AdaptiveMobile LTE Whitepaper A4 1212

Whitepaper
Mobile Network Security: The Challenges & Solutions in an LTE Landscape
Introduction
As the rollout of LTE networks rapidly progress in many countries, and with LTE Advanced hot on its heels, the exponential growth in data traffic volumes on mobile networks is expected to continue for thew foreseeable future. The LTE system architecture has been defined to provide the increased traffic speeds and functionality that consumers want, and has also been defined to integrate seamlessly as either an overlay or a complete re-design of operator existing telecom network. Routing, switching and firewall capabilities are co-evolving with this traffic growth however security, and application level security in particular, is the one area within the LTE system that remains undefined and unanswered. Proposed solutions include the use of non-security specific nodes, which are not designed to meet the need, do not have security as their core competency and do not address the complete security requirements for consumers or reliability for operators. As a result, the implementation of Application layer security to perform advanced threat detection in LTE networks requires a fresh approach. So what is the threat that LTE networks face now and in the future? The ability to monetize attacks or infect mobile devices is still possible and therefore likely on an LTE network. Add to this the growth in the number and type of devices, plus the increased functionality they will have, means the number of potential targets is both wider and deeper. However, the task of analyzing traffic is further complicated by the vast amount of application layer communications LTE generates: URLs, IP-based messaging (email, MMS, IMS-based messaging, OTT messaging), VoIP calls, social networking interactions, mobile app-generated traffic, M2M interactions and other protocols both now and in the future. Therefore to provide a reliable security solution that doesnt impact network performance requires the use of offline analytics capabilities that are focused on detecting and responding to security threats. These analytics capabilities need to be able to function with both off-line and with real-time data, in order to be able to detect and handle immediate threats while correlating events across multiple traffic streams. Another challenge for LTE is the lack of standardization around application layer security. Once a threat is detected, there are no standards-based mechanisms in place to inform other network nodes what actions they should take to mitigate the threat. In the absence of a clear architectural framework for responding to threats, and the severity of threats likely to be encountered, AdaptiveMobile has put forward a set of recommendations for mobile operators both for deploying green-field LTE networks or for overlaying a security framework within existing deployments.
AdaptiveMobile Whitepaper Mobile Network Security: The Challenges & Solutions in an LTE Landscape
Suspicious Tra c from Data Plane
LTE Overview
3G/4G
TAP
DPI
Internet
LTE (Long Term Evolution) is primarily used by HSPA networks that have downlink peak Collector Push Actions to DPI rates of 300Mbit/s, uplink peak rates of 75Mbit/s and QoS provisions permitting roundEvent Feed ? trip times of less than 10ms1. LTE has major enhancements on the both the Radio side, and Push AdaptiveMobile NPP+ IP Information (optional) for Analysis on & Filtering the Core side to enable these higher data rates. The enhancements the Core side were captured by 3GPPs SAE (System Architecture Evolution) standardization project, which delivered the EPC Evolved Packet Core model.
H P P o r L a i n t B L 4 6 0 c G 7 H P P o r L a i n t B 4 L 6 0 c G 7 HPPo r La i n t B4 L 6 0 c G7 H P P o r L a i n t B 4 L 6 0 c G 7 HPPo r La i nt BL 4 6 0 c G7 H P P o r L a i n t B L 4 6 0 c G 7 HPPo r La i nt BL 4 6 0 c G7 H P P o r L a i n t B L 4 6 0 c G 7
U I D
U I D
U I D
U I D
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
H P P o r L a i n t B L 4 6 0 c G 7
H P P o r L a i n t B 4 L 6 0 c G 7
HPPo r L a i n t B4 L 6 0 c G7
U I D
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
OK
PCRF The purpose of the EPC is to
Support the higher data rates delivered by the advanced LTE radio network 3G/4G TAP Internet Deliver a flat, simple, all-IP architecture Collector Handle interoperability between the air interfaces of different 3GPP networks Event Feed (e.g. LTE/LTE-Advanced/EDGE/GPRS), and between 3GPP and non-3GPP networks AdaptiveMobile NPP+ (WiMax and CDMA)
U I D
U I D
U I D
U I D
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
U I D
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
OK
Routing rules for suspicious subscribers To supply this required provisioned to 3G/4G network via PCRF
for Analysis & Filtering
IP Information (optional) functionality in LTE, a number of additional telecom elements
are required:
eUTRAN Evolved Packet Core IMS
eNodeB
MME
HSS PCRF
IMS
eNodeB
S-GW
P-GW
LTE Network
PDN
BTS
MSC/ GGSN
PSTN & Other Networks
Old Core Network

