The Cellusys Signalling Firewall joins multiple protocols into a single platform providing a central point for implementing network signaling security procedures. Signalling Firewall’s unique 4-tiered design includes:
Message Screening – Any Protocol, Any Layer, Any Message and Any Diameter Attribute Value Pair (AVP)
Contextual Awareness – Provides a powerful tool in determining whether otherwise valid messages are a threat to the network or subscribers based on their context.
Near Real-time Streaming analysis – Allows user defined triggers (GTT, Network, etc.) to be used to define a category for scoring. The resultant score is sent to message screening rules to affect incoming messages.
Reporting – flexible reporting enables the definition of metrics, thresholds for alerting and the publishing or reports based on these criteria.

Benefits for you, the mobile operator

  • Operators are able to detect threats and prevent attacks of each of the 5 critical types: Tracking, Intercept, DoS, Fraud, Spam
  • Multiple rules for powerful policy enforcement. The firewall is able to execute complex tasks, with inbuilt Signalling Intelligence
  • Full control over the network signalling protocols:
    • SS7 MTP3 through MAP
    • Diameter — all messages, all Attribute Value Pairs (AVPs)
  • Fine-grained filtering, which enables operators to guard against signalling attacks while allowing valid messaging into the network
  • Detailed reporting and alerting of issues
  • Flexible pipeline architecture, enabling new modules to be quickly deployed in response to newly arising threats
  • TCAP De-duplication module detects and removes looping messages
  • Protection of subscribers’ IMSIs. SMS Router returns fake/masked details for IMSI/MSC addresses when external entities are querying for subscriber information
  • SMS Router verifies roaming subscriber’s location before accepting messages from that location

Find out how the Cellusys Signaling Firewall solution can help you:

  • Protect your network
  • Protect your subscribers from fraud
  • Protect your subscribers privacy
  • Protect your revenues.

SS7 Signalling was designed for a very different environment to that of today.

In the 1980s, among the small number of mobile telecoms operators – all state-owned, or large corporations – there was a high level of trust. They simply needed a ‘walled garden’. No authentication was built in to SS7.

Now in 2015, and with 800-plus operators in the market, it’s easier than ever for companies to get access to the SS7 network. Operators and roaming hubs are selling access at relatively low cost. Some operators have even resorted to selling their roaming agreements – so once someone has access in one territory, they have access to the SS7 network – and all subscribers – worldwide.

Cellusys SS7 Firewall and Diameter Firewall addresses these threats in the legacy SS7 and the next generation LTE/EPC Diameter based networks.