SS7 Firewall

SS7 Firewall (SS7FW) is in use with leading mobile operators around the world. The SS7FW provides operators with a default set of firewall rules that implement the GSMA specifications FS.11. None of the firewall rules in the system are ‘hard-coded’ and can therefore be adapted for/by the operator as required.

The SS7FW reduces the window of opportunity for criminals to exploit a breach on their mobile network. It detects and blocks duplicated SIM or SIM Swap fraud in real-time by performing velocity tracking. This unique feature automatically determines – with a high degree of accuracy – whether roaming location changes are plausible in terms of the speed normally required to bridge that distance (‘time-distance plausibility’).

The easy-to-use Graphical User Interface provides full control of firewall rules and insight into signaling traffic. It gives extensive flexibility to configure, adapt, enable or disable firewall rules that can be deployed across all supported access technologies. The use of readily available templates means operators do not require vendor involvement, scripting or coding to manage or customize firewall rules.

SS7FW will improve the operator’s effectiveness in dealing with unexpected (fraudulent) behavior and significantly increases roaming security. The BroadForward SS7FW offers major differentiators compared to traditional firewall products:

• Unrivaled flexibility. Routing, screening and filtering on any parameter of SCCP, TCAP, INAP and MAP messages. Freedom to create, adapt and deploy security rules at any time without need for coding or scripting or vendor dependency.
• Transparent mode support. Unique, live – non-intrusive – effectiveness testing of all security rules while logging Event Detail Records for offline evaluation.
  Velocity check support. Advanced location tracking function (GSMA FS.11 Category 3 compliant), including global neighboring country lists and velocity checks for location change plausibility checking.
• Fully compliant with the relevant GSMA FS.11 recommendations.
• Security suite combination support. 2G/3G/4G (and in the future 5G) Firewall support in a single engine software design.
• Flexible deployment models. Standalone SS7FW or in combination with e.g. Diameter FW (and later 5GFW), using shared location tracking, common GUI interface, single capacity license.
• Completely GUI based. All configuration, rules orchestration, monitoring and management can be done using the graphical user interface.
• Active anomaly detection support. Provides reporting/notification interfaces (such as HTTP, SMS & SNMP).
• Carrier grade. Highly scalable, high available, geo-redundant solution.