Fig. 1 LTE Overview
LTE Deployment
The combined function of these nodes is to handle the accelerated radio network and IP traffic, before the data is handled by any IMS or other core network IP handling technology. This provides one of the LTE networks greatest strengths as what exists beyond it is variable, providing the operator with a range of deployment options. The result is that LTE is being rolled out and implemented in different ways throughout the world; some interworking with older 3GPP and non-3GPP access networks, described as mixed legacy and LTE networks, while others are adopting pure LTE & IMS networks. IMS IMS (IP Multimedia Subsystem) is the updated packet core for handling data, voice and SMS within advanced GSM networks. Although an IMS packet core isnt required when running data service over LTE, if the operator wishes to include voice and SMS services in LTE then an IMS core is recommended . This requirement has led to an increased adoption of IMS, especially in the Americas, where operators are retiring legacy CDMA voice networks and moving all services (voice, messaging and data) to LTE.
1
Strictly speaking these data rates do not match 4G, as defined by the ITU.While LTE Advanced is a true 4G technology,ordinary LTE is referred to by the public and increasingly by operators as 4G
In the interim however, there will be a range of back-end core networks being used to integrate to LTE. This range is fully supported by the LTE, including features such the use of Circuit-Switched (CS) fall-back to handle voice and SMS in the absence of IMS networks. The result of this flexibility is that any associated solutions, in this case security, have to be equally flexible. Due to the presence of mixed networks, it is important that any security solution deployed on LTE networks is able to handle the presence of legacy networks and not simply assume that all traffic will take one form or one path. Security Handling in LTE today Discussions addressing security in LTE networks normally revolve around the following areas: Flatter and more open IP architecture as the Radio part terminated in the access network, leads to potentially greater attack vectors Interworking is possible with a variety of legacy and non-telecom networks, which may inject unwanted traffic LTE allows placement of Radio nodes (eNodeBs) in untrusted locations To address this most security designs for LTE/4G has focused on low-level processes, including: Extended authentication & key sharing and end to end confidentially More complex interworking security Additional security in eNodeBs The above has been delivered within the standards by various mechanisms such as building in the key exchange and authentication mechanisms into the signalling flows between the LTE nodes especially those involving the eNodeBs, and also via Firewall mechanism, such as the 3GPP defined SEG. However, while these address potential structural security issues at a low-level, discussion of security concerns at a higher level in the LTE network seem to have been neglected in the standards sphere. There has been some discussion about reusing the existing Policy mechanisms in the LTE network to provide application-level security. For example, within the LTE network, the PCRF node fulfils key roles in the Policy and Charging areas of the LTE network. While potentially attractive, this suffers from serious flaws, of which the most pertinent is that the PCRF simply does not have the visibility, or the control to adequately handle changing threats. While its functionality can be reused to provide a measure of security (see later sections for further details) in normal operation it is simply not designed to adequately address the security threats which will arise. What some of these future threats will be is unknown, however past experience demonstrates the changing nature of telecom threats requires a platform that is flexible and designed with a core competence in providing a secure network.
Application-level Security threats in LTE As discussed, LTE is really an evolution of the existing network technologies, and will also interwork with a variety of legacy radio and core networks. This means that upper-level security concerns in these legacy networks could be carried over on to the LTE network. Other reasons why additional threats could emerge over time include: Reduced prices for mobile IP usage and network access means that the cost to send spam and generate malicious traffic is reduced Higher data rates and proliferation of IP devices (including those from outside the LTE network) will result in an increase in the number of bad actors and make identifying maliciously infected devices more difficult An increasing number of non-human attended devices (M2M etc) will be present on the same network, with potential for misuse, especially in critical areas Additional handset functionality, more capable devices and additional processing power, combined with greater data usage increases the ability to run botnets and viruses Mobile device-based AV scanning solutions (as per the PC model) will become increasingly less sustainable due to increasing battery demands and the continuing rise in the amount of mobile malware the AV solution have to look for Changes in technology and communication uses; for example messaging sessions in LTE will no longer be confined only to 2 users and 160 characters, instead LTE will allow multi-user conversations with file transfers, making security for spam and malware links much more difficult to implement In addition to these emerging threats existing telecom frauds will continue, such as the monetization of premium-rate numbers by mobile malware or voice fraud, the exposure of key personal information via a handset or the network and the revenue opportunities for those who continue sending unwanted communications or spam. So while security concerns at the lower level of LTE have been addressed, upper-level security threats still need to be tackled and are becoming more urgent. To provide effective protection it is essential to identify threats as they occur. The key hindrance in an LTE network is the sheer amount of data, resulting in the need for sophisticated off-line analysis in order to determine when traffic is unwanted, malicious or harmful.
The Adaptive Approach

