Signaling Firewall | Products

Signaling Firewall Types

Check out our signaling firewalls

Diameter Firewall

The increasing rollout of 4G LTE, IoT, VoWiFi, VoLTE and VoIP networks is seeing a rise in the volume of diameter signaling on networks worldwide. Mobileum provides a comprehensive signaling firewall to manage and secure diameter networks from threats that are more and more common, trying to gain access to valuable information, exchanged between CSPs networks.

Diameter is a protocol that uses a basic unit called Attribute Value Pairs (AVPs). These can be easily modified or inserted, and therefore, to defend against attacks, all AVPs must be inspected and monitored. Mobileum’s diameter firewall ensures a safe diameter interface for CSPs network, to protect them from attacks that can reveal both network and subscriber data as well as compromise infrastructure integrity.

The main advantages of Mobileum Diameter firewall

With Mobileum’s diameter firewall CSPs will be able to address the current challenges of securing diameter signaling entering and leaving their network and protect subscribers from service disruptions, hijacks, and fraud.
  • Machine Learning Analytics to detect new threats and outliers.
  • Cross Protocol Protection associating Diameter messages with other protocols.
  • Supports all the GSMA Categories 1,2 and 3 and beyond, including location tracking, call/text intercept, and more.
  • Widely deployed Diameter firewall used in many CSPs around the world from large operators groups to Tier-1, Tier-2, and Tier-3 operators.

See how Mobileum can help protect & grow your business

Over 750 Telecom companies, in more than 150 countries, are scaling their business with Mobileum solutions.

SS7 Firewall

SS7 was designed to be used by a few state-owned operators and in this respect, it was considered to be used within trusted environments, with no inbuilt security. However, with the evolution of the interconnected world, the mobile context changed and the initial assumption is no longer valid. SS7 is now exposed in differing ways, both commercially and technically.

With SS7 access now being leased, SS7 stack widely available and appropriate hardware, modestly priced access to the SS7 network is now available to hackers on a modest budget. For both inbound roamers and their own subscribers, it is vital to validate the source and purpose of a message before passing it through to the network element for processing. Mobilieum offers an SS7 firewall to handle all the threats to guarantee that a Mobile Operator has a secure SS7 network and that their subscribers are secured from threats like call interception or location tracking.

The main advantages of Mobileum SS7 firewall

Nowadays, it is mandatory for a CSP to have its network protected against SS7 threats. Mobileum SS7 firewall handles all the GSMA threat categories and goes beyond, creating proprietary rules-based upon its immense market and deployment experience.
  • Machine Learning Analytics to detect new threats and outliers.
  • Cross Protocol Protection associating SS7 messages with other protocols.
  • GSMA category threats 1,2 and 3 and beyond.
  • Expert rules created on-demand to address new and advanced scenarios.
  • Rate limit / Traffic ratios.
  • Ease of operation to manage thousands of attacks per day.
  • Distributed architecture.

Security - The first line of defense

Discover what are the security challenges in telecom signaling and how Mobileum addresses them.

GTP Firewall

Since the use of 2.5G, GPRS Tunneling Protocol (GTP) has been used as a communications protocol through mobile networks and it is still used in 4G/LTE and 5G non-standalone architectures.

Mobileum GTP firewall provides security and scalability while protecting the mobile core against GTP-based threats. Mobileum GTP firewall is not only able to perform stateless checks but also stateful checks which gives CSPs a wider spectrum of security while performing cross-protocol validations.

The main advantages of Mobileum GTP firewall

A GTP firewall provides security and scalability, while protecting the mobile core against GTP-based threats through GTP interfaces. Mobileum’s GTP firewall has the following features.
  • Machine Learning Analytics to detect new threats and outliers.
  • Cross Protocol Protection associating GTP messages with other protocols.
  • Implements basic GSMA FS.20 Category 1,2 and 3, plus advanced Mobileum proprietary protection.
  • Huge scalability.
  • Support for GTP v0, v1 and v2.
  • Capability to monitor S8 and Gp interfaces.
  • Flexible configuration, with powerful options depending on the source, messages, and consistency between layers.
  • Future proof, Mobileum is a contributor for FS.11, FS.19, FS.20 and FS.37 Draft GTP-U attack threats and mitigation.

On the Radar - Ovum Report

Mobileum offers a signaling firewall with upgrade to secure standalone 5G.

GTP in a 5G non-standalone scenario

As traffic, devices, and interconnection partners increase, so does the use of GTP. The transition to 5G is happening and most operators will choose to deploy 5G in stages, using a common 4G core as 5G RAN is being launched. Consequently, for non-standalone 5G deployments, GTP-C and indeed diameter will be used, which means threats to 4G core elements will still be present during this hybrid period.

