The EU Agency for Cybersecurity (ENISA) continues its excellent effort on 5G security by issuing a report with suggested good practices for the secure deployment of Network Function Virtualisation (NFV) in 5G networks.
The report identifies some 60 security challenges for NFV, which it groups in seven categories:
- Virtualisation or containerisation;
- Orchestration and management;
- Administration and access control;
- New and legacy technologies;
- Adoption of open source or COTS;
- Supply chain;
- Lawful interception (LI).
It analyses the relevant security controls and recommends 55 best practices to address these challenges, across technical, policy and organisational facets.
Some of the main issues identified are ensuring the security of the virtualisation layer, to protect the rest of the network; avoiding breaches through server sharing; vulnerabilities from adopting open-source software; and increased security complexity through multi-vendor networks.
Like everything else from ENISA, the report is free. You don’t even have to enter your email address.
ENISA press release: Tackling Security Challenges in 5G Networks
ENISA NFV Security in 5G Report
Marin Ivezic is a Cybersecurity & Privacy Partner in PwC Canada focused on risks of emerging technologies.