Securing Semtech’s (Formerly Sierra Wireless)Managed Connectivity Services and Mobile Virtual Network with Defense in Depth

2024-04-20 Sierra Wireless Blogs
Sierra Wireless Sierra Wireless Sierra Wireless Sierra Wireless

As a leading provider of Managed Connectivity Services and a Mobile Virtual Network Operator (MVNO), Semtech (Formerly Sierra Wireless) oversees the secure operation of a complex critical infrastructure platform relied on by customers around the world. With customers relying on connectivity to maintain data communications with endpoints ranging from critical infrastructure, to mobile-connectivity for first responders, to border-crossing cargo shipments that require asset tracking our teams take this responsibility seriously. We are proud to share some insight into some of the key measures we take to keep our customers safe, secure, and connected, as well as how those measures fit into our broader strategy. First, some background. 

 

What is a Mobile Virtual Network Operator? 

A Mobile Virtual Network Operator, or MVNO, is a mobile communications provider that offers service to their customers using infrastructure owned and operated by a traditional Mobile Network Operator (MNO). Through this model, MVNOs can provide customers with additional value on top of mobile connectivity. As MVNOs can partner with multiple MNOs, they can offer customers one-stop connectivity that spans the operating areas of more than one MNO without the customer needing to manage each of the different carriers. This means that an MVNO can provide transparent service on a global scale, giving customers unmatched flexibility and efficiency. MVNOs can also offer customers a range of additional services for managing connectivity that go beyond what individual MNOs make available to customers.

  

What security threats do MVNOs face? 

Due to an MVNO’s reliance on their partner MNOs for the infrastructure used for underlying connectivity, they are not responsible directly for the security of that telecommunications infrastructure. That responsibility falls to the MNO. Nonetheless, MVNOs face a threat landscape. To deliver their services, MVNOs need significant access to their MNO partner’s infrastructure, and attackers see MVNOs as a path to attempt to compromise the underlying mobile telecommunications infrastructure. Further, an attacker who can disrupt the operations of an MVNO can have a significant impact across the MVNO’s customers that exceeds the impact of affecting a single MNO. Examples of threats faced by an MVNO include: 

  • Tampering with data in transit, impacting the integrity of information 

  • Theft or disclosure of sensitive information transiting the MVNO 

  • Disruption and interruption of services, denying communications to critical customers 

  • Theft of customer and subscriber information from the MVNO, or destruction of customer data 


How has Semtech responded to these threats? 

Semtech has implemented a robust cybersecurity and resilience program across our MVNO footprint with focused investment in tools, technologies, strong practices, and training. Combined with around-the-clock monitoring, layered resilience, and business continuity practices, this gives Semtech the depth of defense needed to combat today’s threats and tomorrow’s. 

 

Semtech’s Strategy for Protecting Our Customers and MVNO Infrastructure  

Defense in Depth

Semtech recognizes that there is no single measure or practice that is going to ensure that our MVNO operates with the level of security our customers need and expect. Reflecting the myriad types of threats previously described, we employ a Defense in Depth strategy built on a range of different technologies. Our cybersecurity partners, all industry leaders, provide us with the tooling and systems we need, and enable the following capabilities: 

  • 24x7 Managed Endpoint Detection and Response (EDR) – monitoring and actively responding to threats within our infrastructure 

  • Web Application Firewalls – Intelligently monitoring network traffic and actively preventing high risk or suspicious activity 

  • Telecommunications-specific cybersecurity appliances designed to protect cellular-related network protocols 

  • Vulnerability Scanners – Ongoing, regular scanning of internal and externally facing infrastructure for vulnerabilities and risks 

  • Active Asset Detection & Management – Centralized aggregation of asset data with a wide range of data sources from across our footprint, supporting risk detection and asset management 


Secure Practices

Cybersecurity, particularly for complex entities like MVNOs, is not solely about the use of industry leading technologies. Secure practices must be leveraged during the design, implementation, and operation of the infrastructure to provide robust protection and to get the maximum security value from technical controls and capabilities. Some of the key operational and architectural practices used by Semtech’s MVNO include: 

  • Workload isolation and segregation – Zero-trust VLAN design using leading-edge firewall protection to isolate workloads 

  • Data Encryption – Use of Virtual Private Networks (VPN) to encrypt partner and carrier connectivity, as well as encryption of data at rest 

  • System Hardening - Operating System and Shell Hardening following Center for Internet Security (CIS) Version 8 guidance 

  • Lifecycle Management – Workflows and practices in place to ensure that systems and infrastructure remain current and supported 

  • Vulnerability and Patch Management – regular operational practices to monitor for vulnerabilities and threats, and applying patches and mitigation measures in a timely manner 


Reducing Human-Vulnerability

Recognizing that well-trained employees are a key part of keeping infrastructure secure, Semtech requires all employees to participate in mandatory cybersecurity training annually. Further advanced cybersecurity training is available for employees in cybersecurity-specific or sensitive roles. All workstations used by employees to interface with sensitive systems, including customer-facing platforms, are also deployed with security measures including 24x7 Managed EDR monitoring and response, network layer web filtering and threat prevention, and advanced Multi-Factor Authentication (MFA). These measures help our employees do their jobs in the most secure way possible. 