Analytics In order to handle the dynamic nature of changing security threats, there is a definite need for advanced offline analytical capabilities, focused on detecting and responding to security threats, while not adversely affecting the traffic flow. To handle these, the analytical capabilities need to be designed to address two major technological challenges: 1. Offline distributed processing of events to detect new threats, correlating events across all services (voice, messaging, web, application traffic etc) and build up a deep understanding of subscriber behaviour and reputation profile (from a security perspective) for each individual/device active on the network 2. Real-time event handling providing immediate threat response to the most severe threats, combined with immediate instructions to the network to mitigate threats
Collector/Pre-Processor TAP TAP
Figure 2 Passive Probe (Gi/SGi)
Suspicious Tra c from Plane To best handle this, two separate components areData required:
3G/4G DPI 1. A method to tap and collect trafficTAP from the network, and extract all relevant Internet Layer 7 data Collector from traffic flows. This Layer 7 or upper layer information can include: Push Actions to DPI
H P P o r L a i n t H P P o r L a i n t HPPo r La i n t H P P o r L a i n t HPPo r La i nt H P P o r L a i n t HPPo r La i nt H P P o r L a i n t
Internet
U I D
B L 4 6 0 c G 7
U I D
B 4 L 6 0 c G 7
U I D
B4 L 6 0 c G7
U I D
B 4 L 6 0 c G 7
U I D
BL 4 6 0 c G7
U I D
B L 4 6 0 c G 7
U I D
BL 4 6 0 c G7
U I D
B L 4 6 0 c G 7
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
URLs User agent information
Event Feed
H P P o r L a i n t B L 4 6 0 c G 7 H P P o r L a i n t B 4 L 6 0 c G 7 HPPo r L a i n t B4 L 6 0 c G7 H P P o r L a i n t B 4 L 6 0 c G 7
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
?
U I D
F L E X 1 F L E X 2
IP Information (optional)
OK
Push AdaptiveMobile NPP+ for Analysis & Filtering
IP Messaging content (Email, MMS, SIP-based, OTT)

PCRF
VoIP call setup requests

3G/4G
Suspicious Tra c from Data Plane TAP Internet
Social networking messages Collector

