This Telco Cloud Platform 5G Edition Intrinsic Security Guide summarizes the security risks and requirements that Communications Service Providers (CSPs) face as they transition to 5G networks and increasingly rely on virtualization and cloud computing, including network functions virtualization and cloud-native technology such as Containers and Kubernetes.

This guide describes how VMware technology helps you to implement security controls for the virtualization plane and its management and orchestration. This guide also describes how to combine VMware technologies into an architecture that protects telecommunication networks with intrinsic security.

After providing a brief overview of the VMware Telco Cloud layers, this guide highlights security requirements and solutions for the virtualization and management of telecommunication networks.

Intended Audience

This guide is intended for telecommunications and solution architects, sales engineers, field consultants, advanced services specialists, and customers who are responsible for the design, deployment, and operations of Telco Clouds, Virtualized Network Functions (VNFs), Cloud Native Network Functions (CNFs). This guide helps you to understand, assess, and mitigate 5G cybersecurity risks.

Acronyms

The following table lists the acronyms that are used frequently in this security guide:

Acronym	Definition
CNF	Cloud Native Network Function
CSP	Communications Service Provider
DEK	Data Encryption Key
KEK	Key Encryption Key
KMS	Key Management Server
NCSC	National Cyber Security Centre
NCCoE	National Cybersecurity Center of Excellence
NFV	Network Functions Virtualization
NFVI	NFV Infrastructure
NFVO	NFV Orchestration
NIST	National Institute of Standards and Technology
TSRs	Telecommunication Security Requirements
VDC	Virtual Data Center
VIM	Virtual Infrastructure Manager
VNF	Virtualized Network Function