Secure Service Implementation with Slice Isolation and WireGuard
Abstract
Network slicing enables the provision of services for different verticals over a shared infrastructure. Nevertheless, security is still one of the main challenges when sharing resources. In this paper, we study how WireGuard can provide an encrypted Virtual Private Network (VPN) tunnel as a service between network functions in 5G setting. The open source management and orchestration entity deploys and orchestrates the network functions into network services and slices. We create multiple scenarios emulating a real-life cellular network deploying VPN-as-a-Service between the different network functions to secure and isolate network slices. The performance measurements demonstrate from 0.8 Gbps to 2.5 Gbps throughput and below 1ms delay between network functions using WireGuard. The performance evaluation results are aligned with 5G key performance indicators, making WireGuard suited to provide security in slice isolation in future generations of cellular networks.