U I D
B L 4 6 0 c G 7
U I D
B 4 L 6 0 c G 7
U I D
B4 L 6 0 c G7
U I D
B 4 L 6 0 c G 7
U I D
BL 4 6 0 c G7
U I D
B L 4 6 0 c G 7
U I D
BL 4 6 0 c G7
U I D
B L 4 6 0 c G 7
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
Mobile app data
Event Feed
H P P o r L a i n t B L 4 6 0 c G 7 H P P o r L a i n t B 4 L 6 0 c G 7 HPPo r L a i n t B4 L 6 0 c G7 H P P o r L a i n t B 4 L 6 0 c G 7 HPPo r L a i n t B4 L 6 0 c G7
U I D
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
2. IRouting n order to large amount of data being tapped from the network, a big data rules foranalyze suspicious the subscribers IP Information (optional) provisioned to 3G/4G network via PCRF scale, distributed server cluster needs to be deployed. The distributed server will perform advanced threat detection using intelligent algorithms, to achieve the following functions:
OK
AdaptiveMobile NPP+ for Analysis & Filtering
Network behaviour analysis detecting DoS, spambots, zero-day attacks, port scanning etc Anomaly detection
eNodeB
eUTRAN
Evolved Packet Core
IMS
MME
HSS PCRF
IMS
Event correlation across services (SMS, Web, NetFlow/IPFIX, Email) in order to detect Compound Threats(attacks that utilise multiple network services and to extract eNodeB S-GWfor other attacks) P-GW financial gain or act as a launch point SMS Spam detection and Fingerprint generation Phishing attacks
BTS
LTE Network
PDN PSTN & Other Networks
MSC/ GGSN
Old Spyware detection Core Network
In combining these two functionalities, the Analytics system is able to provide a web-based user interface which allows security analysts the ability to review the current state of the network, analyse threats and take actions - such as making network adjustments in order to block, re-route or throttle data traffic. From Detection to Mitigation Once the data has been analyzed and any security threats detected, an integrated network solution is required to mitigate the threat. In many cases, threat intelligence can determine with absolute confidence that an attack is underway. Traffic destined for known phishing sites or to botnet command and control hosts are compelling evidence that an immediate response is required. However, there are also occasions when a degree of uncertainty is involved. A sudden increase is messaging traffic could be a legitimate marketing campaign or it could be a spam attack. A large number of subscribers accessing a web-site can be the result of a successful viral marketing campaign or it could be a distributed denial of service attack. This uncertainty is best resolved by application layer inspection of traffic flows, in which case these flows needs to be forwarded to a mitigation solution. Depending on the nature of the attack it may also be prudent to throttle this traffic temporarily; therefore reducing the immediate impact while the situation is analyzed by an inline mitigation device. Analytics not only provides the means to detect new threats, but also the intelligence to take appropriate action to minimize the risk to subscribers and to the network infrastructure. Security threats are dynamic and constantly evolving; for example, bots may lie dormant on devices and then spring to action, malware can be inadvertently installed on a device at any time and phishing attacks can be triggered by receiving email or other message. Therefore the LTE architecture for IP-network security must take this dynamic aspect into account. Action AdaptiveMobiles Network+ Protection Platform (NPP+) has been designed to provide a consistent policy-based view of user behavior across all services including SMS, MMS, Email, Voice and Web, allowing operators to identify new exploits; whether these are mobile viruses, denial of service attacks, spam or fraudulent phishing attacks, and respond rapidly to protect their network assets, subscriber privacy and subscriber credit. Once the NPP+ security platform has detected a new threat, it is critical that a response is implemented immediately. The NPP+ applies these responses as network Actions. How these Actions are enforced depends on the network architecture available. The following section reviews some network architecture options and discusses the advantages and disadvantages of each. Responding to security threats by making policy changes within the PCRF infrastructure is assumed by some network architects to be an appropriate response. The assumption here is that service control is the responsibility of the PCRF and traffic user plane nodes such as the GGSN, PDSN or PGW within the Packet Core, with the PCRF acting as the policy decision point and the nodes within the packet core responsible for subsequent enforcement of these decisions. However there are some serious drawbacks to this approach when it comes to security.
Event Feed
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
?
U I D
F L E X 1 F L E X 2
OK
PCRF
Suspicious Tra c from Data Plane TAP Collector

