The criteria for determining the list of trusted vendors for supplying equipment to India for future network rollouts has been provided by the National Cyber Security Coordinator (NCSC).
According to an ET Telecom report, the information regarding the criteria has been communicated to the telcos and other concerned stakeholders via a meeting attended by all the concerned authorities including the telcos and foreign gear vendors. China's Huawei and ZTE were however excluded from this meeting.
Citings As Per the Attendees
According to an executive close to the matter, the gear and procurement process will be a lengthy one; wherein the vendors will have to provide information to telcos, who are then expected to inform the National Cyber Security Coordinator (NCSC). The designated authority i.e. NCSC will then inform the telcos if they are allowed to procure the gear, depending upon if the vendor is listed as "trusted" under the trusted vendor list.
India's highest cybersecurity office (NCSC) has provided a list of products and templates to the stakeholders that contain the data that will be necessarily required. But no information has been shared on the criteria that will determine whether the source of a product is trusted. Further, the companies were assured that every bit of information will be kept in strict confidence.
The challenges and delays that are expected by the telcos were also discussed in the meeting; once the list comes into force. A lot of issues might come to life as the portal for providing information goes up.
A lot of concerns were raised by some vendors regarding the enormity of information being sought in such strict time limits.
April 15 is marked as the date for the launch of the beta portal by the NCSC, however, the procurement rules will come into force from June 16.
The details were discussed in the virtual meeting called by the NCSC which was attended by telcos, domestic and multinational vendors, and various other chipmakers. The NCSC shared the flow of procurement rules through the means of a presentation to all concerned parties.
NCSC has also asked for tons of details and has solicited feedback from all attendees in case they have issues. The authority is willing to make changes before the portal goes live as per another executive.
The Department of Telecommunications (DoT) amendment on mandating the use of network equipment only from "trusted sources" is believed to be aimed at keeping the Chinese players out of key elements of the telecom network. The government is wary of the privacy concerns that might arise if any Chinese vendor or untrusted vendor is allowed to supply core network equipment to the telcos.
The meeting was attended by many renowned companies including Ericsson, Nokia, Cisco, Samsung, Qualcomm, Ciena, AMD, Tejas, Nivetti systems, C-DoT, and VNL, besides the telcos.
Airtel and Vodafone Idea (Vi) is to face the threat as they have contracts with Chinese vendors Huawei and ZTE, besides Nokia and Ericsson. Jio is still on the safer side as it is supplied by South Korean Tech Giant Samsung.
