Intelligence-Driven Signaling Firewall for Your Mobile Network
Mobile network operators use the Enea Adaptive Signaling Firewall to protect 2G, 3G, 4G, and 5G networks against signaling threats such as fraud, DoS attacks, call and message intercepts, location tracking, and privacy data leaks.
A unique combination of advanced detection methods, developed from extensive signaling threat research and global signaling threat intelligence data, ensures the Adaptive Signaling Firewall can protect against any emerging threats, even in networks that have not been targeted with a specific attack type.
Cross-Protocol Signaling Security
The Adaptive Signaling Firewall is a true multi-protocol firewall, protecting the SS7, Diameter, GTP-C, HTTP/2, SIP, and ISUP protocols.
Based on a single platform processing all signaling on all protocols, close correlation is made possible during active processing, not just post-processing or reporting. This gives it the edge to efficiently counter sophisticated attacks spanning several protocols by detecting and blocking them in real time.
Cross-protocol correlation draws intelligence and insights from all protocols simultaneously, leaving no gaps for malicious actors to exploit.
Deploy Right-Sized Security Anywhere
The Adaptive Signaling Firewall deploys on any public, hybrid, or private cloud, virtualized environments, or bare-metal servers. It is built on a cloud-native, containerized architecture running on Kubernetes. The diversity of deployment options allows operators to install the Adaptive Signaling Firewall on infrastructure used today, with complete confidence that it will support any future cloud migration or infrastructure change. Containerization makes scaling easy, providing right-sized signaling security at all times.
Standards Compliance and Beyond
The Adaptive Signaling Firewall complies with the GSMA FS.11, FS.19, FS 20, and FS.36 guidelines. It covers all aspects of GSMA’s Cat 1, 2, and 3 security recommendations. It goes beyond the standards to detect unusual lower-level activity, inconsistencies in signaling messages, and other anomalies.
Adapt to New Signaling Threats in Minutes
Rules logic for detecting and blocking malicious signaling messages is created or updated through an intuitive user interface configuring the platform instead of changing its runtime components. Changes in the algorithms are done without service interruptions and without waiting for a maintenance window, meaning updated security can be in place in minutes, not months.
The Adaptive Signaling Firewall includes a Secure Edge Protection Proxy (SEPP) for protecting 5G SA interconnects. This works in tandem with the HTTP/2 firewall for 5G SA signaling. 5G NSA signaling is protected through the Diameter firewall.
Backed by the Top Signaling Security Analysts
We integrate the best of our expertise with technological innovation and AI to produce superior intelligence that keeps you ahead of threat actors. Our intelligence is based on the billions of signaling events from across the globe that we process daily to keep subscribers and businesses safe.
Enea’s Signaling Handbook for Mobile Network Operators and Regulators
Discover everything you need to know about mobile signaling, including exploitable vulnerabilities, risks, and how to secure signaling networks.
uncover anomalies across protocols
Multi-Protocol Signaling Firewall Correlation
Malicious actors are not constrained to attacking single protocols. They attack the interface that gets them through and enables them to reach their goals. Increasing sophistication and complexity can be seen in recent attacks, especially when backed by nation-states. Complex attacks carried out over multiple protocols simultaneously would go unnoticed if the protocols were protected in isolation.
Other attacks on a single protocol can also be discovered through multi-protocol correlation. For example, something is not correct if signaling related to a single subscriber shows up at the same time on SS7 in one location and Diameter in a completely different location. A cross-protocol correlation is needed to catch this abnormality.
SS7 is notorious for its vulnerabilities, which stem from an assumption of trust in a closed network while, in fact, access can be bought by governments and corporations. SS7 has long been the primary attack surface for malicious agents, who constantly find new ways to exploit it as standard security measures are installed. It needs to be protected by an SS7 firewall like Enea’s Signaling Firewall, which goes beyond basic regulatory requirements, providing protection that adapts to sophisticated and complex attacks.
In some respects, Diameter provides improved security compared to SS7, but without a Diameter firewall like Enea’s Signaling Firewall, it can still be accessed and exploited through interconnects. As SS7 becomes better protected, malicious actors find new ways to exploit Diameter to achieve their targets.
GTP-C also has built-in security flaws, making it vulnerable to, for example, fraud and DoS attacks. Also, GTP is beginning to become targeted by adversaries. Enea’s GTP-C firewall can block attacks effectively.
Talk to a Signaling Expert
Contact us if you are interested in learning more about the Adaptive Signaling Firewall and our signaling security portfolio.