3G/4G
Internet
U I D
B L 4 6 0 c G 7
U I D
B 4 L 6 0 c G 7
U I D
B4 L 6 0 c G7
U I D
B 4 L 6 0 c G 7
U I D
BL 4 6 0 c G7
U I D
B L 4 6 0 c G 7
U I D
BL 4 6 0 c G7
U I D
B L 4 6 0 c G 7
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
Event Feed
H P P o r L a i n t B L 4 6 0 c G 7 H P P o r L a i n t B 4 L 6 0 c G 7 HPPo r L a i n t B4 L 6 0 c G7 H P P o r L a i n t B 4 L 6 0 c G 7 HPPo r L a i n t B4 L 6 0 c G7
U I D
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
OK
Routing rules for suspicious subscribers provisioned to 3G/4G network via PCRF
AdaptiveMobile NPP+ for Analysis & Filtering
Fig. 3 PCRF Option: A Limited Approach To Network Security
eUTRAN
Evolved Packet Core
IMS
The service control aspects of the Packet Core/PCRF interactions tend to focus on two areas charging and Quality of Service (QoS). The PCRF authorizes service usage based on IMS issues, for the eNodeB bandwidth, QoS andMME the service plan associated with theHSS subscriber. Security the most part, fall outside this limited view of service control.
PCRF Attacks including spam, denial of service, spyware, phishing etc. do not fit into the PCRF service control model as there are no Application Layer controls in place. eNodeB While it is possible to push blacklisting rules or throttling rules via the PCRF, these are S-GW P-GW crude or ineffective mechanisms to deal with security threats. In addition, there is often LTE Network no way to dynamically change network routing rules to selectively forward traffic to a PDN mitigation or trafficCollector/Pre-Processor scrubbing mechanism (such as an inline security gateway). & TAP BTS Often what is required is a direct interface to the Packet Core toPSTN push security response GGSN Other Networks Internet instructions. Some of the more mature user plane platforms have a rich set of capabilities. Old Core Network TAP However, these remain very much dependent on vendor implementations and often key features are only available in future releases. MSC/

3G/4G
TAP Collector
H P P o r L a i n t H P P o r L a i n t
DPI Push Actions to DPI

HPPo r La i n t H P P o r L a i n t HPPo r La i nt H P P o r L a i n t HPPo r La i nt H P P o r L a i n t
Internet
U I D
B L 4 6 0 c G 7
U I D
B 4 L 6 0 c G 7
U I D
B4 L 6 0 c G7
U I D
B 4 L 6 0 c G 7
U I D
BL 4 6 0 c G7
U I D
B L 4 6 0 c G 7
U I D
BL 4 6 0 c G7
U I D
B L 4 6 0 c G 7
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
Event Feed
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
?
U I D
F L E X 1 F L E X 2
OK
Fig. 4 An Integrated Security Approach: Offline Analytics, Security Mitigation working with DPI
c from Data Plane A third approach (shown in Fig.Suspicious 4) is to Tra work with dedicated Deep Packet Inspection (DPI) platforms, whose singular focus on service control over a number of years has allowed 3G/4G TAP Internet them to build technology platforms that have all the capabilities required to work well in Collector conjunction the NPP+ advanced network security. These features include a subscribercentric view of the Event network, Feed with rich and granular subscriber policy, Layer 7 application awareness, dynamic response capabilities, flexible packet routing capabilities AdaptiveMobile NPP+ etc.
PCRF
U I D
U I D
U I D
U I D
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
U I D
U I D
U I D
U I D
U I D
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
F L E X 1 F L E X 2
OK
Routing rules for suspicious subscribers AdaptiveMobile therefore provisioned to 3G/4G network via PCRF
for Analysis & Filtering
recommends, best practice for security in LTE networks, IP Informationas (optional) the integrated approach to security that is possible with DPI vendors using the architecture shown in Fig. 4. However, as Traffic User plane vendors add the rich set of capabilities available on DPI platforms today (as an integrated then be in a eUTRAN Evolved Packet Core DPI function) they will IMS position to offer a viable alternative to DPI-based approaches, and so allow more upper-level security facilities be implemented on these platforms.
eNodeB
MME
HSS PCRF
IMS
eNodeB
S-GW
P-GW
LTE Network AdaptiveMobile Whitepaper
Mobile Network Security: The Challenges & Solutions in an LTE Landscape
PDN
Actions
Via PCRF
(to User Plane Node)
Direct to User Plane Nod

