3G Mobile Network Security
White Paper
Executive Summary
Mobile operators need to recognize their newfound role as internet service providers
(ISPs). No longer do they just provide cellular voice services; now they also provide highspeed Internet Protocol-based (IP) data services. So as to offer a wider array of services
and content to their data subscribers, mobile operators are opening up their formerly
closed networks to numerous other mobile operators, data networks and the public
Internet.
As a result, mobile operator’s 3G networks are not only exposed to all the virtual
pathogens already in circulation, but also to mobile-specific viruses and Trojans, as well as
to direct attacks such as Denial of Service (DoS) on their networks from hackers and/or
criminal organizations. These types of attacks employ methods which wired ISPs have
been dealing with for a much longer period of time. There are also variations on these
attacks which exploit weaknesses in the architecture and some of the protocols used in
2.5G/3G cellular data networks.
To protect their networks and customers, then, mobile operators need to:
. Take an architecture approach to implementing security solutions in their network;
point solutions are not sufficient
. Deploy a variety of products in their networks, such as firewalls, intrusion
detection and prevention (IDP) and virtual private networks (VPNs)
. Make client-side anti-virus and firewall software readily available to their
subscribers who use data devices (e.g., feature phones with data capabilities,
smartphones, notebook computers)
. Be vigilant and adopt appropriate security policies that reflect the threats in the
2.5/3G world. This has additional ramifications given the widespread use of WiFi
and the general evolution toward networks based on the IP Multimedia
Subsystem (IMS) standard
. Be aware that their networks are only as secure as the weakest link. Mobile
operators need to work with each other, the ISP community and other telecom
providers to ensure that even the minimum amount of security is quite strong.
. Vigorously protect signaling as the migration of signaling traffic over IP creates
new risks. Mobile operators carry much more signaling traffic than their wired
counterparts and signaling is mission critical traffic.
This whitepaper will explore the following topics:
. Why 2.5/3G wireless networks are now vulnerable and at what points they are
vulnerable
. The types of attacks that can be perpetrated against those networks
. The types of products that can be deployed to help guard 3G networks
. The business implications of a network outage and a revenue impact model to
demonstrate the seriousness of such an outage
. Future threats to mobile operators, specifically regarding IMS which is being
deployed by fixed and mobile carriers around the world.
Finally, this paper also suggests some steps mobile operators can take to minimize the
risk to their networks and their customers.
More on : http://www.igr-inc.com/html/downloads/free_white_papers/3G_MobileSecurity_Jan07.pdf
source : igr-inc.com
0 Réponses vers “3g mobile network security whitepaper”