Embed Size (px)
DESCRIPTION
Any LTE security framework must address five key points of vulnerability. This presentation examines the specific risks to critical EPC infrastructure at the S1 link (the border between RAN and core, reviews emerging trends and threat vectors at that interface, details some pertinent use cases, and outlines the steps to virtualization.
Citation preview
© 2014 Stoke
Securing the LTE Core – the Road to NFV
| Proprietary and Confidential
Dilip Pillaipakam
Vice President, Product Management and Marketing
© 2014 Stoke 2
The LTE Security Framework
S9
S1-C
Internet
S1-U S5/S8
S6A
Gx
Gz/Gy
Other LTE Network
S11
RAN-Core Border
SEG
The border between RAN and Core (S1) requires protection against specific risks to critical infrastructure at that interface
Control Plane Functions- IKE- AAA- Routing
DRA
SBCIMS Core
SGW
MME
CSCF
Internet Border
Policy / Charging Control
SGi
Data Plane Functions- Forwarding- QoS- ACL- Packet Inspection
Device and Application
© 2014 Stoke
LTE Security at the S1 Link – Emerging Trends
3
Challenge Requirements
Stronger Security• 2048 bit key length
• PKI
Signaling Protection - New Threat Vectors
• Protect core - exponential transaction increase
• S1 protocol/state validation
VoLTE Rollout• Low latency transport
• Sub-1 second recovery
Elastic Deployment• Virtualized security gateway on COTS
• SDN integration
Scalable Small Cell Deployments
• Dense session aggregation
• Intelligent load balancing
© 2014 Stoke 4
Use Case: Macro and Small Cell Security
» Unsecured backhaul
» Rapidly increasing throughput
» High tunnel density
» Ultra-low latency
» Directly impacts subscriber QoE
44
MME
SGW
Office
Home
OutdoorMetrocell
Small Cells
4G LTE
EPC
Millions of
Tunnels
MME
SGW
EPC
E2E Latency Budget = 100 ms
VoLTE:Low Latency
Small Packets
High Bandwidth
© 2014 Stoke
Office
Home
OutdoorMetrocell
Small Cells
Use Case: Signaling Overload
» Signaling Overload Threats
» Application initiated
» Compromised eNodeBs
» Natural disasters
» Prioritized Traffic
» Already connected subscribers
» Specific eNodeBs
SGW
4G LTE
EPCMillions of Service Requests MME
Application Update Server
QoE: Prioritize
5
© 2014 Stoke 6
The LTE Security FrameworkvSEG Phase 1
S9
Internet
S5/S8
S6A
Gx
Gz/Gy
Other LTE Network
S11
RAN-Core Border
Control Plane Functions- IKE- AAA- Routing
DRA
SBC
IMS Core
SGW
MME
CSCF
Internet Border
Policy / Charging Control
SGi
Data Plane Functions- Forwarding- QoS- ACL- Inspections
Device and Application
» vSEG on COTS hardware on Linux
» Similar deployment and operational model as today
» Benefits: » Removes restriction of physical
chassis» scale to very large number of line
cards
SEGv-SEG (DP)
v-SEG (CP)
© 2014 Stoke 7
The LTE Security FrameworkvSEG Phase 2
Other LTE Network
SGW
MME
DRA
SBC
CSCF
Internet Border
Policy / Charging Control
Internet
S1-C
S1-U
Internet
V-EPC
RAN-Core Border
v-SEG (DP)
v-SEG (CP)
Security Gateway Cloud
QoS InspectionACLs
IKE AAA Routing
SEG Controller
SDN Controller
» Disaggregate control plane and data plane functions to scale each function independently.
» Can be integrated with Operator's SDN infrastructure
» Benefits » Fully elastic on-demand deployment» Capacity can be added dynamically
by adding more service nodes» Scale some functions
disproportionately
© 2014 Stoke 8
Conclusions
» Each domain of the LTE Security Framework provides protection against specific threats and therefore has unique functional and performance requirements
» S1 Link has stringent performance and latency requirements
» Purpose built platforms will remain the mainstay for next few years
» Virtualization has benefits, but is not the answer for all use cases
| Proprietary and Confidential
