As the complexity of mobile network security increases with 3G/LTE and telco cloud/SDN, a centralized identity and access control system able to authenticate operator staff and provide secure, granular access to network elements is required.
- Network Access Guard provides identity access management to secure traditional, virtualized and Software Defined Networks
- Signaling Security Solution, consisting of Signaling Guard and Security Assessment service, detects and prevents attacks that exploit vulnerabilities in the SS7 protocol
As the complexity of mobile network security increases with 3G/LTE and telco cloud/SDN, a centralized identity and access control system able to authenticate operator staff and provide secure, granular access to network elements is required. Potential vulnerabilities in the SS7 (Signaling System 7) protocol could open the door to advanced fraud, hijacking of subscriber communications or Denial-of-Service attacks. To help operators deal with the multifaceted demands of protecting security and privacy in the smartphone and Internet of Things (IoT) era, Nokia Networks has extended itssecurity portfoliowith new protection capabilities complemented by expert professional services in assessment and deployment.
Dealing with rocketing security complexity
Two new Nokia Networks solutions help shield network operations from unauthorized access, both from external attackers and from staff within organizations:
- Nokias Network Access Guard addresses the sheer intricacy that operators face in managing internal staff access to multiple network element systems. It secures, identifies and monitors employee access while simplifying the way privileged users handle critical network elements.
- Nokias Signaling Security Solution can identify weaknesses in an operators SS7* infrastructure and implement a firewall to protect against subscriber data being hacked as well as other malicious intrusions. Nokia Networks is the only major telecom infrastructure vendor to offer such end-to-end SS7 protection.
Click to Tweet:Two new #telcosecurity solutions from @nokianetworks safeguard network operationsnokia.ly/1JGqfU2#NetworksPerform
How to protect against internal and external threats
- Nokias Network Access Guardimplements centralized identity access management in multivendor networks. Protection is achieved through a combination of single sign-on authentication for user simplicity, session management to control who accesses network resources, audit logging to track user sessions, and user policy management. The software can secure traditional, virtualized and Software Defined Networks (SDN) supplied by multiple vendors. It helps avert service interruptions that could damage customer experience, cause revenue loss and lead to Service Level Agreement (SLA) penalties.
- Nokias Signaling Security Solutionconsists of two elements:
- Nokia Signaling Guardtracks SS7 sessions and inspects signaling traffic in real time. Thus it is able to detect external attacks that normally would not be recognized by conventional SS7 network elements. The solution can block unauthorized access to subscriber profiles and helps assure service availability. Efficient fraud protection builds subscriber trust to secure revenue streams.
- Nokia Security Assessmentis a new expert service that analyzes an operators network security architecture and protection of network elements to pinpoint vulnerabilities that could lead to security breaches or service disruptions. The insights provide the foundation for planning and implementing security improvements to allay subscribers privacy concerns, encouraging higher use of mobile services.
Patrick Donegan, Chief Analyst, Heavy Reading, said:The vulnerability of SS7 to eavesdropping and DDoS** attacks surfaced as an issue for operators during the summer of 2014. As with other vulnerabilities that emerge with older technologies that are expected to remain in the network for a significant period of time, these are vulnerabilities that operators need to be looking to close off.
Giuseppe Targia, Vice President Security Business, Nokia Networks, said:Security in network operations involves a number of critical aspects, and with these new launches we are addressing two of the most important ones. Firstly, multivendor and multitechnology deployments in mobile networks create a challenge in managing access control policies from a security perspective, thus making it difficult to protect the network from insider threats or internal staff errors. This is why a new, carrier-scale, identity access management strategy is needed.
He added: SS7, a well known protocol within the telecom network industry used by hundreds of cellular companies to operate and communicate with one another, has been shown to be vulnerable. Thus operators nowadays need an easy way to deploy an SS7 security solution in order to protect the network against privacy and fraud attacks.
By focusing on the human possibilities of technology, Nokia embraces the connected world to help people thrive. Our three businesses are leaders in their fields: Nokia Networks provides broadband infrastructure, software and services; HERE provides mapping, navigation and location intelligence; and Nokia Technologies provides advanced technology development and licensing.www.nokia.com
Nokia Networks, which provides broadband infrastructure, software and services, operates at the forefront of our industry. From the first ever call on GSM to the first call on LTE, we have set the pace of innovation, a record that continues with future technologies such as 5G. Together with our operator customers, who serve close to 5 billion subscribers, we are embracing the opportunity of the connected world and helping to solve its challenges.https://networks.nokia.com/