National Centre for communication Security (NCCS) has issued the draft Indian Telecommunication Security Assurance Requirements (ITSAR). It may be recalled that NCCS was set up in 2018 with the objective of establishing and operationalizing a framework of security testing and certification within the country. NCCS is mandated to prepare Telecom security requirements/standards called ITSAR.
ITSAR seeks to address the country specific security needs in telecommunication landscape and notify the same. It seeks to present a comprehensive country specific security requirement for the Network Function Virtualization (NFV) as applicable to the mobile generation technologies.
NFV allows for the network functions developed by various vendors to run on commercially off the shelf hardware (COTS) servers by using virtualization technologies. While the introduction of NFV in the mobile network has benefits of savings on OPEX/CAPEX and automation gain, the virtualization technologies, and the underpinning COTS hardware present new challenges to network security in realizing the network functions.
This document commences with a brief description of Network Function Virtualization (NFV) and then proceeds to address the security requirements of various facets of NFV.