Network Signaling and Firewall Journey from 2G to 5G
February 18, 2025

The journey started with 2G and 3G, where Voice was the leading service, and the main protocols were SS7 and SIGTRAN (Signaling Transport).

At this time, the primary Firewalls are:

  • SS7/SIGTRAN Firewall: Its functions are national/international interconnect protection with different policies and detection patterns in real-time.
  • GTP Firewall: The functions are GTP Packet binary checks and connectivity policies.

In 4G, networks became data—and media-centric and needed signalling to support smartphones and Apps. Here, Diameter is the main protocol, along with the introduction of VoLTE and SIP Protocol. Currently, the main firewalls are:

  • Diameter Firewall: This is for LTE interconnection protection and AVP policies.
  • SIP Firewall: For SIP Policies, SIP payload control and multi-channel authentication.

Finally, In 5G, network signalling is no longer a separate network like SS7 or Diameter. Signalling shares the Control Plane with all other Inter-Process Communications using HTTPS/HTTP/2 protocols.  So, the main firewall:

  • SEPP Firewall: For NGxC Interconnect protection and HTTP/s payload control.

Summary of Evolution:

  • SS7 (2G/3G) → Uses STP (Vulnerable to security risks).
  • Diameter (4G) → Uses DEA (Improved security, but still has vulnerabilities).
  • 5G Core (5GC) → Uses SEPP (Strongest security with encryption, authentication, and integrity protection).

Almost all vendors are moving towards a Unified Signaling Firewall to cover all signalling firewall rules in one solution.

 

Support & Share