Today, the security situation of SS7/SIGTRAN and LTE is identical to the state of TCP/IP networks security in 1994. Few telecom companies have a real understanding of the present and emerging risks for their Telecom Signaling networks, coming from new connections being deployed everyday between their Core Networks and the external World. Such kind of interconnection is growing more and more thanks to the Internet and convergent services, Femtocells, 3G, IMS and 4G/LTE. P1 Security offers Mobile Telecom operators the capability to assess and analyze the security of their Core Networks, Radio Access and signaling perimeters, continuously, regardless of their access technology, be it GSM, UMTS, CDMA, LTE, Wimax, UMA or LTE Advanced. A TELECOM NETWORK SECURITY SCANNER

PTA provides network discovery, security scanning and auditing for SS7/SIGTRAN and LTE/Diameter protocol stacks. PTA enables Security and Telecom Engineers to discover the security level of their networks and assess the vulnerabilities of signaling Network Elements. It also provides CIOs, CTOs & VPs of Engineering, decision makers and top management, the ability to control the evolution of their Core Networks’ security using a dashboard of key indicators.

Key Features

• Mission-based or Permanent scanning. • Telecom Network Elements vulnerability

analysis. • Reliable, repeatable scanner results, clear

deliverables. • Protection methods against DoS. • Multiple Signaling Point Code support. • Audit from multiple perspectives (Internal,

National, International). • Coverage of legacy, current and next

generation telecom equipment and protocols.

• Compatible with a wide range of Network Elements from multiple vendors.

(List subject to changes following ongoing development)

Key Benefits • Coverage of Telecom industry protocols and

systems that are not tested by other vulnerability scanners.

• Discovery of network vulnerabilities before they are used to commit fraud, invade privacy or create network downtime.

• Reduction of attack surface by reducing the number of exposed Network Elements.

• Metrics to measure your network security. • Detection of systems’ and network elements’

misconfiguration. • Quick and continuous identification of

vulnerabilities in your systems.

(List subject to changes following ongoing development)

A TELECOM-SPECIFIC ACTIVE SCANNER

P1 TELECOM AUDITOR PTA

©2017 P1 Security S.A.S. All rights reserved.

Learn more about P1 Security products & services Contact us at contact@p1sec.com Visit us online at www.p1sec.com

NOVEMBER 2017

PTA is easily deployed either with a dedicated appliance or with a lightweight Virtual Machine using VMware technology and a web-based control and reporting server.

PTA integrates seamlessly with your Signaling Infrastructure, as a non-blocking network element that does not disrupt normal operations. It ensures extra security by recording all actions and ensuring process continuity while the audit occurs.

PTA is ready for deployment in both legacy SS7 and state-of-the-art SIGTRAN, as well as 4G/LTE environments.

Available Modules • SS7/SIGTRAN Core Network • GPRS/GRX (Vulnerability Assessments only) • LTE/Diameter Core Network • LTE eUTRAN (Vulnerability Assessments only) • IMS Core (Vulnerability Assessments only) • VoWifi & VoLTE (Vulnerability Assessments only) (List subject to changes following ongoing development)

Supported Protocols • SCTP, M3UA, SCCP, TCAP, MAP • GTP-C v1 & v2 • SCTP, Diameter Base & 3GPP Extensions • S1AP, X2AP • SIP, SDP, MSRP, RTP, ICMP, UDP • SIP, RTP, IPSec, IKEv2

(List subject to changes following ongoing development) ABOUT P1 SECURITY

P1 Security has a recognized leadership in Telecom and Mobile Security, based on innovative products & cutting edge expertise: PTA (P1 Telecom Auditor), a telecom-specific vulnerability scanner, used to scan Access & Core Network Elements for SS7/SIGTRAN & LTE/Diameter protocols; PTM (P1 Telecom Monitor), a telecom-specific IDS and monitoring system; PTF (P1 Telecom Fuzzer), a telecom protocols fuzzer, used to test the robustness of specific Network Elements; VKB (Vulnerability Knowledge Base), an up-to-date database in Telecom vulnerabilities & threat information; Threat Intelligence through the converged use of PTM & VKB and their integration into a TSOC (Telecom Security Operations Center). P1 Labs, the R&D branch of P1 Security, is contributing to the Telecom Security ecosystem through innovative projects (Conferences, SS7map, SigFW, GSMA FASG documents…), bound to investigate signaling risks affecting telecom networks equipment, infrastructures and subscribers. P1 Security researchers have been making groundbreaking speeches, like: - “Toward the HLR, attacking the SS7 & SIGTRAN applications” (Ph. Langlois, 2009) - “SS7map: mapping vulnerability of the international mobile roaming infrastructure”

(L. Ghigonis & A. de Oliveira, 2014) - “Malicious AVPs: exploits to the LTE Core” (L. Ghigonis & Ph. Langlois, 2015) - “Subscribers remote geolocation and tracking using 4G VoLTE enabled Android phone”

(T. Coudray, O. Le Moal, P. Ventuzelo, 2017)

P1 Security is a Vendor independent, neutral Company with established references in Europe, Americas, Africa, Middle East, Pacific and Asia.

©2017 P1 Security S.A.S. All rights reserved.

Learn more about P1 Security products & services Contact us at contact@p1sec.com Visit us online at www.p1sec.com