This Telco Cloud Platform 5G Edition Intrinsic Security Guide summarizes the security risks and requirements that Communications Service Providers (CSPs) face as they transition to 5G networks and increasingly rely on virtualization and cloud computing, including network functions virtualization and cloud-native technology such as Containers and Kubernetes.

This guide describes how VMware technology helps you to implement security controls for the virtualization plane and its management and orchestration. This guide also describes how to combine VMware technologies into an architecture that protects telecommunication networks with intrinsic security.

After providing a brief overview of the VMware Telco Cloud layers, this guide highlights security requirements and solutions for the virtualization and management of telecommunication networks.

Intended Audience

This guide is intended for telecommunications and solution architects, sales engineers, field consultants, advanced services specialists, and customers who are responsible for the design, deployment, and operations of Telco Clouds, Virtualized Network Functions (VNFs), Cloud Native Network Functions (CNFs). This guide helps you to understand, assess, and mitigate 5G cybersecurity risks.

Acronyms

The following table lists the acronyms that are used frequently in this security guide:

Acronym

Definition

CNF

Cloud Native Network Function

CSP

Communications Service Provider

DEK

Data Encryption Key

KEK

Key Encryption Key

KMS

Key Management Server

NCSC

National Cyber Security Centre

NCCoE

National Cybersecurity Center of Excellence

NFV

Network Functions Virtualization

NFVI

NFV Infrastructure

NFVO

NFV Orchestration

NIST

National Institute of Standards and Technology

TSRs

Telecommunication Security Requirements

VDC

Virtual Data Center

VIM

Virtual Infrastructure Manager

VNF

Virtualized Network Function