SS7/Sigtran Firewall

Safeguarding against illegal SS7/Sigtran signaling threats

Software Conforms to latest GSMA standards
Agility & Flexibility Efficient reporting & alerting
Multi-Service Networks Protection against possible threats using fraudulent SS7/Sigtran signaling traffic
Successful Deployments Configurable actions on bad messages
Installations/Operators Worldwide Carrier proven feature with world wide deployments
Customer Satisfaction Preserves subscriber confidentiality and service satisfaction

SS7/Sigtran Firewall

Extremely protected and obscured SS7 signaling has been explicitly targeted for several treacherous activities at operator inter-connections due to wide-spread deregulation and global expansion of mobile communications along with the other factors.

MACH7 SS7/Sigtran Firewall is designed to protect operators from these attacks by monitoring and screening signaling traffic on real-time. Illegal messages can be either blocked or logged depending upon operator needs. This enables service providers to uphold their credibility by ensuring continuous flawless service and confirming trusts from its subscribers and inter-connect / roaming partners.

Features & Highlights
  • Compliant with GSMA recommendations
    • FS.07 SS7 and SIGTRAN Network Security
    • FS.11 SS7 Interconnect Security Monitoring Guidelines
    • IR.82 Security SS7 implementation on SS7 network Guidelines
  • Available on both Bare-Metal & Telco Cloud environment
  • Provides solution for 3 (three) categories of threats, as classified by GSMA
    • Category 1: for Intra-PLMN validation for messages originated from home network
    • Category 2: for HPLM validation for messages received for inbound roamer(s)
    • Category 3: for VPLMN validation of messages received from outbound roamer(s)
  • Multi-tiered deep inspection of message contents & validations, including application layer contents
  • Checks for Preferred PLMNs, using White List, Black List of favorable operators
  • Confirm Address consistency within message parameters to prevent spoofing
  • Block Subscriber location & state query from external networks
  • Easy-to-use provisioning interface for illegitimate intrusion detection and prevention procedures
  • Protection again message flooding & denial-of-service attacks
  • Configurable actions from ALLOW / BLOCK / BLOCK_AND_SEND_ERROR & others
  • Offers consolidated deployment with Diameter & GTP firewall capabilities

Ready to talk?

Send us an email and someone from our team will get in touch within 24 hours.

For Sales

For Careers

For Everything Else