& cplSiteName &

Small Cells Exposed! Securing the Mini-RANs

Sarah Thomas

Small cells are one of the few network elements that are actually exposed to the full force of the outside world. That also means they are exposed to new security threats, as mobile network operators are just discovering.

The beauty of small cells is that they are compact and easily deployed on lamp posts, on the side of buildings, or any physical structure, indoors or outdoors. That also presents a key challenge -- they lack any physical security.

What's more, the fact they are hooked up to all-IP backhaul connections increases their vulnerability to hacking.

"Because of the physical vulnerability and accessibility of public access small cells, many operators will deploy security solutions like IPsec encryption to support their public access small cells," says Heavy Reading analyst Patrick Donegan.

Vitesse Semiconductor Corp. (Nasdaq: VTSS), which builds silicon for small cells, is addressing this issue. Uday Mudoi, the company's VP of product marketing, says the main message to carriers is that Layer 3 IPsec alone won't do the job. It's already popular in the network core, he says, but it's power hungry, processor hungry, and it's harder to scale to a higher speed since it is so processing oriented.

Because of that, a number of carriers including Verizon Wireless , Sprint Corp. (NYSE: S), and AT&T Inc. (NYSE: T), are looking for alternatives, he says. (See Vitesse Targets Small Cells.)

Small cells, he says, need Layer 2 MACsec alongside a standardized encryption process, so they can interoperate with the various other small cells deployed in any given network. It's not as simple as it is on the macro network, however. Adding encryption to small cells can throw off timing in the backhaul by adding extra bytes, which can lead to delays. Mudoi says standards bodies are currently looking at how security mechanisms can coexist with the timing requirement.

Security is of vital importance to small cells, but it's probably not the issue that's holding the market back from wide-scale LTE and multimode small cell deployments. Mudoi says that's because the operators aren't yet ready to think about it. They are too busy working out more basic questions, like what their deployment model is for public access small cells, or whether they will use line-of-sight or no-line-of-sight backhaul. (See Synching Up Small-Cell Backhaul.)

"There are reasons beyond security why people aren't completely converged on figuring out a deployment model," Mudoi says. "Security and timing are starting to become more and more important. Will I go for line-of-sight? At which frequency band? Once those things are resolved, timing and security become more important."

Another good reason for operators to get the security right, says Mudoi, is that, in the US, the Department of Defense won't allow a carrier to operate a network without encryption. That means operators have to care, and they are starting to think more about what the means. "I think I'm seeing a lot more conversation in the industry about security and encryption now than I've seen in the last year," Mudoi says.

— Sarah Reedy, Senior Editor, Light Reading

Interested in learning more on this topic? Then come to Mobile Network Security Strategies, a Light Reading Live event that takes place on December 5, 2013 at the Westin Times Square Hotel in New York City. For more information, or to register, click

(15)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
<<   <   Page 2 / 2
11/27/2013 | 1:15:58 PM
Secure Small Cells
Think about this...cellular networks are more secure than Wi-Fi networks, right?  Licensed vs unlicensed spectrum, security built in at several network layers.  And small cells would be managed by the mobile operators rather than a third-party vendor handling Wi-Fi offload, right?  So it probably would make sense that the operators won't deploy until the small cells are as secure as the macro network.  As someone so rightly said, this is just one issue.

We (folks in and covering the industry) have been talking about small cells for at least four years and regardless of all the hype nothing seems to be coming soon, for a number of reasons.

Security is a real concern here - and not just the physical location, but how to connect these suckers to do what everyone thinks they should do.

Good reading Sarah.
Carol Wilson
Carol Wilson
11/27/2013 | 12:24:48 PM
Re: Deployment delays?
The industry's typical response has been to build and deploy first, secure later but that is changing, so it will bel interesting to see which way it goes here. 
11/27/2013 | 10:46:55 AM
Deployment delays?
So, is this issue actually causing some delays in broader deployment if carriers are looking around for alternatives to IP sec encryption? Mudoi kind of implies that before saying that carrier might be too busy working out other issues to think about it yet. But, if security is so important, it seems like it should be moved to a front burner.
11/27/2013 | 10:28:41 AM
Re: What about physical security?
I don't many reports of vandalism on utility companies in general.  With the backhaul available to connecting alarming mechanisms, even cameras at the sites, it shouldn't be a big issue.
Carol Wilson
Carol Wilson
11/27/2013 | 9:57:04 AM
What about physical security?
If these little cells at risk from  physical tampering and theft, what are mobile network operators (and their vendors) doing about that?
<<   <   Page 2 / 2
Featured Video
Upcoming Live Events
October 22, 2019, Los Angeles, CA
November 5, 2019, London, England
November 7, 2019, London, UK
November 14, 2019, Maritim Hotel, Berlin
December 3-5, 2019, Vienna, Austria
December 3, 2019, New York, New York
March 16-18, 2020, Embassy Suites, Denver, Colorado
May 18-20, 2020, Irving Convention Center, Dallas, TX
All Upcoming Live Events