TITAN.IUM Signaling Firewall (SFW)

NetNumber’s TITAN.IUM Signaling Firewall (SFW) provides a highly scalable Multi-Protocol Signaling Firewall that can be used to protect operator networks and their subscribers from today’s security threats as well as those that will inevitably emerge tomorrow. The same SFW can be used to protect SS7, Diameter and/or SIP signaling networks.  The TITAN.IUM SFW can statefully monitor both individual protocol dialogs and cross protocol parameter congruency, allowing it to incorporate all available information when evaluating signaling messages for plausibility, possible fraud and many other use cases. 

Despite covering all of SS7, Diameter and SIP, the TITAN.IUM SFW can dive down to operate upon any parameter of any message, even parameters in nested Diameter AVPs.  Operations can include message screening, message modification and message rate limiting, which can be applied to all or to just specific messages.  If security violations are detected, the SFW can be configured to silently discard such messages, or raise configurable error messages and/or alerts.  Taken together, these capabilities allow the SFW to protect downstream network elements from overload, enforce SLA limits and protect against fraud. 

The TITAN.IUM SFW is designed to detect and protect against attack scenarios defined by the GSMA Fraud and Security Group (FASG), as described in GSMA FS.07 (SS7 and SIGTRAN Network Security), GSMA FS.11 (SS7 Interconnect Security Monitoring and Firewall Guidelines), GSMA FS.19 (Diameter Interconnect Security), GSMA FS.21 (Interconnect Signaling Security Recommendations) and GSMA FS.38 (SIP Network Security) papers. The SFW can also be configured to detect and protect against Wangiri fraud and robocalling fraud. 

With three highly flexible deployment models, Signaling Firewall can be deployed into almost any network topology, often without disruption to existing routing plans.  SFW can be overlaid onto existing signaling elements, deployed in front or behind existing nodes, or can be integrated with other NetNumber-supplied elements. 

As a member of the TITAN.IUM Container-Native family of products, the SFW affords a highly scalable, geo-redundant solution, also providing for close interworking with 5G Signaling Edge Protection Proxy (SEPP) integrated HTTP/2 based Firewall functions. 

rm for some time about the security vulnerabilities of the SS7 protocol widely used as the signaling basis for fixed and mobile (2G/3G) networks.  The emergence of 4G has not reduced the level of alarm.  

It is true that 4G has driven widespread adoption of Diameter and SIP as the new primary signaling mechanisms for mobile networks.  However, rather than resolving signaling security concerns, this has amplified those concerns, driven by the All-IP nature of Diameter & SIP.  This All-IP aspect makes Diameter & SIP vulnerable to a wide range of security exploits over and above those besetting SS7.  Fraudsters worldwide are gleefully, creatively and vigorously exploiting this fact. 

In response, operators need to secure their SS7, Diameter & SIP signaling architectures in a way that addresses not only already known vulnerabilities, but also protects their networks in real time against newly emerging threats in a manner that allows them to react in real time without waiting for a vendor-provided solution.