5G
Content Guide
What is 5G?
Success or Failure?
Seven years after its commercial launch, 5G covers more than half the world’s population – making it the fastest-adopted mobile technology in history. And yet, the question keeps coming up: is 5G actually delivering on its promise?
The honest answer is: it depends on who you ask. For consumers, 5G has largely meant faster and better quality video streaming. For network engineers and communication service providers (CSPs), the picture is more complex – and more interesting. There are real gains in capacity, energy efficiency and IoT connectivity. There are also genuine challenges in monetisation, network optimisation and the technical complexity of 5G Standalone (SA) deployments.
Let’s look at 5G from multiple angles – the technology evolution, the benefits, the obstacles, and where the industry stands today. If you work in telecoms or enterprise networking, this is the context that matters.
Evolution to 5G
The first European digital wireless technology was called GSM, later also called 2G. Originally, it catered for circuit-switched calls and SMSs to be enhanced with data using General Packet Radio System (GPRS) and EDGE.
3G has the same architecture for data using SGSN and GGSN and circuit switched calls. The data speed increased from approximately 100 kbps up to 10 Mbps.
4G moved to all IP based architecture using Evolved Packet Core (EPC) and IP calls – Voice Over LTE (LTE). Data architecture started to use Mobile Management Entity (MME), Serving Gateway (SGW) and Packet Gateway (PGW). The 4G radios called eNodeB integrate 3G’s NodeB and RNC functions. Data speeds reached 100 – 200 Mbps.
Over-the-top (OTT) applications rely on sufficient network bandwidth. 4G networks can provide enough bandwidth, and the latency, jitter and packet loss are often acceptable, however the limited bandwidth of the 4G network may cause undesirable user experience.
5G is the fifth generation of wireless cellular communications and mobile network technology succeeding 4G. It uses 5G New Radio (5G NR) that offers 10-100x faster speed with a much lower latency.
The following diagrams illustrate technology of the 4G and 5G core.
Simplified 4G EPC Architecture and 5G NSA
5G can use the same packet core as 4G. This setup is called 5G Non-standalone (NSA). 5G NSA offers a simpler migration from 4G to 5G due to the same core as with 4G.
5G standalone (5G SA) uses a new 5G cloud native core for control plane. User Plane traffic is handled by User Function (UPF). When 4G relies on MME, 5G uses AMF, SMF and AUSF. 5G handles SGW/PGW functions with SMF and UPF. 5G SA has lower latency and it is capable of offering services previously not possible.
Simplified 5G SA architecture
5G Benefits
Key Benefits and Enhancements in 5G
Compared to 4G, 5G offers higher speeds, lower latency, and increased capacity. Probably the biggest improvement is in the 5G New Radio. 5G NR uses advanced beamforming, massive MIMO and with its Quadrature Amplitude Modulation (QAM), it can utilize available spectrum more efficiently.
Video represents the largest portion of mobile traffic and the market has seen the benefits of Enhanced Mobile Broadband (eMBB). The other use cases for eMBB: cloud gaming, virtual reality (VR), and augmented reality (AR) are not yet well utilized.
Ultra-Reliable Low Latency Communication (URLCC) has yet to live up to expectations. On the other hand, Massive Machine-Type Communication (mMTC) support for large-scale connectivity for the Internet of Things (IoT) has demonstrated its usefulness. 3GPP standard Reduced Capability (RedCap) will further accelerate this development allowing billions of devices and low-cost sensors to connect efficiently (for example smart factories, smart homes, and smart cities).
According to Ericsson’s Mobility Report November 2025, the data traffic has grown 9-fold from year 2018 to year 2025. 5G has an important role in enabling traffic growth by accounting for 43% of the total mobile data traffic at the end of 2025.
5G Challenges
Global System for Mobile Communications Association (GSMA) notes that seven years after the commercial launch of 5G in 2019, the global connectivity landscape has reached a new phase in its evolution. At the end of 2025, more than half of the world’s population was covered by a 5G network, making it the fastest‑adopted mobile technology to date.
GSMA uses the 5G Connectivity Index (5GI) based on 5G Infrastructure, services, coverage, performance, adoption, usage, affordability and the regulatory environment. The leaders measured by 5GI are the Gulf Cooperation Council (GCC) states, Nordic countries, developed Asia Pacific, Mainland China and the US.
Despite the fast adoption there are challenges. From the Communication Service Provider (CSP) perspective the biggest challenge is the monetization, which was already a challenge with 4G – not only a 5G problem. Some markets, China, GCC and the US see accelerated enterprise digital transformation, speed-based mobile broadband pricing and the use of 5G FWA. CSPs are actively expanding the use of AI to enable automatic operations. This process is easier if 5G SA and 5G Advanced are deployed.