(with integrated DPI function)
Standalone DPI
Bandwidth Throttling Blacklisting Rules Static Routing Rules Per Subscriber Policy Dynamic Routing Rules URL Filtering Traffic Scrubbing Real-Time Threat Response Application Layer Filtering Filtering TCP/IP Flows

Depends on Vendor
Depends on Vendor

Depends on Vendor Depends on Vendor

Depends on Vendor Depends on Vendor
AdaptiveMobile therefore recommends, as best practice for security in LTE networks, the integrated approach to security that is possible with DPI vendors using the architecture shown in Fig. 4. However, as Traffic User plane vendors add the rich set of capabilities available on DPI platforms today (as an integrated DPI function) they will then be in a position to offer a viable alternative to DPI-based approaches, and so allow more upper-level security facilities be implemented on these platforms.
About AdaptiveMobile AdaptiveMobile is the only mobile security company offering solutions designed to protect all of the services on the network. Our deep expertise and unique focus on network security, we continue to lead the market, a reason why many of the worlds leading security and telecom equipment vendors have chosen to partner with us. Our mission is to provide a safe and trusted mobile experience for consumers and enterprises worldwide.
Head Office: Ferry House, 48-52 Lower Mount Street, Dublin 2. Tel: +353 (1) 5249000 US Office: Adaptive Mobile Security Inc. 2591 Dallas Parkway, Suite 300, Frisco, TX 75034, Tel: +1 972 377 0014
Regional Sales Contact Numbers: UK Sales: +44 808 120 7638 Middle East Sales: +971 4 312 4423 Africa Sales: +27 837 044 111 Asia Sales: +603 2298 7275 European Sales: +353 (1) 524 9000
www.adaptivemobile.com

AdaptiveMobile LTE Whitepaper A4 1212

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

AdaptiveMobile LTE Whitepaper A4 1212

Загружено:

Авторское право:

Доступные форматы

Whitepaper

Mobile Network Security: The Challenges & Solutions in an LTE Landscape

Suspicious Tra c from Data Plane

PCRF The purpose of the EPC is to

Suspicious Tra c from Data Plane

for Analysis & Filtering

IP Information (optional) functionality in LTE, a number of additional telecom elements

PSTN & Other Networks

Old Core Network

The Adaptive Approach

URLs User agent information

Push AdaptiveMobile NPP+ for Analysis & Filtering

IP Messaging content (Email, MMS, SIP-based, OTT)

VoIP call setup requests

Suspicious Tra c from Data Plane TAP Internet

Social networking messages Collector

Mobile app data

AdaptiveMobile NPP+ for Analysis & Filtering

Evolved Packet Core

PDN PSTN & Other Networks

Old Spyware detection Core Network

Push AdaptiveMobile NPP+ for Analysis & Filtering

Suspicious Tra c from Data Plane TAP Collector

AdaptiveMobile NPP+ for Analysis & Filtering

Fig. 3 PCRF Option: A Limited Approach To Network Security

Evolved Packet Core

Suspicious Tra c from Data Plane

DPI Push Actions to DPI

Push AdaptiveMobile NPP+ for Analysis & Filtering

for Analysis & Filtering

LTE Network AdaptiveMobile Whitepaper

Mobile Network Security: The Challenges & Solutions in an LTE Landscape

Direct to User Plane Nod

Вам также может понравиться