Ericsson and German Partnerships Drive Security Importance for 5G Enterprise Usage

Swedish Network Equipment Provider (NEP) Ericsson is underway with the buildout of the German Federal Office for Information Security (BSI) 5G/6G Security Lab, for which it won a contract in 2022. The 5G test infrastructure will allow the BSI to test security components on 5G networks (notably those for standalone infrastructure), with the goal of furthering the security of German telecommunications networks. Ericsson is providing its dual-mode 5G core solution and Radio Access Network (RAN) for the testbed.

The BSI is doing some advanced testing of 5G networks, to ensure that NEPs (and, ultimately, telco operators) can essentially guarantee security deep within their networks. The test infrastructure complements another BSI effort around 5G security involving the Network Equipment Security Assurance Scheme (NESAS) Cybersecurity Certification Scheme (CCS). NESAS is a joint effort by The 3rd Generation Partnership Project (3GPP) SA3 and GSMA, which provides tools for effective assurance testing. The BSI has developed a national product certification scheme based on it (called NESAS CCS-GI), which enables NEPs to obtain Information Technology (IT) security certification for their 5G mobile network equipment. Ericsson is already engaged in this process, alongside Huawei.

Ericsson has made some significant pushes in the German market with regard to offering 5G security. In June 2023, it announced a partnership with Deutsche Telekom to develop a secure 5G network slice Proof of Concept (PoC) that can link directly to a private cloud, executed on a standalone testbed. The configuration and provisioning are automated, meaning the enterprise user can simply use the network straight out of the box. The enterprise administrator uses the management interface to customize and configure the network.

Ericsson has been developing enterprise-focused offerings for telco operators in what is expected to be a multi-billion-dollar 5G network security market. ABI Research’s latest forecasts in this space estimate the enterprise opportunity to be worth US$17 billion by 2027 (see ABI Research’s 5G Network Security market data (MD-5GNSR-103)). Ericsson has positioned the Ericsson Security Manager, a 5G cybersecurity platform for network operators, so that they, in turn, can develop secure services for enterprise. The solution adds to the integration of multi-vendor network and security functions that Ericsson has worked into all domains of the telco network (RAN, transport, core, Operations Support System (OSS)/Business Support System (BSS)). The Security Manager includes asset discovery, security orchestration, posture management (baseline automation, vulnerability intelligence), threat management (Operations, Administration and Maintenance (OAM), RAN and cloud-native threat detection) and certification management (automation and Public Key Infrastructure (PKI)).

The capabilities offered by Ericsson are not unique; Nokia and Huawei are both offering similar solutions for telcos. These offerings are key for enticing enterprise usage of 5G, especially if telcos are going to successfully capitalize on revenue generation of slices and private networks. For enterprises, one of the key requirements for using 5G networks is the guarantee of security, alongside robust service-level management. Much of the financing for 5G network usage will come from IT budgets, so offerings will need to align with enterprise IT expectations. Further, many enterprises are not aware that telcos can provide relevant solutions in the space, so they tend to turn to known IT suppliers. Therefore, for telcos and the NEPs building the solutions, it is important to offer enterprise-grade solutions (the Ericsson-DT PoC is a case in point) that align with business use cases.