It is typical for a cellular network to have varying quality in different areas, for example, related to the coverage and/or capacity. User traffic may be focused on hot spots and therefore, a careful and continuous network optimization is needed. Without good network optimization it is possible that 5G does not exceed 4G performance. This is an area where all CSPs are automating the network optimization using also AI.
For some, 5G may be a disappointment due to the fact that it was marketed as a revolutionary technology, although in reality, it has been seen only offering speed improvement compared to 4G. Indeed, 5G was advertised to enable virtual reality, remote surgery and autonomous vehicles while consumers wanted to pay less and get more – in practical terms, this meant faster connections and smooth video streaming.
Technically, it has been challenging for the industry to manage 5G SA. 3GPP 5G standard includes Network Data Analytics Function (NWDAF) as a component to collect data, to analyse and expose data to other network functions. NWDAF however, is not well suited for subscriber-specific data analytics. For this reason, all the network vendors have created their own methods for extracting 5G Core data to analytics tools. In addition to the complexity of data extraction, another aspect is the format of the data extracted. Instead of having interface data as before, 5G SA data extraction is message-based. In multi-vendor core networks, this is especially challenging.
5G Summary
So, is 5G a success or a failure? Depends on the angle that you are looking at.
As a technology, 5G is a success. It handles exponentially more data, uses energy more efficiently than 4G, and is enabling large-scale IoT connectivity that was not practical before. The infrastructure is real, the adoption curve is steep, and the engineering progress, particularly in 5G New Radio, is significant.
Monetisation remains the hardest problem for many CSPs. Some of the services that were going to justify the investment have not arrived at scale. What CSPs have is a much better bit pipe.
The real technical challenge is in the 5G SA. 5G Standalone deployments introduce significant complexity around data extraction, multi-vendor interoperability and network analytics in addition to the new cloud native environment. This is where the gap between what 5G promises and what networks can actually observe and manage becomes critical. Network visibility, knowing exactly what is flowing across your 5G infrastructure, is no longer optional. It is the foundation for optimisation, security and the AI-driven automation that CSPs are now investing in.
A European operator recently put it plainly: 5G delivers roughly eight times the energy efficiency and capacity of 4G – a genuine technical achievement. But that improvement is largely invisible to the average subscriber. In many markets, consumers are not upgrading to 5G because they want it. They are upgrading because 4G networks in dense urban areas are becoming congested, and 5G is what keeps their experience from getting worse. That is a harder story to tell to an investor than “revolutionary new service.”
The picture is not the same in countries with a huge number of subscribers. A CEO of a Southeast Asian operator running a network of 100 million subscribers told a different story. Average Revenue Per User is 2.50 USD per month, but despite the ARPU the goal is not only to serve all the subscribers, but also to democratize AI making it available for all.
These two perspectives are not contradictory. They reflect the same underlying reality: 5G’s value is real, but it is showing up in infrastructure efficiency and network capacity rather than in the consumer-facing services that were originally envisioned.
Service Based Architecture
5G Technology
5G is the fifth-generation mobile network technology that brings higher speeds, lower latency, and greater capacity than previous generations. It has the potential to revolutionize various industries, from telecommunications to IoT, enabling advanced use cases like smart cities, autonomous vehicles, and industrial automation.
A 5G system (5GS) includes User Equipment (UE), a 5G Base Station (gNB), and a 5G Core Network (5GC). Together, these components support a wide range of services that 5G networks offer, including:
- Enhanced Mobile Broadband (eMBB): Providing faster internet speeds for applications like video streaming, virtual reality, and cloud gaming.
- Ultra-Reliable Low Latency Communication (URLCC): Essential for critical applications like remote surgery, autonomous driving, and industrial automation, where low-latency, real-time communication is crucial.
- Massive Machine-Type Communication (mMTC): Supporting large-scale connectivity for IoT devices, allowing billions of devices to connect and communicate efficiently.
5G Core Network
A 5G System (5GS) consists of User Equipment (UE), 5G Base station (gNB), 5G and a 5G Core Network (5GC) as illustrated in following Figure 1. In 5GS architecture, the 5GC is located at heart and enables the 5G RAN to support 3GPP defined three use cases, i.e. Enhanced Mobile Broadband (eMBB), Ultra-Reliable Low Latency Communication (URLCC) and Massive Machine Type Communication (mMTC).
