Identify security threats and traffic anomalies in 4G and 5G networks with Arbor Sightline Mobile

Identify security threats and traffic anomalies in 4G and 5G networks with Arbor Sightline Mobile
Click to Enlarge Image

Mobile consumer broadband traffic levels have escalated to levels previously associated with fixed line networks and will accelerate as new spectrum and 5G networks continue to roll out.

Unfortunately, threat activity on the mobile networks has matched the rapid growth in mobile connected users and mobile traffic due to a combination of Fixed Wireless Access CPE, vulnerable consumer IoT devices and increased gaming activity.  Consumer and SOHO infrastructure is a primary target for attack and enlistment into botnets just as in wireline deployments, and this has become an increasing problem for MNOs. To fully understand what is happening, and to mitigate any threat, whether east-west or north-south, User Plane and Control Plane traffic must be correlated to establish the identity of the devices involved in suspicious activities.  

NETSCOUT’s Arbor Sightline Mobile combines scalable threat detection with MobileStream for scalable user-plane and control plane monitoring in 4G, 5G NSA and 5G SA networks.

Benefits

Detect

Detect threats and DDoS attacks within the 4G/5G network.

Identify

Quickly identify impacted subscribers and devices for rapid isolation.

Protect

Correlate identity and user-plane traffic with underlying mobile core infrastructure for surgical mitigation.

Features

  • Discover Traffic Anomalies To or From Subscribers

    Detect potentially service-impacting traffic anomalies such as DDoS attacks generated by or destined for mobile devices. Instantly visualize detailed information on the nature of any anomaly and understand the impact the traffic has on the network and services, as well as the identity of the mobile devices involved.

  • Identify Compromised Subscribers

    Quickly identify compromised mobile devices by correlating traffic information with Indicators of Compromise (IoCs) at scale. Understand botnet populations within the network, and the risk they pose.

  • Identify Infrastructure Congestion and Perform Top Talker Analysis

    Easily identify top sources of traffic within the endpoint population. Identify top protocols and services and usage outliers to help tailor service offerings and identify Acceptable Use Policy violations.

  • Extend User-Plane Traffic Visibility

    Develop detailed views into real-time and historical user- plane traffic. Identify traffic mapping to the underlying routing topologies (with BGP) for traffic engineering, and capacity planning use cases.

Discover Traffic Anomalies To or From Subscribers
Click to enlarge image
Discover Traffic Anomalies To or From Subscribers

Detect potentially service-impacting traffic anomalies such as DDoS attacks generated by or destined for mobile devices. Instantly visualize detailed information on the nature of any anomaly and understand the impact the traffic has on the network and services, as well as the identity of the mobile devices involved.

Identify Compromised Subscribers
Click to enlarge image
Identify Compromised Subscribers

Quickly identify compromised mobile devices by correlating traffic information with Indicators of Compromise (IoCs) at scale. Understand botnet populations within the network, and the risk they pose.

Identify Infrastrucutre Congestion and Perform Top Talker Analysis
Click to enlarge image
Identify Infrastructure Congestion and Perform Top Talker Analysis

Easily identify top sources of traffic within the endpoint population. Identify top protocols and services and usage outliers to help tailor service offerings and identify Acceptable Use Policy violations.

Extend User-Plane Traffic Visibility
Click to enlarge image
Extend User-Plane Traffic Visibility

Develop detailed views into real-time and historical user- plane traffic. Identify traffic mapping to the underlying routing topologies (with BGP) for traffic engineering, and capacity planning use cases.