GTP Firewall

Defense against bad GTP-C traffic related issues

Multi-Service Networks Monitoring & control of GTP-C traffic against security threats
Agility & Flexibility Efficient reporting & alerting
Software Conforms to latest GSMA FS.20 recommendation
Successful Deployments Configurable actions on bad messages
Features & Turnkey Protection against manipulated & fake messages
Customized Training Cross-protocol checks for complex threat scenarios

GTP Firewall

teleSys GTP Firewall solution enables complete control on signaling threats using GPRS Tunneling interface. Provisioned with GSMA defined policies as rules, this firewall solution provides a robust firewall framework to secure service providers network from all possible signaling threats when deployed along with other signaling fire wall capabilities.

As in other teleSys’ firewall implementation, it allows full customization of message validation flows depending on carrier specific deployment.

Features & Highlights
  • Compliant with GSMA recommendations
    • FS.20 GPRS Tunnelling Protocol (GTP) Security v3.0
  • Available on both Bare-Metal & Telco Cloud environment
  • Provides solution for 3 (three) categories of threats, as classified by GSMA
    • Category 1: for type of messages being sent on individual interface
    • Category 2: for HPLM validation for messages received for inbound roamer(s)
    • Category 3: for VPLMN validation of messages received from outbound roamer(s)
  • Filtering Options include, RAT, IMSI and APN filtering
  • Deep inspection of GTP Header & inspection of IE in payload
  • Checks for GTPv1-c and GTPv2-C messages that use reserved IE values
  • Validation of the order of IEs present in the message
  • Checks for malformed packets and unknown / incorrect message types
  • Stateful inspection to track GTP session on real time
  • Location validation of subscribers
  • Easy-to-use provisioning interface for illegitimate intrusion detection and prevention procedures
  • Protection again message flooding & denial-of-service attacks
  • Configurable actions from ALLOW / ALLOW_WITH_REPORT / BLOCK / BLOCK_WITH_REPORT & others
  • Offers consolidated deployment with SS7/Sigtran & Diameter firewall capabilities

Ready to talk?

Send us an email and someone from our team will get in touch within 24 hours.

For Sales

For Careers

For Everything Else