P1 Telecom Auditor (PTA)
P1 Telecom Auditor (PTA) is a Core Network, SS7 and SIGTRAN vulnerability scanner and security auditor.
Telecom Network security scanner
The state of TCP/IP networks of the Internet in 1994 is understood to be that of a domain being opened to the external world that severely lacked security controls. Today, the security situation of SS7 and SIGTRAN is identical. PTA provides network discovery, security scanning and auditing for SS7 and SIGTRAN. It enables security and Telecom engineers to discover the security level of their network and assess the vulnerability of SS7 network elements. It also provides CIO, CTO, VP of Engineering, decision makers and top management the ability to control the evolution of their core network security using a dashboard of key indicators. Few telecom companies have a real understanding of the present and emerging risks for their Telecom Signaling network from new connections being deployed between their Core Network and the external world. Such interconnection is growing more and more thanks to the Internet and convergent services, Femto cells, 3G and even further services such as IMS and LTE. PTA offers Telecom and Mobile operators the capability to assess and analyze their security in their core network and signaling perimeters, continuously, regardless of their access technology, be it GSM, UMTS, CDMA, LTE, Wimax, UMA or LTE Advanced.
P1 Telecom Auditor technology
- Native SS7 and SIGTRAN security auditing solution
- Mission-based and Permanent scanning
- SS7 Interconnect security analysis
- Network Element, DPC and SSN exposure tests from an external perspective
- Telecom Network Elements vulnerability analysis
- External and Internal security audit
- Telecom product analysis
- SS7 external information gathering
- Web based admin, campaign control and reporting
- Reliable, repeatable scanner results, clear deliverables
- Protection methods against DoS
- Audit staging for controlled environment assessment
- Multiple Signalling Point Code support
- CDR tagging to prevent charging
P1 Telecom Auditor Fuzzing Module
P1 Telecom Auditor Benefits
- Audit protocols and systems which are specific to the telecom industry and are not tested by other vulnerability scanners.
- Detect problems before they hit you.
- Be proactive, scan your network and fix your problems today.
- Discover your network vulnerabilities before they are used to commit fraud, invade privacy or to create network downtime.
- Prevent Denial of Service by limiting entry points.
- Reduce attack surface by reducing the number of exposed Network Elements.
- Provide metrics to measure your network security.
- Detect systems and network elements misconfiguration.
- Identify quickly and continuously vulnerabilities in your systems.
Key Advantages
P1 Security solutions provide multiple advantages and key benefits to operational teams and management such as:
- Better security awareness for engineers.
- Higher visibility of potential risks through ongoing security checks against latest threats.
- Keep full control of security with regular checks on preproduction and production equipment.
- Provide comprehensive dashboard with security exposure to management level.
Audited protocols and equipment
| SS7 | Message Transfer Part 3 (mtp3), SCCP, TCAP, ISUP, TUP, MAP, OMAP, INAP, BICC, CAMEL, BSSAP, RANAP, UMA |
| SIGTRAN | SCTP, M3UA, M2PA, M2UA, IUA (ISDN, Q.931), SUA, V5UA |
| GPRS | GTP-U, GTP-C, GTP’, GRX DNS |
| AAA | Radius, Diameter |
| VoIP, ToIP | SIP, H323, Skinny / SCCP, H248, MGCP, MEGACO |
| Core network protocols | MPLS, LDP, BGP, VPLS, L2TP, GRE, IPsec, SAAL, LDP, BGP |
| LTE, LTE Advanced | S1AP, X2AP, S2a, S2b, S3, S4, S5, S5b, S6a, S7, S8, S9, S10, S11, S12, S13, Rx, SBc, SGi, Diameter |
Network Elements
- STP
- MSC, MGW
- MMSC, SMSC, FDA
- HLR, HSS, AUC, EIR
- IN, VAS, Billing Platforms
- FMS, LIG
- GGSN, SGSN
- SG, AS, ASP, SN
- GRX and IPX routers, GRX, 3G and IPX DNS, SGW, PGW / PDG / PDN GW, ePDG, GPRS billing gateways
- Internet Gateways, PS domain routers, Proxies, Legacy PS equipment, WAP GW
- ATM switches
- Billing Centre, Billing systems, reconciliation systems
- IN, AIN, CAP and CAMEL systems
- BSC, BTS, Node B, RNC, LTE e-Node B
- SBC, SIP AS, SIP gateways
- Call Session Control Function equipment: P-CSCF, I-CSCF, S-CSCF
- HNB, eHNB, UMA Femtocells, UMA support system, BRAS-AC, PDC
- Legacy equipment, X25, XOT
- Circuit Switched (CS) / Packet Switched (PS) networks and interfaces
Deployment method
PTA is easily deployed with a single lightweight Virtual Appliance using VMware technology and a web-based control and reporting server using SaaS technology.
PTA integrates seamlessly with your Signaling Infrastructure, co-located as a non-blocking network element that does not disrupt normal operations. It ensures extra security by recording all actions and ensuring process continuity while the audit occurs.
PTA only requires an IP address and a Signalling Point Code in order to begin auditing the Core Network infrastructure.
PTA is ready for deployment in both legacy SS7 and state-of-the-art SIGTRAN, UMTS/CDMA 3G, IMS and LTE environments.