Holistic security management will be essential to ensuring security and privacy in 5G and IoT.
Ericsson Security Manager makes security visible with an end-to-end automated and repeatable process. Security Manager provides fast detection of network anomalies based on security analytics and demonstrates adaptive security by looping back analytics to the policy automation.
Ericsson Security Manager provides industry standards-based security policy driven security automation, compliance monitoring and security analytics functions required by modern ICT business. It helps to automate security controls, maintains them in desired level even in changing threat landscape and shortens the average reaction time to respond to possible breaches.
Up to 80% of technical controls depicted in service provider security policies can be converted into policies managed and monitored by Ericsson Security Manager in a repeatable process. Ericsson Security Manager supports industry standard security policy frameworks, e.g. ISO, NIST, CIS Benchmarks, EU GDPR, CTIA IoT, CSA, Ericsson baseline security requirements and customer own security policies.
Median time for attack detection is currently several months. Ericsson Security Manager performs continuous protection including security analytics, which can turn data into powerful security insights and actions, covering vulnerabilities, threats, risks, and fraud events. To ensure faster response to any identified threats and anomalies, a high degree of automation is offered to loop-back analytics results to security automation.
Ericsson Security Manager addresses the following pain points:
- Lack of visibility of security in the telecom and IoT network
- Ever growing amount of manual work
- Security and privacy compliance incresingly important
- Limited ability to detect attacks and trigger efficient mitigation and response
- New 5G & IoT threats
Ericsson Security Manager provides a solution for end to end security management, supporting different domains consisting of different trust anchors and security functions. It provides support for horizontal end to end management across all domains. Different security policy sets can be applied to different domains and adjusted based on the analytics results in horizontal level.
Security Manager provides unique industry standards-based security policy security orchestration and management coupled with advanced security analytics capabilities. In short, it provides
- One unified, end to end view for security automation and identity management
- Ericsson policy catalog aligned with industry standard security frameworks including pre-defined policy families, policies, and controls
- Automated execution of security policies i.e. configuration enforcement for security controls and functions per defined policy sets
- Automated compliance monitoring for the enforced policy sets
- Rule-based analytics for known threats based on logs and events collected from the network
- Vulnerability management through Ericsson PSIRT (Product Security Incident Response Team) vulnerability feed and support for external vulnerability scanners
- Machine-learning based analytics capabilities detecting network anomalies and unknown threats for different use cases
- Support for Ericsson Threat Intelligence services sharing indicators of compromise with other parties
- Support for workflows providing support for different type of action flows based on the analytics results that may require security expert involvement or approval e.g. to instantiate temporary security controls
- Reporting functions e.g. for providing compliance reports for auditors
Security Manager is an essential part of evolved networks where security functions, policies and related configurations are dynamically deployed and adjusted across domains, often in multi-vendor environments.