SOURCE: Stoke, Inc.

Stoke, Inc.

September 29, 2014 10:00 ET

Stoke Outlines Key Security Strategies to Protect Shared LTE Networks and Provide Inter-Carrier Traffic Identification

Security Together With DIAMETER-Based Accounting and Policy Management Defuses New Risks and Enables Accurate Billing in Shared LTE Infrastructures

SANTA CLARA, CA--(Marketwired - Sep 29, 2014) - LTE network sharing is on the rise, encouraged by regulators to speed penetration of advanced broadband and increasingly adopted by operators to improve the economics of entering or expanding their LTE base. In any shared mobile infrastructure environment, it is critical to protect and encrypt each partner's traffic, and to provide mechanisms to enable accurate billing, says LTE security developer Stoke.

"One of the key challenges in completing a network share is the ability to identify and assign relative valuations for each operator's traffic as it is shared or transferred over the network," said Dilip Pillaipakam, Vice President of Product Management and Marketing at Stoke.

"It is also vital to enable accurate, secure inter-carrier accounting. This requires the creation of charging and policy management mechanisms between sharing partners at a common, clear-text aggregation point, as well as additional security at the border of the radio access network and the LTE operator core."

The economics of building LTE network capacity are driving carriers worldwide to share infrastructure costs wherever possible, although they are cautious about the potential risks of exposing their traffic to competitors.

Regulators in many countries, aware of these competitive issues as well as the inherent vulnerabilities of LTE networks, already mandate IPsec over the backhaul in shared networks. Equally, operator participants in shared networks look to their wholesale network provider to encrypt their traffic all the way through to the network core. In addition, the wholesaler needs mechanisms to implement policy enforcement at the common aggregation point in the event that a partner is in violation of the service level agreement.

Mobile networks are becoming more valuable as security targets and are subject to more frequent attacks. A 2013 Mobile Network Security Survey*1 of 76 operators found that over 60% had experienced service outages or degradations of an hour or more as a result of a Distributed Denial of Service (DDoS) attack. In shared environment, such attacks can impact multiple operators, with disruption to an even broader subscriber base.

"Points of vulnerability are magnified in shared LTE environments, because of factors like operator partners' need to exchange data for subscriber management and billing, differences between carriers' controls and security approaches, and the numbers of remote cell sites that are now part of the mix," added Pillaipakam. "Furthermore, since in LTE each cell site may be associated with as many as 16 interfaces into the network core, the mobile access border represents a significant security risk to operators and users."

The crucial area and first point of defense is at the edge of the radio access network, before the traffic passes through the telco data center. The Stoke security gateway is situated in this natural aggregation spot in the network and also features the ability to provide latency-free traffic security as well as DIAMETER-based inter-carrier accounting and policy enforcement.

About Stoke
Stoke, Inc. delivers gateway solutions for the mobile border, securing LTE communications between the radio access network and the operator core, protecting subscribers while safeguarding critical mobile core infrastructure. Our products have been selected by the world's leading mobile network operators for technical excellence and quality, and we partner with leading industry equipment providers and systems integrators to ensure ongoing success and innovation. Stoke is the global market leader in deployed LTE Security Gateways with offices in the US, UK, France, Spain, Japan, Korea and Singapore. For more information, visit

1 Arbor Networks PeakFlow data sheet, referencing Heavy Reading 2013 Mobile Network Security Survey