Top5 protectiondomains infographic_final
Click here to load reader
-
Upload
mary-mcevoy-carroll -
Category
Documents
-
view
39 -
download
1
description
Transcript of Top5 protectiondomains infographic_final
The Top 5 LTE Protection
DomainsLTE operators have invested heavily in protecting the subscriber and the network in five key areas.
Copyright 2014 Stoke, Inc.
The LTE SecurityFramework
User equipment must beauthenticated by the corenetwork before enabled to makevoice calls, texting, Internetbrowsing or access any other service through the mobilenetwork. This helps preventsfraudulent use of subscriberservices by an unauthorized useror different device.
Malware infections increased by 20% in2013, to 11.6M mobile devicesworldwide, 60% of which are Androiddevices
Device & ApplicationIntegrity Ensured
Malware Infections
11.6M
Source: Kindsight Security Labs Malware Report Q4 2013
Mobile operators andmanufacturers provide anti-virus software and provideguidance on softwareapplications that may bequestionable.
Remote "wipe"through devicesoftware, removessubscriber informationin the event of devicetheft or loss.
Device Misuse Malware and Viruses
A security gateway (SEG)provides secureaggregation of traffic andensures correctauthentication of cellsites.
RAN-Core BorderMalicious Access Averted
Intensified BackhaulRisks
53%
By 2017, over half of LTE cellsites areforecast toencrypt trafficusing IPsec.
60M SmallCells
Source: Small Cells Forum, 2016 forecast
Small cells are especially vulnerable to hackerinterception and spoofingas they are often deployedin less secure locations andconnected with untrustedbackhaul.
Source: Heavy Reading
EncryptedThe SEG protects core
network assets andfurther ensures subscriber
confidentiality.
With almost $3 B in projected servicerevenues, operators must protectpremium voice (VoLTE) from maliciousintrusion, unauthorized access, andpoor quality of experience (QoE).
Diameter Routing Agents (DRA) andSession Border Controllers (SBC)support critical core functions.
Security gateways protect privacywithout adding perceivable latencythat would impair voice quality.
IMS Core & PCC VulnerableVoLTE
Policy Charging and ControlElements provide secureaccess to authorized servicesand accurate billing.
IP Multimedia Subsystemsenable voice over LTE (VoLTE)and ensure that onlyauthorized sessions areallowed access.
Source: Infonetics
$2.7 B
2017
VoLTE ServiceRevenue
Authorized Service Use
Malicious denial-of-service attacks are morecommonly initiated through the Internet, butcan enter through an unsecured RAN-Coreborder or through roaming partnerinterfaces.
Firewalls, IDS and security gateways aredeployed to protect against DDoS attacksthat can cause widescale service outages orotherwise disrupt service access and quality.
DDoS Defense
Service Disruption
20%
Source: Arbor Networks
Internet Border
20 % of mobile operators have had acustomer visible outage due to asecurity incident. 25% have seen DDoSattacks targeting users or network.
Denial-of-serviceattacks causeservice outages byflooding thenetwork with somuch traffic that anetwork element isoverwhelmed andcannot provideservice tolegitimate traffic.
25%
Copyright 2014 Stoke, Inc., All Rights Reserved
www.stoke.com