NGFW: The 5G-ready Next Generation Firewall

Advanced, next-generation telecom security system that combines detection and protection capabilities to enable complete application-level inspection and intrusion prevention.

Why the need for next generation firewalls (like ngfw) for telecom network security?

The massive environment created by 5G, and edge-based computing presents a new and highly vulnerable threat landscape. As cloud, data, and IoT threats merge, it provides a pathway for adversaries to spread malware via IoT network, disrupt core functions and use routers as IoT botnets to launch DDoS attacks. Given that 5G network currently interoperate with existing 4G legacy network, and a minority of 5G network will be built base up, CSPs would require a fundamental shift in security approach to ensure holistic security across both 5G and legacy LTE network.

text
text

NGFW – Comprehensive platform to secure signalling network, protect subscribers, and safeguard core assets against advanced cyberattacks

Built using cutting-edge technologies and our team's global expertise in advanced telecom security systems, SecurityGen’s Next Generation Firewall (NGFW), is a state-of-the-art platform built on cutting-edge technology that combines comprehensive visibility, with intelligence and high-powered analytics to protect the 5G and LTE network ecosystem. It also provides enhanced protection by integrating detection and protection capabilities and allows for complete application-level inspection and intrusion prevention.

How our NGFW platform ensures comprehensive network protection.

Built using cutting-edge technologies and our team's global expertise in advanced telecom security systems. SecurityGen’s Next Generation Firewall (NGFW), is a state-of-the-art platform built on cutting-edge technology that combines comprehensive visibility, with intelligence and high-powered analytics to protect the 5G and LTE network ecosystem. It also provides enhanced protection by integrating detection and protection capabilities and allows for complete application-levelinspection and intrusion prevention.

text

Capabilities

Comprehensive network Visibility

The platform provides a complete picture of what is going on in the perimeter of signalling network and helps identify security flaws that could result in compromises. As 5G platforms are implemented, CSPs get critical support with threat prevention and detection on HTTP/2 and PFCP layers.

Threat Intelligence

Backed by insights from our research team, SecurityGen’s NGFW is updated with state-of- the-art capabilities and offers both detection of and protection from new-age hackers and cyber-attacks.

Enhanced Protection: integrating real-time visibility and active protection

The system blocks all malicious messages for SS7, Diameter, GTP, and 5G core. It helps identify targets and sources of illegitimate traffic and responds quickly and decisively. Real- time notification capabilities have an immediate positive impact and boost overall security levels.

High powered Analytics

NGFW provides a comprehensive view of the Inspect, Protect and Detect protocols on a single screen.

  • One-click rule creation from IDS to FW
  • Correlation between IDS attacks and FW events
  • Control security politics and FW settings, detect FW bypass

NGFW Modules

SecurityGen’s advanced NGFW is equipped to address Advanced Persistent Threats (APTs) and delivers robust core security and active protection with full performance and redundancy. The platform includes several modules:

  • IDS (passive analyze) & FW (active filtering) 5G Standalone & Non-Standalone protection

    Information disclosure: Subscriber and network DoS: Subscriber and network Subscriber data interception

  • 4G/3G/2G - Legacy protection:

    Information disclosure: Subscriber and network DoS: Subscriber and network Subscriber data interception (SMS, calls, data) Fraud: SMS, calls, online charging

  • Analytics

  • Statistics

  • Reporting

Use Cases - How NGFW helps detect, and protect against all types of attacks

Automate and simplify security operations

The system combines the best-in-class signalling intrusion detection (IDS) and business intelligence (BI) modules with active firewall modules. It turns security monitoring, signalling traffic analysis, and blocking attacks into a single straightforward process.  The system offers out-of-the-box detection and prevention of all types of attacks targeted at subscribers and CSPs infrastructure, allowing for faster incident response and investigation.

Incident investigation and response

The system provides rich analytics and reporting capabilities that enable MNOs to take immediate actions and respond to threats as they arise . The comprehensive dashboard with aggregated data, actionable attack and event-related reports helps mitigate attack consequences and perform real-time or retrospective incident investigation.

Incident reporting

In the event of a security incident, it is imperative to collect information and transfer it to the regulator or management/special service. By using a simple and efficient procedure, the system helps security officers collate all necessary information about security incidents into one pack.

Making SOCs and other security measures more effective

The system helps evaluate the adequacy of other security countermeasures and provides valuable information to improve their performance.It provides SOCs with complete signalling network visibility, thus making it easier to verify if an attack was successful, reconstruct the kill chain, and gather evidence.