Network Equipment Security Assurance Scheme (NESAS)
Driving continual improvements in network equipment security across the mobile industry.
What is NESAS?
NESAS is a rigorous security framework covering some of the most vital aspects of national critical infrastructure.
Providing a universal industry standard, it highlights the ability of network equipment vendors to meet and maintain security levels – from product development right through lifecycle management processes.
Specifically, it covers equipment that supports functions defined by 3GPP and is deployed by MNOs on their networks.
Why is it important for your business?
Covering everything from product design, through to final delivery and maintenance, NESAS is trusted across the world.
Vendors and their equipment are tested and audited against a security baseline, defined by industry experts through GSMA and 3GPP. So, it reflects the security needs of the entire ecosystem – including regulators, mobile network operators, hyperscalers and equipment vendors.
Universal industry standard
The standard continually evolves to meet the needs of the whole industry, based on 3GPP + GSMA standards – avoiding security requirements fragmenting regionally.
Robust independent auditing
NESAS is an unbiased, industry-funded scheme. The GSMA works with internationally recognised partners to audit and test equipment, with selection criteria agreed by the GSMA NESAS Oversight Board.
Drives improvement
Audits and evaluations provide an opportunity for experts to give in-depth feedback and analysis – helping vendors improve their processes and products, while enhancing security across the wider industry.
Streamlines vendor selection
The list of accredited vendors provides near real-time visibility of security status, allowing procurement teams to make informed decisions and comparisons.
Benefits regulators
With one transparent and independent global scheme, reflecting the security needs of the entire ecosystem, regulators have clear guidance and support for national security mitigations.
Practical examples of what it can do
Whether you’re a network equipment vendor, mobile operator or hyperscaler, the GSMA Network Equipment Security Assurance Scheme improves confidence in your business.
Network equipment vendors
Network equipment vendors
NESAS is designed to help you improve security levels, covering equipment and functions defined by 3GPP and deployed by MNOs on their networks.
- Demonstrate to customers that your products reach the universal security standards relied on by the global industry.
- Appear on the vendor list – providing assurance to customers and regulators, while supporting business development.
- One audit does it all – no need for repeated security testing in multiple markets.
- Leverage ongoing security improvement with expert feedback from specialist auditors.
Mobile Operators
Mobile Operators
NESAS helps assure the security and resilience of your network. GSMA recommends that operators request their network equipment suppliers to participate in NESAS.
- Have confidence in your network equipment with vendor certification from the world’s leading mobile connectivity body.
- The only network security scheme that’s defined by the industry (through the GSMA and 3GPP) – ensuring it keeps pace with threats and mitigations.
- Streamline procurement and supply chain analysis with instant visibility of vendor security levels.
- Reduce security testing by outsourcing baseline testing to accredited test laboratories.
- Conformance tested by independent auditors and accredited laboratories.
Hyperscalers
Hyperscalers
Demonstrating NESAS conformity enables you to lead by example, advocating for higher security standards and practices within the cloud services and broader tech industry.
- Participation in NESAS provides evidence-based assurance to customers that security is baked into your network equipment – from development to deployment.
- Adherence to NESAS standards can serve as a key business differentiator.
- Make your platforms more attractive for hosting sensitive applications, such as those handling financial transactions or core activity.
- Encourages security by design culture across the network equipment vendor community.
Updates
The latest on our products, including GSMA Working Group PRDs and events.
27 September, 2024
NESAS: The vendor perspective
How it’s bringing clarity and confidence for growth In today’s interconnected and rapidly evolving technology ...
Learn more9 May, 2024
Ericsson and NESAS
Hear from Louise Livijn, Security Strategy and Assurance Lead, Ericsson about how audits can help avoid blind spots in ...
Learn more1 May, 2024
NCC – NESAS Auditor and Test Lab
Watch the video below to hear from Chris Proctor, Senior Advisor, Associate Director, NCC Group to discover how this ...
Learn more1 May, 2024
Oracle and NESAS
Watch Matt Beal, Group Vice President, Oracle Communications discuss GSMA Network Equipment Security Assurance Scheme (NESAS) ...
Learn moreResources
Test Labs and Auditors: find out who supports us to maintain the integrity of the scheme
NESAS Documents: see the latest 3GPP and NESAS Scheme Documents
Test results: see which vendors have demonstrated their conformance
Vendors: Find out who is currently a member of the NESAS scheme