Mobileum Highlighted in Gartner Report

Mobileum named a 5G reference vendor in Gartner’s “Hype Cycle for Identity and Access Management Technologies, 2020”

Risk Involved With Leased Network Assets

Numerous Service Providers around the world lease access to their Global Titles and Hosts to various enterprises. for purposes such as:

  • Sending Application 2 Person (A2P) SMS: For example, Bank sending alerts via SMS to their customers.
  • Perform signaling vulnerability assessments: For example, a company may want to use a Global Title to send signaling messages that may be used to penetrate a mobile operator’s network legitimately, based on the mobile operator’s written permission.
  • Perform real-time velocity checks for tracking location of opted-in subscribers: For example, a bank wanting to confirm the location of the user to validate a foreign credit/debit card transaction.
  • Track location of IoT/M2M assets: Global fleet management companies may want to periodically track the location of trucks, cars, etc.
  • Sponsored Roaming etc.

With SS7 and Diameter assets being leased, signaling stacks widely available and appropriate hardware, modestly priced, access to the SS7/LTE network is now available to hackers on a modest budget. Whilst the examples outlined above may be legitimate, there is lots of evidence that such access is widely abused and exploited by hackers. Access can be used to send “malicious” or “perceived malicious” messages into the network. For example, a GT is provided for sending A2P SMS but is used to track a high-value subscriber in a roaming partner network and possibly spy upon their calls and SMS. An enterprise might use access to send promotional messages to certain high-cost destinations for CSPs (incurring termination charges). Such access could be exploited to send spam and smishing messages.

GSMA Code of Conduct

Following repeated coverage of these issues in the global press, the GSM Association recognized the widespread concerns regarding the leasing of Global Titles. As a result, a formal Code of Conduct is being drafted which should be adhered to by all parties involved in the GT leasing value chain, parties such as GT Lessors, Transit Carriers, and GT Assignees. Subject to approval, the code of conduct places an unambiguous obligation upon GT Lessors to actively manage and control the use of their leased GTs, using real-time technical controls such as an outbound firewall.

Signaling Outbound Firewall

Mobileum Signaling Outbound Firewall works on zero trust architecture i.e., it operates on the basis of not trusting anybody or anything inside the network perimeter and applying restrictions to activities i.e., the interworking function should only be addressed with requests needed for this particular interworking scenario. It enforces controls at the individual originating Global Title/Host level to allow/block specific signaling operations or block specific destinations.

The main advantages of Mobileum Outbound Firewall

CSPs not only need to protect their own network but also have them to ensure that their own network is not compromised and cannot be used to send malicious traffic to other partner networks. Mobileum SS7/DIAMETER Outbound firewall handles all the GSMA threat categories and beyond, creating proprietary rules-based upon its immense market and deployment experience.
  • Check for fraud in SS7 & LTE domain from within the operator and potential physical break/penetration into sites to gain signaling access.
  • Provides real-time velocity checks for the detection of fake UL – a significant advantage over pure STP/DRA vendors who lack this capability.
  • Allows selected message types from GT/Host.
  • Ability to apply rate limits to outgoing traffic per GT/Host.
  • Consistency check of messages – i.e. deliberately constructing attack messages.
  • Application of Message Sequence and customized advanced rules.
  • SMS rules to check senders, binary, volume, spam/A2P content.
  • Dashboards and reports to analyse partners behaviour.
  • Ease of operation as it uses the existing rule framework.
  • Single platform can be used to apply policy on incoming and outgoing traffic.
  • Fully integrated into the Mobileum Signalling Firewall with the ability to control both incoming and outgoing traffic from one portal.

Find deeper information about our security products

Mobileum offers a full portfolio of protection.
Cross-Protocol Signaling Firewall
Mobileum has a state-of-the-art signaling firewall as part of its security threat detection portfolio, protecting against malicious attacks under network signaling systems like SS7, CAMEL, Diameter, MAP, GTP, SIP and 5G HTTP/2.
SMS Firewall
Our SMS Firewall has a comprehensive set of features and functionalities that allow MNOs to fight grey route threats coming from SIM farms and other bad actors having also the capability to provides MNOs with a safe, spam-free network environment that their subscribers can trust.
Bypass Fraud
Leverage security feeds to tackle bypass fraud, one of the most damaging and costly type of fraud, particularly affecting countries where the costs of terminating international calls are very high.