How can I help you? Start Chat

US Phone: 1-866-488-6691
International Phone: +44-2036087492

  • E-Mail
  • Facebook
  • LinkedIn
  • Twitter

Carrier Security

The Check Point Carrier-Grade platforms provide the industry’s most powerful Telco security solution with utmost performance and capacity to protect the continuous growth of 3G and 4G LTE network infrastructures. These unique platforms enable Mobile Network Operators to use a unified platform to secure all interfaces including Radio Access, Internet and Roaming. These scalable platforms come with advanced inspection and security for LTE protocols to protect against sophisticated attacks such as Spoofing, DDoS, Signaling Storm, Over-billing attacks and Malware.

Benefits

Securing the Entire Carrier Infrastructure

  • Single platform to secure all LTE Interfaces including Internet Gi Connection, S1 LTE Radio Access, roaming connectivity and Packet Controller
    • Secure communication between thousands of radio stations (eNodeBs)
    • Secure internet connectivity with the most scalable Carrier-Grade-NAT firewall
    • Secure roaming connectivity according to partners’ business agreements
  • Control the infrastructure security with unified policy, monitoring and reporting for all carrier interfaces
  • Consolidate gateways and secure multiple networks with Virtual Systems

The Strongest 3G & 4G Security

  • The only solution to inspect and secure all LTE protocols including GTP, SCTP and Diameter
  • Offer subscriber-based value-added security services including IPS, Antivirus, Web Security and Anti-Bot

Features

Carrier Grade Scalable Platforms

Check Point employs a highly flexible and modular system architecture that significantly boosts security and performance. The Carrier Security Add-on brings strong security for SCTP protocol, Diameter protocol and Carrier Grade NAT (CGNAT) functionality to select Check Point Appliances.


Radio Access IPsec Security

Securely connect thousands of 4G LTE Radio Stations (eNodeBs) to the Evolve Packet Core network.  Use IPSec to authorize Radio Stations’ connectivity and to encrypt user data traffic. Easily provision the IPSec connectivity when adding more radio Stations. Ensure service availability with backend services using Dead-Peer-Detection and fully redundant hardware platform.  Support ESP and IKEv2 to deliver data traffic confidentiality and integrity with AES, SHA-1 or 3DES encryption algorithms.  Protects against eavesdropping and data tampering on the control plane and user traffic.


IPS

NSS Labs’ top-rated IPS Software Blade delivers complete and proactive intrusion prevention. Ranked #1 in Microsoft and Adobe threat coverage 3 years in-a-row, it secures your network by timely and effectively preventing browser and application vulnerability exploits.


Clean-Pipe Value-Add Services (Optional)

Offer your mobile subscribers secure web access service by leveraging the Check Point enterprise-grade Software Blades security with IPS, Antivirus, URL Filter, Application Control and Anti-Bot. Use the same Internet Gi Carrier-Grade NAT Gateways and Radio Access Gateways to offer additional security services to your mobile subscribers with mobile identity based policy.

Carrier Grade NAT

Allow Internet access control to millions of mobile subscribers with Check Point Large Scale NAT. Securely connect mobile devices using both IPv4 and IPv6 addresses to the Internet. Protect the Mobile Packet Core network from DDoS attacks, signaling storm, port scan, sweep scan, spoofing, over billing attacks and advanced application malware and threats.

carrier-security-feature-1


LTE Protocols Security

Inspect and secure 3G and 4G IP protocols including GTP, SCTP and Diameter. Allow Mobile Operators to securely connect the packet core to untrusted interfaces such the roaming partners or the radio network.  Enforce roaming agreements using Carrier Identity-Based Policy. Provide protections for DDoS,  Overbilling attacks, data leakage and unauthorized access. Use advanced Diameter and GTP protocols policy to protect subscribers’ data in MME and HSS. Use advanced security with Check Point Software Blades including IPS, Anti-Virus, URL Filter, Application Control and Anti-Bot to inspect subscriber traffic within the GTP data plane.


Integrated Security Management & Logging

Unified security management simplifies the monumental task of managing large carrier environment. Our comprehensive, centralized security management system controls all Check Point gateways deployed on all mobile network interfaces. The intuitive graphical user interface enables IT managers to easily manage a wide range of security management functions. Carrier-grade central lawful logging with advanced log analyzer delivers split-second search results providing real-time visibility into billions of log records over multiple time periods and domains.


Learn More