5G Security Operations — SOC for 5G Core Networks · Pro

Containment strategies — isolating compromised NFs

Containment Options for Compromised NFs

Containing a compromised NF requires choosing among several options based on attack severity and operational constraints. Option 1 — NRF deregistration: remove the NF from the discovery pool. Other NFs stop routing traffic to it. The NF remains running for forensic analysis. Lowest service impact, highest visibility. Option 2 — OAuth token revocation: revoke all tokens issued to or by the compromised NF. The NF can no longer make SBI calls. Effective for SBI-layer attacks, may break legitimate functions. Option 3 — Network isolation: firewall the NF off from the SBI network entirely.…

Continue reading with Pro

Your free trial has ended. Subscribe to unlock the full lesson plus all 32 advanced levels, 900 lessons, labs, and 17 TELCOMA certification exams.

$19/month or $199/year·7-day money-back guarantee·Cancel anytime