 

Business Continuity and Resilience

  • Physical data centers are all Tier 2 data center compliant. To achieve high availability, multiple geographically dispersed data centers run in an active-active configuration with multiple instances of underlying services similarly configured. This provides continuous services to our customers in a disaster or cyber event. 

  • A robust backup strategy is a key part of the Semtech data protection policies. Backup and restoration centers around a combination of on- and off-premise data storage using data archiving techniques supporting immutability. Semtech policies further require regular testing of our backups to ensure the recoverability of data in the event of a disaster of any size. All backup solutions include rollback solutions.


 Audits and Penetration Testing 

Even after implementing all the technologies, operational practices, and policies referenced in this document, it is still critical to know if all your capabilities are operating as anticipated and with the expected operational impact. Semtech relies on regular security assessments and red team testing by recognized third parties to evaluate not just the presence of our controls but their effectiveness. Lessons learned from each successive testing engagement flow back into the workflows noted here, reinforcing strengths and ensuring any weaknesses are quickly addressed. 

  • We engage a 3rd party security services provider at least once per year to perform an Internet facing vulnerability and penetration test.  

  • MVNO-specific security audits are performed by a third party specializing in the unique and advanced infrastructure, protocols and architectures used by an MVNO to deliver services. 

  • Semtech performs regular internal audits and security assessments as well, in addition to tracking our alignment with our selected industry security benchmarks. 


Conclusion 

Semtech is committed to delivering secure Managed Connectivity Services to our customers through the responsible operation of our MVNO infrastructure. Recognizing the numerous threats faced by MVNOs, Semtech employs a defense-in-depth security strategy built on industry-leading tools and recognized practices supported and verified by third-party assessments and audits. Together with security training and robust asset management, Semtech delivers efficient, reliable operation for our customers built on a secure foundation. As customer needs, telecommunications technologies, and threats continue to evolve, Semtech is resolved to continue maturing and evolving to keep pace and remain a trusted partner and provider for our customers. 


授权代理商:世强先进(深圳)科技股份有限公司
技术资料,数据手册,3D模型库,原理图,PCB封装文件,选型指南来源平台:世强硬创平台www.sekorm.com
现货商城,价格查询,交期查询,订货,现货采购,在线购买,样品申请渠道:世强硬创平台电子商城www.sekorm.com/supply/
概念,方案,设计,选型,BOM优化,FAE技术支持,样品,加工定制,测试,量产供应服务提供:世强硬创平台www.sekorm.com
集成电路,电子元件,电子材料,电气自动化,电机,仪器全品类供应:世强硬创平台www.sekorm.com
  • +1 赞 0
  • 收藏
  • 评论 0

本文由FY转载自Sierra Wireless Blogs,原文标题为:Securing Semtech’s Managed Connectivity Services and Mobile Virtual Network with Defense in Depth,本站所有转载文章系出于传递更多信息之目的,且明确注明来源,不希望被转载的媒体或个人可与我们联系,我们将立即进行删除处理。

