The Check Point Carrier-Grade platforms provide the industry’s most powerful Telco security solution with utmost performance and capacity to protect the continuous growth of 3G and 4G LTE network infrastructures. These unique platforms enable Mobile Network Operators to use a unified platform to secure all interfaces including Radio Access, Internet and Roaming. These scalable platforms come with advanced inspection and security for LTE protocols to protect against sophisticated attacks such as Spoofing, DDoS, Signaling Storm, Over-billing attacks and Malware.
Securing the Entire Carrier Infrastructure
The Strongest 3G & 4G Security
Check Point employs a highly flexible and modular system architecture that significantly boosts security and performance. The Carrier Security Add-on brings strong security for SCTP protocol, Diameter protocol and Carrier Grade NAT (CGNAT) functionality to select Check Point Appliances.
Securely connect thousands of 4G LTE Radio Stations (eNodeBs) to the Evolve Packet Core network. Use IPSec to authorize Radio Stations’ connectivity and to encrypt user data traffic. Easily provision the IPSec connectivity when adding more radio Stations. Ensure service availability with backend services using Dead-Peer-Detection and fully redundant hardware platform. Support ESP and IKEv2 to deliver data traffic confidentiality and integrity with AES, SHA-1 or 3DES encryption algorithms. Protects against eavesdropping and data tampering on the control plane and user traffic.
NSS Labs’ top-rated IPS Software Blade delivers complete and proactive intrusion prevention. Ranked #1 in Microsoft and Adobe threat coverage 3 years in-a-row, it secures your network by timely and effectively preventing browser and application vulnerability exploits.
Offer your mobile subscribers secure web access service by leveraging the Check Point enterprise-grade Software Blades security with IPS, Antivirus, URL Filter, Application Control and Anti-Bot. Use the same Internet Gi Carrier-Grade NAT Gateways and Radio Access Gateways to offer additional security services to your mobile subscribers with mobile identity based policy.
Allow Internet access control to millions of mobile subscribers with Check Point Large Scale NAT. Securely connect mobile devices using both IPv4 and IPv6 addresses to the Internet. Protect the Mobile Packet Core network from DDoS attacks, signaling storm, port scan, sweep scan, spoofing, over billing attacks and advanced application malware and threats.
Inspect and secure 3G and 4G IP protocols including GTP, SCTP and Diameter. Allow Mobile Operators to securely connect the packet core to untrusted interfaces such the roaming partners or the radio network. Enforce roaming agreements using Carrier Identity-Based Policy. Provide protections for DDoS, Overbilling attacks, data leakage and unauthorized access. Use advanced Diameter and GTP protocols policy to protect subscribers’ data in MME and HSS. Use advanced security with Check Point Software Blades including IPS, Anti-Virus, URL Filter, Application Control and Anti-Bot to inspect subscriber traffic within the GTP data plane.
Unified security management simplifies the monumental task of managing large carrier environment. Our comprehensive, centralized security management system controls all Check Point gateways deployed on all mobile network interfaces. The intuitive graphical user interface enables IT managers to easily manage a wide range of security management functions. Carrier-grade central lawful logging with advanced log analyzer delivers split-second search results providing real-time visibility into billions of log records over multiple time periods and domains.