Signaling Firewall | Products

Signaling Firewall Types

Check out our signaling firewalls

Diameter Firewall

The increasing rollout of 4G LTE, IoT, VoWiFi, VoLTE and VoIP networks is seeing a rise in the volume of diameter signaling on networks worldwide. Mobileum provides a comprehensive signaling firewall to manage and secure diameter networks from threats that are more and more common, trying to gain access to valuable information, exchanged between CSPs networks.

Diameter is a protocol that uses a basic unit called Attribute Value Pairs (AVPs). These can be easily modified or inserted, and therefore, to defend against attacks, all AVPs must be inspected and monitored. Mobileum’s diameter firewall ensures a safe diameter interface for CSPs network, to protect them from attacks that can reveal both network and subscriber data as well as compromise infrastructure integrity.

The main advantages of Mobileum Diameter firewall

With Mobileum’s diameter firewall CSPs will be able to address the current challenges of securing diameter signaling entering and leaving their network and protect subscribers from service disruptions, hijacks, and fraud.
  • Machine Learning Analytics to detect new threats and outliers.
  • Cross Protocol Protection associating Diameter messages with other protocols.
  • Supports all the GSMA Categories 1,2 and 3 and beyond, including location tracking, call/text intercept, and more.
  • Widely deployed Diameter firewall used in many CSPs around the world from large operators groups to Tier-1, Tier-2, and Tier-3 operators.

See how Mobileum can help protect & grow your business

Over 750 Telecom companies, in more than 150 countries, are scaling their business with Mobileum solutions.

SS7 Firewall

SS7 was designed to be used by a few state-owned operators and in this respect, it was considered to be used within trusted environments, with no inbuilt security. However, with the evolution of the interconnected world, the mobile context changed and the initial assumption is no longer valid. SS7 is now exposed in differing ways, both commercially and technically.

With SS7 access now being leased, SS7 stack widely available and appropriate hardware, modestly priced access to the SS7 network is now available to hackers on a modest budget. For both inbound roamers and their own subscribers, it is vital to validate the source and purpose of a message before passing it through to the network element for processing. Mobilieum offers an SS7 firewall to handle all the threats to guarantee that a Mobile Operator has a secure SS7 network and that their subscribers are secured from threats like call interception or location tracking.

The main advantages of Mobileum SS7 firewall

Nowadays, it is mandatory for a CSP to have its network protected against SS7 threats. Mobileum SS7 firewall handles all the GSMA threat categories and goes beyond, creating proprietary rules-based upon its immense market and deployment experience.
  • Machine Learning Analytics to detect new threats and outliers.
  • Cross Protocol Protection associating SS7 messages with other protocols.
  • GSMA category threats 1,2 and 3 and beyond.
  • Expert rules created on-demand to address new and advanced scenarios.
  • Rate limit / Traffic ratios.
  • Ease of operation to manage thousands of attacks per day.
  • Distributed architecture.

Security - The first line of defense

Discover what are the security challenges in telecom signaling and how Mobileum addresses them.

GTP Firewall

Since the use of 2.5G, GPRS Tunneling Protocol (GTP) has been used as a communications protocol through mobile networks and it is still used in 4G/LTE and 5G non-standalone architectures.

Mobileum GTP firewall provides security and scalability while protecting the mobile core against GTP-based threats. Mobileum GTP firewall is not only able to perform stateless checks but also stateful checks which gives CSPs a wider spectrum of security while performing cross-protocol validations.

The main advantages of Mobileum GTP firewall

A GTP firewall provides security and scalability, while protecting the mobile core against GTP-based threats through GTP interfaces. Mobileum’s GTP firewall has the following features.
  • Machine Learning Analytics to detect new threats and outliers.
  • Cross Protocol Protection associating GTP messages with other protocols.
  • Implements basic GSMA FS.20 Category 1,2 and 3, plus advanced Mobileum proprietary protection.
  • Huge scalability.
  • Support for GTP v0, v1 and v2.
  • Capability to monitor S8 and Gp interfaces.
  • Flexible configuration, with powerful options depending on the source, messages, and consistency between layers.
  • Future proof, Mobileum is a contributor for FS.11, FS.19, FS.20 and FS.37 Draft GTP-U attack threats and mitigation.

On the Radar - Ovum Report

Mobileum offers a signaling firewall with upgrade to secure standalone 5G.

GTP in a 5G non-standalone scenario

As traffic, devices, and interconnection partners increase, so does the use of GTP. The transition to 5G is happening and most operators will choose to deploy 5G in stages, using a common 4G core as 5G RAN is being launched. Consequently, for non-standalone 5G deployments, GTP-C and indeed diameter will be used, which means threats to 4G core elements will still be present during this hybrid period.

SIP Firewall

With the increased usage of VoIP traffic the increasing uptake of VoLTE networks, the SIP protocol is now an important attack surface for hackers and fraudsters. The flexibility of the SIP protocol and the easy access to malicious SIP stacks enhances the complexity of protection. Multiple protocols, multiple types, and layers of rules for identifying known attacks and analytics for identifying common attack agents and sources are required to offer protection.

Mobileum’s SIP firewall checks the source of messages, consistency in header information, and provides stateful checks such as location. The firewall offers fingerprinting checks and uses information from other protocols to provide a high level of protection to your network.

The main advantages of Mobileum SIP firewall

Mobileum SIP firewall is designed to handle the most common SIP threats which include the following.
  • Impersonation (such as call id spoofing).
  • Password hacking.
  • Service usage fraud.
  • Scanning and information gathering.
  • Confidentiality threats.
  • Denial of service attacks.
  • Man in the middle attacks.

Mobileum Highlighted in Gartner Report

Mobileum named a 5G reference vendor in Gartner’s “Hype Cycle for Identity and Access Management Technologies, 2020”

Find deeper information about our security products

Mobileum offers a full portfolio of protection.
Cross-Protocol Signaling Firewall
Mobileum has a state-of-the-art signaling firewall as part of its security threat detection portfolio, protecting against malicious attacks under network signaling systems like SS7, CAMEL, Diameter, MAP, GTP, SIP and 5G HTTP/2.
SMS Firewall
Our SMS Firewall has a comprehensive set of features and functionalities that allow MNOs to fight grey route threats coming from SIM farms and other bad actors having also the capability to provides MNOs with a safe, spam-free network environment that their subscribers can trust.
Bypass Fraud
Leverage security feeds to tackle bypass fraud, one of the most damaging and costly type of fraud, particularly affecting countries where the costs of terminating international calls are very high.