3GPP has defined 5G Core to utilize cloud virtualisation, service-based architecture (SBA) across all 5G functions and procedures, including authentication, security, session management and aggregation of traffic from end devices. The 5G core network supports the Virtualization of software functions to use NFVI in design 5G Networks, including MEC infrastructure. The new architecture has adopted separation of user plane and control plane functions, which enables independent scaling of the control and user plane functions, e.g. a Mobile Network Operator (MNO) can add more user plane functions without adding more control plane and vice versa depending on deployment strategies. User plane functions could be distributed geographically close to 5G RAN to minimise user plane latency, while control plane functions could be centralised to get benefits of Virtualization.
In ‘Service based’ architecture, the set of Network Elements (NEs) is replaced with a set of Network Functions (NFs). Each Network Function can provide services to other Network Functions, i.e. each Network Function is a service provider. The point-to-point interfaces are replaced by a common bus which inter-connects all Network Functions. The services are specified for the Network Function providing them, instead of each pair providing and consuming Network.
5G System Architecture
5G System Service Based architecture includes a set of Network Functions (NFs), and a common bus known as a service bus to inter-connect the Network Functions. The Service Based architecture is applicable to the control plane, and Reference Point architecture is used for the user plane of the 5G Core Network.
The interface naming for the Reference point is given as a number with the letter “N” like N2, N3 or N4. N2 is the logical reference point between gNB and AMF, whereas N3 is a reference point between gNB and UPF. The naming for service based interface includes network function name with the letter “N,” e.g. Namf is the interface between AMF network function and Common Service Bus.
The Network Repository Function (NRF) is the main network function in service based architecture and plays a key role. All network functions register the services they offer with the NRF using the service registration procedure, and later they use the NRF as a database to discover the services offered by other Network with service discovery and service authorization procedure.
Within Service Based Architecture, Network Functions communicate to each other using http protocols defined methods like POST, GET, PUT, PATCH and DELETE.
The Service Based architecture represents a move towards a cloud implementation of the Core Network. Legacy Core Networks have been deployed using separate hardware for each Network Element. Today 5G Core Networks use cloud-native network functions (CNF). Microservices and CNFs provide better resource efficiency, resiliency and higher availability. CNF also promises less downtime in the network.
5G Security
What is 5G Security?
5G has introduced a number of improvements in security compared to 4G. 5G standards development has adopted ‘Secure by Design’ principles, using for example Mutual Authentication and acknowledging that all links could be tapped, but making sure that the encrypted information is worthless when intercepted.
Security is a wide topic and has different angles to it, for example, ITU-T has defined eight security dimensions shown in the table below. While these are important factors, this White Paper focuses more on the 5G network security measures and attempts to bring how to utilize data regardless of regulation and tight security in the summary section.
| Security Dimension | Description |
|---|---|
| Access control | Protects against unauthorized use of network resources |
| Authentication | Confirms identities and ensures validity of claimed identities |
| Non-repudiation | Means for associating actions with entities |
| Data confidentiality | Data protection from unauthorized disclosure |
| Communication security | Information flow only allowed between authorized end points |
| Data integrity | Correctness and accuracy of data |
| Availability | No denial of authorized access to network resources or data |
| Privacy | Protection of information that might be derived from the observation of network activities |
The importance of security is increasing continuously as we become more and more dependent on digital services. The number of connections is increasing exponentially with M2M and IoT. Therefore, aspects such as trusted ID, trusted SW, secure configuration, trustworthy data, protected communication, privacy and physical security are gaining more relevance not only in IoT communication, but in telecommunications in general.
Device Protection
5G has several enhancements in subscriber security:
- Protects the confidentiality of the initial non-access stratum (NAS) messages between the device and the network. It is no longer possible to trace user equipment (UE) using current attack methodologies over the radio interface, protecting against man in the middle (MITM) and fake base station (Stingray/IMSI catcher) attacks.
- Home control – a mechanism that requires the home network to check the authentication status of the device in the visited network preventing various roaming fraud types.
- Unified authentication, for example, for WLAN, allowing 5G networks to manage previously unmanaged and unsecured connections.
- User plane integrity checking, ensuring the user traffic is not modified during transit.
- Enhanced privacy protection with the use of public/private key pairs to conceal the subscriber’s identity.
UE keys are stored in the Universal Subscriber Identity Module (USIM) and the home environment to enable network access security. There are two trust domains, tamper proof universal integrated circuit card on which the USIM resides as a trust anchor and the Mobile Equipment.
Subscription Permanent Identifier (SUPI), equivalent to IMSI in 4G, is encrypted and available as SUCI, Subscriber Concealed Identifier. Naturally, the air interface between UE and gNB is encrypted.
