Pieter Veenstra, Senior Manager Product Development – Security and Routing

Recently the GSMA approved a first set of guidelines for Signaling Firewalls of the Diameter protocol. This important achievement is the result of an elaborate action between 50 subject matter experts of leading mobile operator groups and telecom security vendors in the GSMA Fraud and Security Group (FASG).

This is again an impressive milestone in the GSMA after the guidelines for SS7 guidelines in 2016. The new guidelines for Diameter Firewall are of great value to the mobile industry given the heavy growth of mobile roaming traffic. This is particularly caused by the abolition of the international roaming tariffs within Europe and the explosion of IoT devices. In parallel operators are faced with an increase in security incidents and grow in severity like the recent banking fraud incidents in Germany due to vulnerabilities of the SS7 signaling network.

With implementing these guidelines operators will improve the security of their international mobile roaming services when deploying the Diameter protocol. These new guidelines offer an equivalent level of protection as with the GSMA guidelines for SS7 Signaling Firewalls because most of the current SS7 threats equally apply when Diameter will be used for the international mobile roaming services as today with SS7. This refers to attacks like Location Tracking, Call and SMS Interception, Banking and Authentication Fraud, and DOS attacks.

It is generally understood however that the Diameter protocol is more vulnerable sensitive than SS7 because of the extra complexity and the flexibility of the Diameter protocol. This resulted in a more extensive documentation of the guidelines for Diameter Firewall in the new GSMA document FS.19 v2.0 compared to what was specified in GSMA FS.11 for SS7 Firewall.

Because of the openness of the Diameter protocol, flexibility of the firewall logic is viewed as a key capability including the possibility to define Customized filtering rules. This to ensure operators have the means to include an extra protection scheme instantly in case of a new attack vector. Customized filtering rules will also be of great value to cover network specific situations as well as for the protection of Diameter interfaces with the surrounding networks like the interconnections with MVNOs.

NetNumber is actively contributing to this activity in the GSMA FASG. After proposing and leading the work to translate the FASG MAP risk classification into recommended SS7 firewall rules in 2016, NetNumber this year is the primary author and editor of the Diameter firewall guidelines in the FS.19 document. The GSMA guidelines for both SS7 and Diameter are implemented in the NetNumber Signaling Firewall.

The NetNumber Signaling Firewall offers a multi-protocol protection capability as part of a single application on the TITAN platform. This dramatically eases its operations and offers operators a seamless migration capability from SS7 to Diameter because of the shared protection capabilities and same working principles. The NetNumber Signaling Firewall is deployed by leading mobile operator groups to protect their networks. To learn more about how we can help protect SS7 and Diameter networks, contact sales@netnumber.com.

Categories: Blog

2 Comments

Dave Coder · March 27, 2018 at 12:01 pm

Hi,
Where can I download the latest version of the FS.19?

    Kim Gibbons · March 28, 2018 at 12:04 pm

    Hello:

    The FS.19 is a confidential document from the GSMA. Your company will need to be a GSMA member to access.

    You can register for the GSMA info centre to become authorised. Then download the published version.

    Here is the link to access the latest draft that is now finalised and waiting final GSMA approval:
    https://infocentre2.gsma.com/gp/wg/FSG/RIF/SFW/SIGFW%20Drafts/Forms/AllItems.aspx

Leave a Reply

Your email address will not be published. Required fields are marked *