Mavenir’s Cloud-Native Open vRAN and Packet Core Achieves GSMA NESAS Security Certification

Mavenir, the Network Software Provider building the future of networks with cloud-native software that runs on any cloud and transforms the way the world connects, today announced that it achieved GSMA’s Network Equipment Security Assurance Scheme (NESAS) security certification in  November 2021. Mavenir is the 6th global mobile network provider to receive  accreditation, joining vendors including Nokia, Ericsson, and Samsung to have  undergone an assessment and independent audit of their development and product  lifecycle processes to evidence how security is integrated into their design,  development, implementation, and maintenance processes. 

The GSMA NESAS, jointly defined by 3GPP and GSMA, provides an industry-wide  security assurance framework to facilitate improvements in security levels across the  mobile industry. 

Mavenir completed the certification across Mavenir’s portfolio including: • Open Virtualized 5G & 4G Radio Access Network (Open vRAN): fully  containerized Open vRAN solution including Centralized Unit (CU) and  Distributed Unit (DU). 

• 5G & 4G Packet Core: cloud-native and fully containerized mobile core. • Mavenir Webscale Platform (MWP): cloud-native solutions that include  Kubernetes based CaaS (Containers as a Service), PaaS (Platform as a  Service) and MTCIL (Telecom PaaS layer) along with a management layer with  full FCAPS, analytics, slice management and service orchestration. 

“As the industry’s only, end-to-end cloud-native network software provider, providing  secure products and solutions is of paramount importance to Mavenir. We are  pleased to achieve this important GSMA NESAS milestone for our cloud-native  products including vRAN, Packet Core and Containerized Platform. It is vital that  open and cloud-native solutions implement a secure product life cycle and  methodology for all design, implementation and operational processes”, says Mike  Barnes, Head of Product Security and Quality at Mavenir and Co-chair of the FCC’s  Communications Security, Reliability and Interoperability Council (CSRIC) VIII WG2  on Open RAN security.

Mavenir’s GSMA NESAS certification is a significant milestone which demonstrates  resilience in mitigating potential security vulnerabilities and the capability to provide robust, secure traditional and open solutions. NESAS compliance establishes that appropriate security principles are integrated into Mavenir’s design, development,  implementation and operational processes. 

GSMA’s NESAS provides a security assurance framework to enable continued  improvements in security levels across the mobile industry for secure product  development and product lifecycle processes, used by traditional network equipment  providers as well as network software vendors. NESAS helps avoid fragmentation of security requirements by providing a common set of security assurance and baseline  against which network equipment has been developed in accordance with vendor’s development and product lifecycle processes.