FS.33 Network Function Virtualisation (NFV) Threats Analysis

Person looking at mobile phone smiling, light is reflecting on face in dark room

This document aims to provide a comprehensive overview of the threats related to NFV and the underlying infrastructure and platforms hosting the NFV. The virtualization of network functions can be realized in several different ways and to varying degrees. A Virtualised Network Function (VNF) can be a complex virtual appliance running a complete operating system populated with several applications. It may have multiple layers of interaction and functionality and, in some instances, it may even have specific hardware requirements. A VNF can also be an isolated singular function running on a thin container-based kernel and have very limited interaction with its surrounding network entities. Containers, while being streamlined and generally smaller than more traditional virtual machines are exposed to the same NFV environment and suffer from the same vulnerabilities. In this document they are therefore treated as virtual machines and covered by the same risks and mitigation techniques if nothing else is stated in the risk or mitigation description itself.

Audience:  Technical security practitioner

Resource technology specifics: Network function virtualisation (NFV)

Resource type: Guideline

Resource enforcement: Voluntary

Resource certification type: Self-assessment

Key benefits
  • Outlines threats and vulnerabilities found within NFV
  • Outlines potential migrations to identified threats
  • Compiled by experts managing NFV for mobile operators

Contact the GSMA

Please get in touch if you need more information or have any queries about anything you see on our website.

Contact us