相关研发服务和供应服务

评论

   |   

提交评论

全部评论(0

暂无评论

相关推荐

Sierra Wireless(司亚乐)通信模组/Wi-Fi & 蓝牙模组/GNSS模组选型表

目录- 通信模组    蓝牙wifi模组    GNSS模组   

型号- WP7608-1 GPS Q-M2M,1104197,1103383,HL7800 M1/NB1,EM7565 M2M,1104196,1104195,HL7845,1104194,1103783,1105043,1104198,1104231,EM7590,EM系列,XM1210,1104193,WP7702 GPS Q-M2M,WP7609 GPS Q-M2M,1104192,BC127-EXT-APTX,1103706,WP7607 R2C Q-M2M,1104918,1103708,WP7607-1 R2C GPS Q-M2M,1104912,RC7620 Q-M2M,RC7611 DO Q-M2M,1104186,WP7609 Q-M2M,1105036,WP7608 GPS Q-M2M,1105030,1103892,1103891,WP7610 GPS Q-M2M,WP系列,1104904,EM7511,1104628,1104903,WP7702 R2C GPS OCTAVE,BC127-APTX,EM7590 Q-M2M,1104743,1104742,EM7565 Q-M2M,1104902,1105039,1104866,WP7607 R2C GPS Q-M2M,1105023,1105024,1105025,EM7431 Q-M2M,1105026,1105020,EM9191 5G SUB6 FULL,1105021,RC7611,HL7802 M1/NB1/2G R2C,1105022,RC7611-1 DO Q-M2M,RC7630 R2C Q-M2M,RC系列,WP7610 Q-M2M,1105027,1104681,RC7620 GNSS Q-M2M,1104680,1104201,1104200,1104287,XS1110,EM7511 M2M CBRS,WP7611 R2C GPS Q-M2M,1103917,1104324,HL7800 R2C,1104686,1104323,XA1110,1104846,1104208,1104207,1104328,HL7800,RC7630-1 R2C GNSS Q-M2M,1104274,1104795,WP7608 Q-M2M,1104277,WP7611-1 R2C Q-M2M,1104671,BC127 V3,EM9291,HL7800-M,BC127,WP7605 GPS Q-M2M,RC7630 R2C GNSS Q-M2M,WP7611 R2C Q-M2M,1104557,1104314,1104796,EM7511 Q-M2M,1104715,1104956,1103746,1104559,1104558,1104263,MC系列,1104262,1104020,WP7611 DO R2C GPS Q-M2M,1103574,EM9191 5G SUB6,1104662,RC7611-1 DO GNSS Q-M2M,1104264,RC7611-1 DO R2C Q-M2M,RC7620-1 R2C GNSS Q-M2M,BC127-CVC,1104828,WP7607-1 R2C Q-M2M,WP7608-1 Q-M2M,1104826,BX3105,1104268,1104308,1104307,1104306,1104668,1105067,1105068,1104893,1104892,RC7620-1 Q-M2M,1105060,1105061,EM7690,1105062,1104818,1104938,1104937,RC7620-1 GNSS Q-M2M,1104898,EM7411 Q-M2M,EM7421 Q-M2M,1104895,1104813,1104812,HL7810,RC7611 DO GNSS Q-M2M,HL7812,1104486,RC7630-1 R2C Q-M2M,WP7702 R2C GPS OCTAVE Q,EM9190 5G SUB6,1104886,EM9190 5G SUB6 + MMWAVE,1104885,1104125,1104924,1104528,1104889,1104405,1104888,1104129

2022/10/11  - SIERRA WIRELESS  - 选型指南 代理服务 技术支持 批量订货

Semtech Corporation完成对Sierra Wireless的收购

Semtech Corporation收购,交易将LoRa®的超低功耗优势与蜂窝网络的更高带宽能力结合在一起,打造出全新的物联网云到芯片系统领导者,预计其物联网市场机会到2027年将增长约10倍,达到100亿美元。

2023-02-07 -  原厂动态 代理服务 技术支持 批量订货

Sierra Wireless LPWA模块 选型表

Sierra Wireless LPWA模块选型:Dimensions(mm):15mmx18mmx2.4mm和22mmx23mmx2.5mm;Bands:多种Bands;峰值下载率(Mbps/Gbps/Kbps):Cat-M 300Kbps,Cat-NB1 27Kbps,Cat-M1:300kbps,Cat-NB1:27kbps,Cat-M:590kbps,Cat-NB2:127kbps,Cat-M1 590Kbps,Cat-NB2 127Kbps;峰值上传速率(Mbps/Gbps/Kbps):Cat-M 375Kbps,Cat-NB1 65Kbps,Cat-M1:375kbps,Cat-NB1:65kbps,Cat-M:1100kbps,Cat-NB2:158kbps,Cat-M1 1100Kbps,Cat-NB2 158Kbps

产品型号
品类
Dimensions(mm)
Bands
Peak Download Rate(Mbps/Gbps/Kbps)
Peak Upload Rate(Mbps/Gbps/Kbps)
HL7800 M1/NB1_1104937
LPWA IoT Modules
15mmx18mmx2.4mm
LTE:B1,B2,B3,B4,B5,B8,B9,B10,B12,B13,B17,B18,B19,B20,B25,B26,B27,B28,B66
Cat-M 300Kbps,Cat-NB1 27Kbps
Cat-M 375Kbps,Cat-NB1 65Kbps

选型表  -  Sierra Wireless 立即选型

Sierra Wireless 智能模块选型表

Sierra Wireless 智能模块选型:Dimensions(mm):22mmx23mmx2.5mm和51mmx30mmx3.6mm;Bands:多种Bands;峰值下载率(Mbps/Gbps/Kbps):10Mbps和150Mbps;峰值上传速率(Mbps/Gbps/Kbps):5Mbps和50Mbps

