Skip links

SigWall Solution

Multiprotocol

Multiprotocol Signaling Security platform with cross-protocol and cross-operator correlation.

Analytics

Includes analytics engine for threat detection and intelligence acquisition.

Optimized

Optimized for multi-layer deployment with isolation of critical information
to be available only on an agency level.

Various integration options

Various Integration options for operator networks – SigWall can be integrated in every operator environment.

Open

Open for integration with other security systems/solutions.

Compliant with GSMA

Compliant with GSMA recommendations augmented by continuous internal research
and Security Operating Center incident management and threat hunting.

Details

Protocols

  • SS7 (MAP/CAP/INAP/ISUP)
  • Diameter
  • GTP (v0/v1/v2)
  • SIP

Processing Modes

  • Active:
    Loop mode,
    Gateway mode, Transparent mode,
    Mixed mode
  • Passive:
    IDS mode with or without active queries

Processing Layer

  • Based on Erlang technology
  • Flexible rules-based engine
  • Open to build real-time detection and correlation rules using any parameter from
    all protocol layers
  • Allows cross-protocol correlation (e.g. GTP+SS7, SIP+SS7, SS7+Diameter, Diameter+SS7)
  • Allows external queries
    as a part of rules logic (internal/external DB, SS7, Diameter, Web Services)

Deployment Types

  • Operator – focused on a single operator, managed
    by the operator
  • Group-level – multi-operator deployments – manager
    on the group level as well as locally
  • Country-level – where homeland security is the highest priority Multi-operator deployment managed on country level by State Security

Support Services

  • 24x7x365 Support team ready to provide incident response.
  • Periodical and on-demand analysis of the signaling traffic
  • Open for product customizations and integration with external incident management (SIEM) systems.

Focused on State Security

Delivers State Security incident management and threat hunting.

Complete Solution

Integrated system for country-wide deployment with State Security level management.

Offensive capabilities

Innovative feature which can be used for internal security testing.

Counter-intelligence

Contains counter-intelligence algorithms (honeypot, decoy features, fake answers).

Experience

Long list of references

High experience in Signaling penetration testing.

Proven quality

Dozens of successful projects on 3 continents without causing any network disruption.

Created by the best

International team of passionate experts.

Performance-Driven

Developed by experts with wide portfolio of security products and services.

Security Threats

VIP SMS and calls inception

Faking VIP communication

(fake sender identification)

Bank account takeover

Serviceunavailability for VIPs or large groups

Mobile phone infection with virus and trojans

VIP tracking

Social media / email account takeover

Massive scale fraud

Spamming with fake sender identity

Mobile Network Operators became a strategic asset in the world economy.

Security of the operator’s Network is crucial to the homeland defense.

From technical point of view signaling networks inherit a lot of vulnerabilities being a major vector of attacks.

Without an additional layer of protection the operator is exposed to attacks leading to obtaining subscriber location, interception of calls and messages, service denial, phone infection and many others.

It is a threat to security of citizens, enterprises and governments.

Warfare

With developments in communication, the four dimensionsare constantly connected. Based on this constant data flow being prone to abuse, fifth dimension has emerged –
cyber warfare, permeating all of the domains

Until the early 20th Century, warfare was a three-domain act,
Involving sea, land and air. Late 20th century has moved wars into space.

Our

Recommendation

Network protection

All operators should have a Network Protection Solution installed.
SigWall is a unique Multiprotocol Firewall with cross-protocol correlation

Limited trust

Operators cannot be treated as trusted parties – they are usually owned by external (often foreign) entities.

Government supervisory

The Network Protection Solution should be governed by State Security Agency.
The Agency should be a decisive entity regarding exact security policy applied.

Protection strategy

Firewall is a security solution, as well as a source of a very important intelligence data.
It is of highest importance to apply and maintain an appropriate protection strategy based on reliable tools.

State Security is managing the security and intelligence gathering for all operators.