a cloud service where a complex stack of security technologies applies. complex.
Canadian companies are already rolling out 5G connectivity for a wide range of applications, if they haven’t already. Mining, retail and foodservice pop-ups, extensive branch offices, vehicles and more – all of these organizations can dramatically improve scalability secure and fast through the deployment of layers of security and a wireless edge router that can manage the cloud cohesively. WWAN and SASE fit perfectly at the delivered edge.
The enhanced core security of 5G – in addition to today’s advanced security technologies in the cloud such as SASE and ZTNA – will enable organizations to embrace 5G while dramatically improving their first-class security position. their end.