产品型号
品类
Dimensions(mm)
Bands
Peak Download Rate(Mbps/Gbps/Kbps)
Peak Upload Rate(Mbps/Gbps/Kbps)
RC7611 DO GNSS Q JVN._1105020
4G IoT Modules
22mmx23mmx2.5mm
LTE:B2,B4,B5,B12,B13,B14,B25,B26,B66,B71
150Mbps
50Mbps

选型表  -  Sierra Wireless 立即选型

Sierra Wireless(司亚乐)GL系列IoT网关选型指南

目录- GL Series IoT gateways   

型号- GL SERIES,GL7500,GL7600,GL7611,GL7812,GL7605

March 23, 2022  - SIERRA WIRELESS  - 选型指南  - V2 代理服务 技术支持 批量订货

Sierra Wireless 移动宽带模块选型表

Sierra Wireless 移动宽带模块选型:Dimensions(mm):30mmx52mmx2.38mm,42mmx30mmx2.3mm和51mmx30mmx3.6mm;Bands:多种Bands;峰值下载率(Mbps/Gbps/Kbps):150Mbps~5.5Gbps;峰值上传速率(Mbps/Gbps/Kbps):50Mbps~3Gbps

产品型号
品类
Dimensions(mm)
Bands
Peak Download Rate(Mbps/Gbps/Kbps)
Peak Upload Rate(Mbps/Gbps/Kbps)
EM7411 Q-M2M_1104680
Mobile Broadband Modules
42mmx30mmx2.3mm
LTE:B2,B4,B5,B7,B12,B13,B14,B25,B26,B41,B42,B43,B48,B66,B71
300Mbps
150Mbps

选型表  -  Sierra Wireless 立即选型

Sierra Wireless与世强控股的代理协议

描述- In August 2022, SIERRA WIRELESS, INC. and Sekorm Limited signed a DISTRIBUTION AGREEMENT.

15 August 2022  - SIERRA WIRELESS  - 代理协议/证明 代理服务 技术支持 批量订货 世强代理协议查询

AVIWEST Selects Sierra Wireless 5G New Radio Module for Mobile Ultra-High-Definition Video Encoders

Sierra Wireless announced that it‘s EM9191 5G New Radio module(5G NR module) has been integrated into mobile video encoders from AVIWEST, a leading provider of life and recorded video contribution systems.

2022-09-08 -  应用方案 代理服务 技术支持 批量订货

Welcome the New Canadian Local Instance for Semtech (formerly Sierra Wireless) AirLink® Management Service (ALMS)

Sierra Wireless is thrilled to unveil the latest advancement in our suite of router solutions — the launch of a new Canadian local instance for the AirLink® Management Service (ALMS) platform. This is an expansion of the commitment to provide our Canadian customers with the most flexibility, security and control over their AirLink routers.

2024-07-04 -  产品 代理服务 技术支持 批量订货

HIVE-ZOX Selects Sierra Wireless LPWA Module for Global Cold Chain Monitoring Solution

Sierra Wireless HL78 Series module integrated into HIVE-ZOX tracking solution, providing seamless global connectivity and real-time visibility of COVID vaccine shipments.

2022-09-03 -  应用方案 代理服务 技术支持 批量订货

Sierra Wireless®MC系列嵌入式模块迷你卡外形尺寸数据表中的高速连接

描述- Sierra Wireless AirPrime® MC Series嵌入式模块提供高速连接,支持北美、欧洲和亚洲的最新4G和3G网络。这些模块适用于低功耗移动计算、网络和工业物联网应用。MC74xx系列允许设备制造商在板上存储多达三个不同的固件版本,而MC73xx则通过主机下载实现相同功能,简化了物流和供应链管理。

型号- MC7350,MC SERIES,HL7588,MC7304,MC7455,MC73XX,MC7354,MC7430

2017. 09 . 26  - SIERRA WIRELESS  - 数据手册 代理服务 技术支持 批量订货

Rethinking Routers: A Fresh Take from Sierra Wireless

From the trailblazing XR series to the versatile RX55, Sierra Wireless introduced advanced 5G routers and 4G routers to the market. And let‘s not forget the favorites like the RV55 – a stalwart in the industrial sector – and MP70, a pioneer in mobile applications.

