Network Equipment Security Assurance Scheme (NESAS)

Driving continual improvements in network equipment security across the mobile industry.

What is NESAS?

NESAS is a rigorous security framework covering mobile network equipment that is increasingly classified as national critical infrastructure.

Providing a universal industry standard and baseline requirements, NESAS demonstrates the ability of network equipment vendors to meet and maintain security levels – from product development right through product lifecycle management processes.

Specifically, NESAS covers equipment that supports functions defined by 3GPP and ETSI that is deployed by network operators.

Though NESAS Security Requirements were designed for telecommunications, they can apply to any digital element.

Why is NESAS important?

Covering everything from product design, through to final delivery and maintenance, NESAS is trusted across the world.

Vendors and their equipment are tested and audited against a security baseline, defined by industry experts through GSMA and 3GPP. So, NESAS reflects the security needs of the entire ecosystem – including regulators, mobile network operators, hyperscalers and equipment vendors. 

globe

Based on Universal industry standard

The standard continually evolves to meet the needs of the whole industry, based on GSMA specifications and standards – avoiding security requirements fragmenting regionally.

checklist

Robust independent auditing and testing

NESAS is an unbiased, industry-funded scheme. The GSMA works with internationally recognised partners to audit and test equipment, with selection criteria agreed by the GSMA NESAS Oversight Board.

rocket

Drives improvement

Audits and evaluations provide an opportunity for experts to give in-depth feedback and analysis – helping vendors improve their processes and products, while enhancing security across the wider industry.

junction

Streamlines vendor selection 

Determine successfully audited vendors and evaluated products allowing procurement teams to make informed decisions and comparisons

lightbulb

Benefits regulators

NESAS is a transparent and independent global scheme, reflecting the security needs of the entire ecosystem, which provides regulators with clear guidance and support for national security mitigations.

Practical examples of what NESAS can do 

Whether you’re a network equipment vendor, mobile operator or hyperscaler, the GSMA Network Equipment Security Assurance Scheme improves confidence in your security posture.

Network equipment vendors

Network equipment vendors

NESAS is designed to help you improve security levels, covering equipment and functions defined by 3GPP and deployed by MNOs on their networks.

  • Demonstrate to customers that your products reach the universal security standards relied on by the global industry.
  • Appear on the vendor list – providing assurance to customers and regulators, while supporting business development.
  • NESAS is globally relevant – no need for redundant security audits and tests in multiple markets.
  • Leverage ongoing security improvement with expert feedback from recognised auditors and testers.
test engineer

Mobile Operators

Mobile Operators

NESAS helps assure the security and resilience of your network. GSMA recommends that operators request their network equipment suppliers to participate in NESAS.

  • Have confidence in your network equipment with independent security assessments governed by the world’s leading mobile connectivity body.
  • The only network security scheme that’s defined by the industry (through the GSMA and 3GPP) – ensuring it keeps pace with threats and mitigations.
  • Streamline procurement and supply chain analysis with successfully audited vendors and evaluated products.
  • Reduce security testing by recognising testing by accredited test laboratories.
  • Compliance to NESAS security requirements evaluated by independent auditors and accredited laboratories.
Engineer hand using digital tablet testing the communications tower
Engineer hand using digital tablet testing the communications tower

Hyperscalers

Hyperscalers

Demonstrating NESAS conformity enables you to lead by example, advocating for higher security standards and practices within the cloud services and broader tech industry.

  • Participation in NESAS provides evidence-based assurance to customers that security is baked into your network equipment – from development to deployment.
  • Adherence to NESAS standards can serve as a key business differentiator.
  • Make your platforms more attractive for hosting sensitive applications, such as those handling financial transactions or core activity.
  • Encourages security by design culture across the network equipment vendor community.
Data Center IT Specialist and System administrator Talk, Use Tablet Computer, Wearing Safety West. Server Cloud Farm Facility with Two Information Technology Engineers checking Cyber Security.
Data Center IT Specialist and System administrator Talk, Use Tablet Computer, Wearing Safety West. Server Cloud Farm Facility with Two Information Technology Engineers checking Cyber Security.

Resources

Community Updates

Testimonials and resources of participating stakeholders.

post image
post image
post image
post image
post image
post image


Register your interest

Please get in touch if you need more information, would like to book a meeting, have a product demo or want to talk to us about your particular use case.