5G無線通訊具備低延遲、高頻寬與大連結的特性,順理成章為IoT無線通訊的首選;然而,使用5G需仰賴電信業者的頻譜與網路基礎建設,企業IoT通訊勢必無法由企業自行控管;且數據傳輸時必須經過多個有線網路節點,讓無線通訊低延遲的優勢被稀釋。
(影片為:受邀至Power Of X 科技講堂,談企業實現5G專網)
因此,由企業自建5G網路似乎成了最佳解方!然而這意謂企業不但要擁有5G頻譜執照,還要有能量建置並維運5G網路。當企業IT部門為網管與資安忙得焦頭爛額之際,自建5G專網是個合理的投資嗎?
若我們對企業專網的期待是讓企業能控管IoT通訊,且盡可能縮短有線傳輸的路徑,則自建不是唯一的路。PacketX發展的GRISM- MEC是行動邊緣運算閘道,能讓企業無需自建電信網路,依然能將IoT裝置之4G或5G通訊有效納管。
尤有甚者,GRISM-MEC與5G將成為企業資安的強大助力,茲舉數個應用情境如下:
a.利用萬物聯網的能力形成一個大型IoT接取平面,裝置間的東西向流量皆可受到查核(利用企業既有的網路安全設備),不再有資安死角的問題
b.以SIM卡為認證基礎,輕鬆達成IoT裝置資產控管與安全接入
c.自訂存取規則或匯入威脅情資,以限制IoT裝置或企業手機的上網權限
d.將管理網路平面建架構於5G專網形成實體隔離
The features of low latency, high peak data rate and greater number of connected devices has made the 5G Wireless Transmission the first choice for the IoT Wireless Communication. However, 5G Communication relies heavily on mobile operators’ infrastructure and frequency spectrum, making it impossible for enterprises to enforce network management and information security by themselves. Not to mention that the transmissions of data between IoT devices and IoT device to IT system are mostly carried on wired network. There is only a short part of the transmission is carried on 5G radio(from the base station to IoT devices), which seriously undermines wireless communication’s advantage of low latency.
To sort out the issues above, is building a private and small-scale 5G network without telco involved a good idea? It means enterprises will have to build 5G infrastructures, pay for the spectrum license and have a 5G operating team. When enterprises’ IT staffs already have their hands full with network management, information security and so on, does it still make sense to own a private 5G network?
If our goal is to make enterprises be able to monitor and secure IoT communication while strengthening their competitiveness by making the most of 5G, the private network is not your only choice.
With PacketX’s GRISM- MEC, a Mobile Edge Computing Gateway (MECGW), it implements the subscriber traffic breakout function with the mobile operator’s 5G infrastructure so that IoT devices can directly connect to the enterprise intranet to form the virtual private network while bypassing the mobile operator’s core network and backhaul. Thus, 5G operators can save a lot of backhaul resources. In the same time, the enterprise shortens the latency of IoT communication and makes existing network security functions apply on it.
What’s more, the combination of GRISM-MEC and 5G will be of enormous help to the information security of enterprises in the following situations:
Build an IoT device access plane to monitor a great number of devices. It creates the full visibility of the east-west traffic between the devices forthe network security functions to avoid blind spots.
Implement IoT device management and network access control by leveraging 5G mobile user equipment management mechanism.
Control Internet access and block malicious connections for IoT devices by MECGW with a IoC list imported.
Enterprises can migrate their management planes to their virtual private 5G networks to separate them from the data planes on the physical wired networks.