2023-12-22 -  原厂动态 代理服务 技术支持 批量订货

Sierra Wireless®HL系列嵌入式模块紧凑、灵活、经得起未来考验的2G、3G、4G和LPWA基本模块产品介绍

描述- Sierra Wireless AirPrime HL系列嵌入式模块提供紧凑、灵活且具有未来证明的2G、3G、4G和LPWA连接解决方案。该系列模块具备小型化设计,适用于各种无线移动网络,并支持无限空中固件更新服务。

型号- HL8549,HL8528,HL7648,HL7538,HL7549,HL7548,HL8548,HL7688,HL7588,HL7518,HL6528,HL7749,HL7528,HL7539,HL7748,HL8518,HL8529,HL7718,HL7618,HL SERIES,HL7692,HL7650,HL7690

2017.11.22  - SIERRA WIRELESS  - 数据手册 代理服务 技术支持 批量订货

EarthCam Selects Sierra Wireless AirLink® XR80 5G for World’s First Multi-Network 5G Camera System

Sierra Wireless AirLink® XR80 5G router integrated into new EarthCam solution enabling advanced live-streaming, safety and security analytic applications.

2022-09-03 -  新产品 代理服务 技术支持 批量订货

Experience the Sierra Wireless Refreshed AirLink® Router Portfolio of Mission-Critical Cellular Networking Solutions

All Sierra Wireless Pro routers are designed to operate reliably in harsh environments with high security and high performance. Pro routers come equipped with remote and real-time monitoring and access to expert technical support through Sierra Wireless AirLink services.

2023-11-25 -  产品 代理服务 技术支持 批量订货
展开更多

电子商城

查看更多

品牌:Sierra Wireless

品类:LPWA IoT Modules

价格:

现货: 0

品牌:Sierra Wireless

品类:LPWA IoT Modules

价格:

现货: 0

品牌:Sierra Wireless

品类:LPWA IoT 模组

价格:

现货: 0

品牌:Sierra Wireless

品类:LPWA IoT 模组

价格:

现货: 0

品牌:Sierra Wireless

品类:LPWA IoT Modules

价格:

现货: 0

品牌:Sierra Wireless

品类:LPWA IoT Modules

价格:

现货: 0

品牌:Sierra Wireless

品类:4G IoT 模组

价格:

现货: 0

品牌:Sierra Wireless

品类:4G IoT 模组

价格:

现货: 0

品牌:Sierra Wireless

品类:4G IoT 模组

价格:

现货: 0

品牌:Sierra Wireless

品类:4G IoT 模组

价格:

现货: 0

现货市场

查看更多

品牌:SEMTECH

品类:激光驱动器

价格:¥4.3000

现货:459,756

品牌:SEMTECH

品类:IC

价格:¥6.3000

现货:392,370

品牌:SEMTECH

品类:激光驱动器

价格:¥6.4000

现货:246,934

品牌:SEMTECH

品类:二极管

价格:¥9.0500

现货:33,000

品牌:SEMTECH

品类:贴片二极管

价格:¥0.6010

现货:30,000

品牌:SEMTECH

品类:TIA

价格:¥1.0631

现货:23,593

品牌:SEMTECH

品类:时钟/计时-专用

价格:¥65.0000

现货:22,976

品牌:SEMTECH

品类:集成电路

价格:¥92.9500

现货:20,000

品牌:SEMTECH

品类:Driver

价格:¥165.0000

现货:14,210

品牌:SEMTECH

品类:Driver

价格:¥144.0000

现货:12,000

品牌:

品类:

价格:

现货:

品牌:

品类:

价格:

现货:

品牌:

品类:

价格:

现货:

品牌:

品类:

价格:

现货:

品牌:

品类:

价格:

现货:

品牌:

品类:

价格:

现货:

品牌:

品类:

价格:

现货:

品牌:

品类:

价格:

现货:

品牌:

品类:

价格:

现货:

品牌:

品类:

价格:

现货:

查看更多

授权代理品牌:接插件及结构件

查看更多

授权代理品牌:部件、组件及配件

查看更多

授权代理品牌:电源及模块

查看更多

授权代理品牌:电子材料

查看更多

授权代理品牌:仪器仪表及测试配组件

查看更多

授权代理品牌:电工工具及材料

查看更多

授权代理品牌:机械电子元件

查看更多

授权代理品牌:加工与定制

世强和原厂的技术专家将在一个工作日内解答,帮助您快速完成研发及采购。
我要提问

954668/400-830-1766(工作日 9:00-18:00)

service@sekorm.com

研发客服
商务客服
服务热线

联系我们

954668/400-830-1766(工作日 9:00-18:00)

service@sekorm.com

投诉与建议

E-mail:claim@sekorm.com

商务合作

E-mail:contact@sekorm.com

收藏
收藏当前页面