2 Features

Security Edge Protection Proxy (SEPP) 24.1.x has been updated with the following enhancements:

  • Deployment in OCI using OCI Adaptor: Oracle Cloud Infrastructure (OCI) is a set of complementary cloud services that enable you to build and run a range of applications and services in a High Availability (HA) hosted environment. SEPP can be integrated into the OCI using the OCI Adaptor.OCI Adaptor provides a smooth integration to SEPP observability and monitoring modules with OCI observability and management, enabling the users to have access of alerts, metrics, and KPIs on the OCI platform.

For more information about the feature, see Oracle Communications Cloud Native Core, Security Edge Protection Proxy User Guide, Oracle Communications Cloud Native Core, Security Edge Protection Proxy Installation, Upgrade, and Fault Recovery Guide, and Oracle Communications Cloud Native Core OCI Adaptor, NF Deployment on OCI Guide.

  • Support for TLS 1.3: SEPP supports TLS 1.3 for all functions and interfaces that are supported by TLS 1.2. With this feature, SEPP supports creation of TLS 1.3 and TLS 1.2 connections and mandatory ciphers and extensions.

    Network Functions (NFs) or peers can use Hypertext Transfer Protocol Secure (HTTPS) to establish secured ingress and egress connections with consumer NFs and producer NFs, respectively. These communication protocols are encrypted using Transport Layer Security (TLS). TLS comprises the following components:
    • Handshake Protocol: Exchanges the security parameters of a connection. Handshake messages are supplied to the TLS record layer.
    • Record Protocol: Receives the messages to be transmitted, fragments the data into multiple blocks, secures the records, and then transmits the result. Received data is delivered to higher-level peers.

For more information about the feature, see the "Support for TLS 1.3" section in Oracle Communications Cloud Native Core, Security Edge Protection Proxy User Guide and the "Configurable Parameters" section in Oracle Communications Cloud Native Core, Security Edge Protection Proxy Installation, Upgrade, and Fault Recovery Guide.

  • Support for Automated Certificate Lifecycle Management: In SEPP 23.4.x and earlier, X.509 and Transport Layer Security (TLS) certificates were managed manually. When multiple instances of SEPP were deployed in a 5G network, certificate management, such as certificate creation, renewal, removal, and so on, became tedious and error-prone. Starting with SEPP 24.1.x, you can integrate with Oracle Communications Cloud Native Core, Certificate Management (OCCM) to support automation of certificate lifecycle management. OCCM manages TLS certificates stored in Kubernetes secrets by integrating with Certificate Authority (CA) using the Certificate Management Protocol Version 2 (CMPv2) protocol in the Kubernetes secret. OCCM obtains and signs TLS certificates within the SEPP namespace.

For more information about OCCM, see the "Support for Automated Certificate Lifecycle Management" section in Oracle Communications Cloud Native Core, Security Edge Protection Proxy User Guide and Oracle Communications Cloud Native Core, Certificate Management User Guide.

  • Support for Health Status cnDBTier APIs in CNC Console: With this enhancement, Health Status cnDBTier APIs are integrated into the CNC Console, and users can view specific cnDBTier statuses on the CNC Console.

For more information about the feature, see the "Support for cnDBTier APIs in CNC Console" and "cnDBTier" sections in Oracle Communications Cloud Native Core, Security Edge Protection Proxy User Guide.