Network Protection
RAN is separated into Distributed Units (DU) and Central Units (CU). DU doesn’t have any access to customer communications. IPSec is typically used for the connection from gNB to backhaul.
On the core side AMF serves as a termination point for NAS security. AMF is co-located with Security Anchor Function (SEAF) that holds the root key for the visited network. Authentication Credential Repository and Processing Function (ARPF) is co-located with UDM and stores long-term security credentials.
5G also introduces a new network architecture element: the Security Edge Protection Proxy (SEPP). The SEPP protects the home network edge, acting as the security gateway on interconnections between the home network and visited networks. Its main functionality includes:
- Application layer security and protection against eavesdropping and replay attacks
- End-to-end authentication, integrity and confidentiality protection via signatures and encryption of all HTTP/2 roaming messages
- Key management mechanisms for setting the required cryptographic keys and performing the security capability negotiation procedures
- Message filtering and policing, topology hiding and validation of JSON objects, including cross-layer information checking with address information on the IP layer
- Enhanced security of the international roaming services to overcome the existing security risks linked to SS7 and Diameter usage.
5GC
5GC introduces a new set of protocols and processes to secure the core functions. These include:
- HTTP/2 communication between cloud native functions (CNF) in the core
- TLS providing encrypted communication between all CNF
- HTTP/2 over N32, replacing Diameter over the S6a reference point
- More secure cipher suites
Network Domains
Telecom networks are often divided into four distinctive parts: Access and core network, transport and interconnect network that connects different core networks with each other.
It is clear that 5G has increased security in many ways compared to previous telecom generations. New features such as network slicing and 5GC bring new ways of having a safe network, but they also carry potential dangers. Kubernetes and container security require new thinking in security management, for example, secure container lifecycle management is a must.
CSPs
CSPs are definitely facing a huge challenge with all the security technologies and threats. It is one thing to secure the network properly, but at the same time, the CSP’s existence and success depends on how well subscribers are served. Understanding subscriber behaviour is even more important than before.
This creates a bit of a dilemma for the CSPs. How to run a secure network and still have visibility in the subscribers?
Network visibility stays as a cornerstone to understanding what happens in the network. Despite the multi-layer security measures, the data flow and messages need to be decrypted before any actions can be done. The point of decryption allows having legitimate extraction of data, for example, from 5GC or User Plane data after it has run through Security GW.
The increasing number of attacks, regulators’ tightened requirements and a massive increase in data volumes demand the CSPs to plan the data extraction points more carefully and, in many cases, even add encapsulated encryption with anonymisation. With careful planning and the right solution, monitoring the data and getting insights into subscribers’ behaviour is still possible.
5G SA
5G SA Network Visibility Challenges and Current Alternatives
According to the GSMA report ‘2022 The Mobile Economy’, there were 8.3 billion SIM connections (excluding licensed IoT) in 2021, expected to reach 8.8 billion connections by 2025. While 5G made up only 8% of those connections in 2022, it is forecasted to jump to 25% by 2025. Initially, Communications Service Providers (CSPs) rolled out 5G non-standalone (NSA), which relies on existing 4G infrastructure. However, 5G standalone (SA) is gaining traction, with 22 commercial deployments by the end of 2021 and an estimated 66 live 5G SA networks by 2023, according to STL Partners.
What is 5G SA?
5G SA represents the next generation of mobile networks that promises to unlock the full potential of enhanced mobile broadband (eMBB), ultra-reliable low-latency communications (URLLC), and massive IoT use cases. Unlike 5G NSA, which uses a hybrid of 4G and 5G, 5G SA introduces an entirely new core architecture defined by 3GPP. This architecture is based on Service-Based Architecture (SBA) and adopts a cloud-native software approach, enabling dynamic, scalable, and flexible deployments.
The key advantage of 5G SA is its ability to offer greater network efficiency and improved user experiences by harnessing these features. However, this evolution brings unique challenges, especially in terms of network visibility.
5G SA Network Visibility Challenges
In previous generations, such as 4G and 5G NSA, monitoring network traffic at the packet level was relatively straightforward. CSPs could capture and correlate control-plane and user-plane traffic, including subscriber identity (often hashed for privacy), to generate valuable insights for Customer Experience Management (CEM) systems. These insights helped CSPs understand hotspots, service usage, bandwidth consumption, and user behaviour.
However, due to its complex and distributed cloud-native architecture, 5G SA introduces significant visibility challenges. While open-source tools like Prometheus (for metrics), Grafana (for logs), and Jaeger (for tracing) can provide some insights, they fall short in offering subscriber-level visibility—such as which services a subscriber is using at a particular time or location.
