Protecting against signalling threats in next generation networks

In recent years, new signalling threats have emerged that threaten the reliability and credibility of mobile services. If left unchecked, operators risk losing customers, while the industry as a whole risks the devaluation of mobile as a trusted channel of communication. This in turn could lead to a huge impact on turnover and profit.

When these threats were first identified, attention was focused on the SS7 network that has been used for signalling since the advent of modern mobile services. However, as an increasing number of operators add LTE-based services to their portfolios, they also add Diameter signalling capabilities to their networks. While this is a necessity to offer next-generation services, it also presents a new range of signalling attacks. Many of the vulnerabilities of SS7 signalling carry over directly into the Diameter domain, demanding that active steps are taken to protect subscribers and the core operator business.

The Symsoft Signalling Firewall is designed to provide protection for both SS7 and Diameter signalling, with support for stateful analysis of traffic. Offering solid protection against threats in all the categories identified by the GSM Association. The filters employed are highly configurable across all SS7 and Diameter protocol layers, mitigating the risk of signalling attacks as mobile networks and services shift to new network architectures. This includes protection against attacks based on LTE and SS7 roaming and interworking. Thanks to its configurability, the Signalling Firewall is prepared to counter known threats, as well as threats that are not yet identified.

A two-tiered approach is used for threat analysis. The first is a real-time layer that provides advanced filtering based on any supported parameter, rule or combination of rules. The second provides a more mature statistics engine, capable of crunching the collected data to provide near real-time analysis of combinations of data and complex or unusual behaviour logs. Illicit attacks and suspect traffic patterns can then be identified and blocked.

As part of CLX Communications, Symsoft has the resources and understanding of the global signalling infrastructure as well as of the geographical differences in fraudulent user behaviour. The Symsoft Signalling Firewall combines these factors in one product to help network operators easily deal with threats so that reliability service delivery is maintained and subscriber integrity is preserved.

Want to know more? Go to the Symsoft Signalling Firewall product pages, or contact us below!

Contact us!