* [Blog](https://www.paloaltonetworks.com/blog)
* [Network Security](https://www.paloaltonetworks.com/blog/network-security/)
* [5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/)
* Combining Carrier-Grade P...

# Combining Carrier-Grade Private Networks with Enterprise-Grade 5G Security

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fprivate-networks-enterprise-grade-5g-security%2F)  
[](https://twitter.com/share?text=Combining+Carrier-Grade+Private+Networks+with+Enterprise-Grade+5G+Security&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fprivate-networks-enterprise-grade-5g-security%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fprivate-networks-enterprise-grade-5g-security%2F&title=Combining+Carrier-Grade+Private+Networks+with+Enterprise-Grade+5G+Security&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/network-security/private-networks-enterprise-grade-5g-security/&ts=markdown)  
\[\](mailto:?subject=Combining Carrier-Grade Private Networks with Enterprise-Grade 5G Security)  
Link copied  
By [Mitch Rappard](https://www.paloaltonetworks.com/blog/author/mitch-rappard/?ts=markdown "Posts by Mitch Rappard")  
Dec 02, 2022  
4 minutes  
[5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/?ts=markdown)  
[Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)  
[5G](https://www.paloaltonetworks.com/blog/tag/5g/?ts=markdown)  
[5G for private networks](https://www.paloaltonetworks.com/blog/tag/5g-for-private-networks/?ts=markdown)  
[Athonet](https://www.paloaltonetworks.com/blog/tag/athonet/?ts=markdown)  
[Partners](https://www.paloaltonetworks.com/blog/tag/partners/?ts=markdown)  
[Zero Trust](https://www.paloaltonetworks.com/blog/tag/zero-trust/?ts=markdown)

As business becomes increasingly mobile, embracing 5G for private networks, edge computing and other use cases, there is a perception that network security for 5G has already been addressed by the standards that define it. While 3GPP has done excellent work to secure the numerous interfaces used for communication within a 5G core, there are still steps that can be taken to further secure the entire mobile network, including the packet core, the subscribers and the devices. You can't secure what you can't see, so Layer 7 mobile data inspection with next-generation threat intelligence across the user plane is critical. Palo Alto Networks has collaborated with Athonet to deploy packet cores with carrier-grade reliability, integrated with a next-generation firewall (NGFW) for enterprise-grade 5G security. This integration enables advanced security features necessary for a Zero Trust security posture for both the packet core network functions and the mobile subscribers using those functions while also providing an enterprise-focused private cellular platform offering carrier-grade performance and reliability.

Compared to non-cellular networks, private cellular is a big change from a security perspective. As access and identification is based on physical SIM cards, it provides a level of physical identity and segregation that Wi-Fi, Bluetooth and similar technologies do not provide natively. More work is needed to ensure the user plane traffic is also free from malicious traffic. For example, steps must be taken to ensure that IoT devices are not infected with malware; that key sensors on the factory floor are not exploited; and that each and every application on the private networks is known. With 5G and the various new use cases it unlocks, visibility into applications and threats will be a requirement.

To realize meaningful security in private networks, a Zero Trust security posture should be implemented. This blog won't go into much detail on Zero Trust, so you can read more [here](https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture?ts=markdown). In short, to offer a Zero Trust security posture, you must eliminate implicit trust and answer the following questions below for each flow, as [defined](https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/white-papers/simplify-zero-trust-implementation-with-a-five-step-methodology.pdf?utm_source=marketo&utm_medium=email&utm_campaign=Global-DA-EN-19-05-10-7010g000001Ix3tAAC-P1-Network-5-steps-to-zero-trust&ts=markdown) by the [Kipling Method](https://www.paloaltonetworks.com/blog/2019/05/network-layers-not-created-equal/?ts=markdown):

* Who should be accessing a resource? This defines the asserted (e.g., 5G) identity.
* What application is the asserted identity of the packet using to access a resource inside the protect surface?
* When is the asserted identity trying to access the resource?
* Where is the packet destination?
* Why is this packet trying to access this resource within the protect surface? This relates to data classification, where metadata automatically ingested from data classification tools helps make your policy more granular.
* How is the asserted identity of a packet accessing the protect surface via a specific application?

For a 5G network, the "Who" can be thought of as the Subscriber and Equipment identifiers. The Subscriber ID in a 5G network is the Subscriber Permanent ID (SUPI). The Equipment ID is the Permanent Equipment ID (PEI). When you have visibility into these identifiers, an enterprise leveraging 5G wireless access can quickly identify which device is infected, as well as create granular security policies that are device and subscriber aware.
![Palo Alto Networks has collaborated with Athonet to deploy packet cores with carrier grade reliability, integrated with a NGFW for enterprise grade 5G security.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/12/word-image-16.png)
Threat Logs showing Subscriber and Equipment IDs.

Together, Athonet and Palo Alto Networks bring to enterprises a proven mobile core network platform, coupled with the leader in enterprise security. Complete visibility is now available for all applications, across all protocols, as well as the potential threats that may be present in that traffic.

Athonet is unique in providing an enterprise-focused private cellular platform without compromising on carrier-grade performance and reliability. Palo Alto Networks is unique in its enterprise-grade 5G native security offering for both the enterprise and operators. Together, these two solutions allow enterprises to deploy private networks with the confidence that their network is carrier-grade and the security is uncompromising.

*** ** * ** ***

## Related Blogs

### [5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)

[#### Securing the New Frontiers of Critical Infrastructure Networks](https://www.paloaltonetworks.com/blog/2022/03/new-frontiers-of-critical-infrastructure-networks/)

### [5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### UScellular and Palo Alto Networks Join Forces to Secure 5G](https://www.paloaltonetworks.com/blog/2024/12/uscellular-and-palo-alto-networks-secure-5g/)

### [5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/?ts=markdown), [Guest Post](https://www.paloaltonetworks.com/blog/category/guest-post/?ts=markdown), [Network Perimeter](https://www.paloaltonetworks.com/blog/network-security/category/network-perimeter/?ts=markdown), [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown)

[#### The Four 'Ps' of 5G Network Visibility](https://www.paloaltonetworks.com/blog/network-security/the-four-ps-of-5g-network-visibility/)

### [5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/?ts=markdown), [Firewall](https://www.paloaltonetworks.com/blog/category/firewall/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown)

[#### Protecting the Utility Grid's Digital Ecosystem, from Core to Edge to AI](https://www.paloaltonetworks.com/blog/network-security/protecting-the-utility-grid-digital-ecosystem-from-core-to-edge-to-ai/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Industrial OT Security](https://www.paloaltonetworks.com/blog/network-security/category/industrial-ot-security/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)

[#### Untangling IT-OT Security Knots with a Zero Trust Platform Approach](https://www.paloaltonetworks.com/blog/2024/05/untangling-it-ot-security-knots/)

### [5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)

[#### Protecting OT Assets, Networks and Remote Operations with Zero Trust OT Security](https://www.paloaltonetworks.com/blog/network-security/protecting-ot-assets-zero-trust-ot-security/)

### Subscribe to Network Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language