Nokia has expanded its security portfolio to help operators tackle the “multifaceted” task of securing networks in the smartphone and IoT era.
Two new solutions have been introduced by the Finland-based vendor.
First, a Network Access Guard incorporates a centralised control system that offers access management to operators’ network systems.
It provides an employee sign-in and authentication process, and monitors access to network elements by tracking users session via audit logging. It can also be programmed to allow “privileged” users to access critical network elements.
The multi-vendor solution is compatible with traditional, virtualised and software-defined networks, Nokia said.
Giuseppe Targia, Vice President of Nokia’s Security Business, commented: “Multivendor and multi-technology deployments in mobile networks create a challenge in managing access control policies from a security perspective, thus making it difficult to protect the network from insider threats or internal staff errors. This is why a new, carrier-scale, identity access management strategy is needed."
Second, a Signalling Security Solution has been launched to tackle vulnerabilities in the Signalling System 7 (SS7) network protocol and prevent hacking and DDoS attacks.
It can track SS7 sessions and inspect traffic in real time, thereby enabling it to detect attacks that Nokia claimed “would not be recognised by conventional SS7 network elements.” It can also block attempts to hijack user profiles, the vendor added.
The solution is also able to assess operators’ network security and highlight vulnerabilities that could lead to breaches or disruptions to the service.
According to Nokia, SS7 attacks can allow hackers to track devices with a precision of up to 50 metres.
Targia said: "SS7, a well known protocol within the telecom network industry used by hundreds of cellular companies to operate and communicate with one another, has been shown to be vulnerable. Thus operators nowadays need an easy way to deploy an SS7 security solution in order to protect the network against privacy and fraud attacks.
“Security in network operations involves a number of critical aspects, and with these new launches we are addressing two of the most important ones.”