Mavenir’s Cloud-Native Open vRAN and Packet Core Achieves GSMA NESAS Security Process Conformance

For 5G vRAN, 4G vRAN, 5G Packet Core, 4G Packet Core and Mavenir Cloud-Native Webscale Platform product lines


Richardson, Texas – January 27th, 2022: Mavenir, the Network Software Provider building the future of networks with cloud-native software that runs on any cloud and transforms the way the world connects, today announced that it successfully completed  GSMA’s Network Equipment Security Assurance Scheme (NESAS) security assessment in November 2021. Mavenir is the 6th global mobile network provider to have undergone an assessment and independent audit of their development and product lifecycle processes to evidence how security is integrated into their design, development, implementation, and maintenance processes.

The GSMA NESAS, jointly defined by 3GPP and GSMA, provides an industry-wide security assurance framework to facilitate improvements in security levels across the mobile industry.

Mavenir’s comprehensive secure product life cycle processes are used with products across Mavenir’s portfolio including:

  • Open Virtualized 5G & 4G Radio Access Network (Open vRAN): fully containerized Open vRAN solution including Centralized Unit (CU) and Distributed Unit (DU).
  • 5G & 4G Packet Core: cloud-native and fully containerized mobile core.
  • Mavenir Webscale Platform (MWP): cloud-native solutions that include Kubernetes based CaaS (Containers as a Service), PaaS (Platform as a Service) and MTCIL (Telecom PaaS layer) along with a management layer with full FCAPS, analytics, slice management and service orchestration.

“As the industry’s only, end-to-end cloud-native network software provider, providing secure products and solutions is of paramount importance to Mavenir. We are pleased to achieve this important GSMA NESAS milestone for our cloud-native products including vRAN, Packet Core and Containerized Platform. It is vital that open and cloud-native solutions implement a secure product life cycle and methodology for all design, implementation and operational processes”, says Mike Barnes, Head of Product Security and Quality at Mavenir and Co-chair of the FCC’s Communications Security, Reliability and Interoperability Council (CSRIC) VIII WG2 on Open RAN security.

Mavenir’s GSMA NESAS certification is a significant milestone which demonstrates resilience in mitigating potential security vulnerabilities and the capability to provide robust, secure traditional and open solutions. NESAS compliance establishes that appropriate security principles are integrated into Mavenir’s design, development, implementation and operational processes.

GSMA’s NESAS provides a security assurance framework to enable continued improvements in security levels across the mobile industry for secure product development and product lifecycle processes, used by traditional network equipment providers as well as network software vendors. NESAS helps avoid fragmentation of security requirements by providing a common set of security assurance and baseline against which network equipment has been developed in accordance with vendor’s development and product lifecycle processes.

Dark Mode