Monitoring Solutions
In 5G NSA, CSPs could physically tap a link to extract packets for analysis. However, 5G SA complicates data extraction, as Core Network Functions (CNFs) communicate using encrypted HTTP2 messages. Additionally, 3GPP has not standardized a method for mirroring CNF messages in the same way it did for 4G networks.
The Network Data Analytics Function (NWDAF) was introduced to address this challenge. NWDAF is designed to streamline core network data analytics, generating actionable insights and enhancing the end-user experience. However, its implementation is optional, and not every CSP will deploy it in their 5G SA network.
NWDAF faces several challenges:
- Data availability and granularity for subscriber monitoring may be insufficient.
- It may impact network performance, as CNFs must continuously report to NWDAF.
- Integration complexities and alignment with 3GPP standards pose additional obstacles.
Despite these challenges, NWDAF could offer solutions for network analytics, but its effectiveness in providing subscriber behaviour data remains uncertain.
Alternatives for 5G SA Visibility
Some CSPs are exploring alternatives like Service Communication Proxy (SCP) to overcome visibility challenges. SCP acts as an intermediary between CNFs, often deployed as part of a service mesh (e.g., Envoy), providing the ability to mirror traffic. However, this approach introduces additional latency and resource demands, making it less than ideal for real-time monitoring.
Other network vendors propose copying the message at the CNF level before encryption. This data is then streamed to a data extractor, which forwards it for analysis. These implementations vary significantly across vendors, with some using TCP, GRE, or even HTTP2 and JSON-based payloads for transport.
A more cloud-native solution involves using mirrored messages in decrypted form from CNFs, sometimes employing eBPF technology to capture data before encryption. However, these methods also raise concerns regarding data security outside the 5G SBA.
5G SA Conclusion
The shift to 5G SA represents a significant technological leap, bringing enhanced security features and a cloud-native architecture. However, monitoring subscriber behaviour and ensuring optimal service performance remain critical challenges. While NWDAF and proxy-based solutions offer some answers, the lack of standardized solutions for extracting decrypted messages hinders widespread adoption.
As 5G SA gains more traction, the demand for more streamlined, standardized approaches to data extraction will grow. CSPs and vendors hope for a solution that offers the necessary granularity for monitoring subscriber behaviour without compromising security compliance with GDPR and other regulations.
For now, CSPs must navigate a complex landscape of multi-vendor CNFs, diverse data extraction methods, and the challenges of encrypted communication in a 5G SA environment.
5G FAQ
Yes, significantly. 5G New Radio (5G NR) offers speeds 10 to 100 times faster than 4G, with much lower latency. In practice, real-world speeds vary depending on network coverage, spectrum used and whether the operator has deployed 5G Standalone or Non-Standalone architecture.
5G Non-Standalone (NSA) uses the existing 4G core network with 5G radio, making it easier to deploy as a migration step. 5G Standalone (SA) uses a fully new cloud-native 5G core, enabling lower latency, network slicing and more advanced services. Most operators have started with NSA and are gradually moving toward SA.
The core challenge is that faster connectivity has not automatically created new revenue streams. Most consumers use 5G the same way they used 4G – for browsing, video and messaging. The enterprise use cases that were expected to generate new business models, such as private 5G networks and network slicing, are still in early stages of adoption.
NWDAF (Network Data Analytics Function) is a component of the 5G Standalone core defined by 3GPP. It is designed to collect, analyse and share data across network functions. In practice, NWDAF has limitations for subscriber-level analytics, which has led network vendors to develop their own data extraction methods – adding complexity, especially in multi-vendor environments.
5G Standalone changes how traffic data is structured and extracted. Unlike earlier generations where interface-level data was readily available, 5G SA uses message-based data extraction, which requires more sophisticated tools to capture and analyse traffic accurately. This makes network visibility more important, and more technically demanding, than in previous generations.
CSPs are increasingly using AI to automate network optimisation, predict traffic patterns and manage network quality. This is particularly relevant in 5G SA deployments, where network complexity makes manual optimisation impractical. The effectiveness of AI-driven operations depends heavily on access to accurate, real-time network data.
Our newsletter provides thought leadership content about the industry. It is concise and has interesting content to keep you updated with what’s new at Cubro and in the industry. You can unsubscribe anytime with a single click.
Your e-mail address is only used to send you our newsletter and information about the activities of Cubro Network Visibility. You can always use the unsubscribe link included in the newsletter.