India
is bolster the security of its telecommunications infrastructure with the
implementation of the Mandatory Security Certification (MSC) for the Session
Management Function (SMF) of the 5G Core network. The National
Center for Communication Security (NCCS) has announced that, effective January
1, 2025, this certification will become mandatory.
What is the Session Management
Function (SMF)?
The
Session Management Function (SMF) is a crucial element within the 5G
Core network. It manages various critical aspects of network operation
including session management, policy enforcement, charging, and IP
address management. Specifically, the SMF is responsible for:
- UE IP Address
Allocation & Management: Handles the assignment and
management of IP addresses for user equipment (UE). - DHCP Functions: Implements DHCPv4
and DHCPv6 roles, both as server and client. - UPF Selection and
Control: Selects the User Plane Function (UPF) and
controls functions such as ARP proxy and IPv6 Neighbor Discovery. - Traffic Steering: Configures how
traffic should be directed at the UPF to ensure proper routing to the
desired destination. - Policy Control
Integration: Terminates interfaces toward policy control functions
to ensure compliance with network rules. - Charging and Lawful
Interception (LI): Manages the collection and coordination of charging
data and ensures support for lawful interception where required.
These
functions are vital to ensure a seamless, secure, and effective operation of
the 5G Core network, particularly as the number of connected devices continues
to rise exponentially.
Timeline for Security Certification
The
Mandatory Security
Certification for the SMF will be required starting January 1, 2025.
However, companies can begin the certification process now, as it is voluntary
until December 31, 2024. Early certification offers a significant advantage
for manufacturers and operators, allowing them to ensure compliance before the
official enforcement date.
This
proactive approach by the NCCS aims to preempt security vulnerabilities within
5G networks, which are becoming increasingly important in critical
infrastructure, industry, and daily communications.