Cellusys Diameter Firewall
Although Diameter is an improvement from SS7, it is subject to the same vulnerabilities and many more. Messages sent over Diameter are prone to man-in-the-middle attacks because they are read at several stages and by several systems…
Although Diameter is an improvement from SS7, it is subject to the same vulnerabilities and many more. Messages sent over Diameter are prone to man-in-the-middle attacks because they are read at several stages and by several systems. Diameter, like GSM MAP delivers various user-related data called Attribute Value Pairs (AVPs). These can be easily modified or inserted, and therefore, to defend against attacks, all AVPs must be screened and signalling controlled on all messages.
Unified or Independent
Diameter Firewall can be deployed standalone or can be complemented with additional protocols as additional modules of the Unified Signalling Firewall as needed in the future.
- All modules intercept both national and international messages
- Uses REST API integration
- All Cellusys products support virtual deployment or can be installed on our customized servers
The GSMA categorises not only different Diameter messages and interfaces, but also different anomalies of packet networks and levels of filtering. Cellusys Diameter Firewall incorporates all four levels of filtering.
- Category 0 screening is a basic low-level look at non-application information such as format, IP address, and host addresses.
- Category 1 looks at an individual Diameter interface and ensures that the proper command and application identifier are allowed.
- Category 2 drills down further by looking at the actual data being sent (AVPs).
- Category 3 examines location and time-based feasibilities.
From the first day of deployment, pre-defined rules ensure all known threats are blocked. From here, the rules engine, using advanced matching algorithms, not only detects the threats but also provides valuable intelligence in real time, assisting security teams to actively stop any new undefined threats and identify the source.
New policies can be created and implemented immediately without relying on third parties or software updates. Users have full access to the protocol, and can easily customise the flexible rules engine via the user-friendly web interface to implement broad policies as well as attain fine-grained control.
- Equipped with powerful (yet agile) reporting and alerting features, not only will your network be secure, you can be sure to have the most accurate information about your network traffic and security at your fingertips.
- Customize real-time alerts to be notified the moment a threat occurs.
- Everyone on your team can be provided proper access levels and customize reports to suit their individual needs (no matter their level of technical expertise) thanks to the intuitive GUI.
- Easily set alerts or publish reports as broad as traffic overview or drill down to monitor a suspicious caller ID. Troubleshoot VIP complaints and monitor message volumes with the touch of a button.
Signalling Providers and Signalling Hubs
Signalling is your business — at least make it secure. We have provided many Tier 1 signalling hubs with the capability to control and secure their signalling.
Fully compliant with GSMA FS.19
GSMA FS.19 Diameter Interconnect Security was first approved by the GSMA in 2015 and has been updated regularly since then. Version 7.0 was published in May of 2019. It outlines known threats in the context of LTE roaming and SS7 interconnect and recommends countermeasures to detect unwanted and malicious messages and set firewall policies. GSMA guidelines are often the basis for public policy and regulation regarding signalling security.