As enterprises migrate their networks to 5G, this transition provides the potential
for vulnerability to some of the security risks associated with 5G. As an
unprecedented number of devices connect to enterprise and government networks, this
increases the potential for attacks and other threats.
Intelligent Security (also known as User Equipment to IP address Correlation, or
UEIP) helps correlate user equipment (UE) information with IP addresses by mapping
the subscriber ID and equipment ID to the IP address associated with traffic from
the UE. This helps to ensure consistent policy rule enforcement in your mobile
network Security policy. Intelligent Security with PFCP for N6 and SGI deployments
now provides enforcement for Security policy rules that are based on:
- the 5G subscriber ID
- the 5G equipment ID
- the 5G network slice ID for a 5G or hybrid (5G and 4G) LTE network
Administrators now have multiple deployment options for correlating IP addresses and
user equipment, including on perimeter interfaces (such as N6 for 5G and SGI for a
4G or LTE network).
To support the new deployment options, enable the
User Plane with GTP-U encapsulation option
if you're using the N1 or S1U interface or disable the option for SGi, N6, or RADIUS
deployments. In addition, support for UE-to-IP mapping is now available for the
PA-7000b and PA-5450 platforms.
This enables network administrators to extend Zero Trust policy rules for their 5G
and 4G networks by consistently verifying all subscribers, equipment, applications,
and data based on content and subscriber activity.