Your browser has JavaScript turned off.
You must turn it on to proceed.










NORS -- CSRIC Best Practices Result

CSRIC Best Practices Result

Detailed Information for the Best Practice: 9-8-8051

Number 9-8-8051
Priority Important
Description Network Access Control for SS7: Network Operators should ensure that SS7 signaling interface points that connect to the IP Private and Corporate networks interfaces are well hardened, protected with packet filtering firewalls; and enforce strong authentication. Similar safeguards should be implemented for e-commerce applications to the SS7 network. Network Operators should implement rigorous screening on both internal and interconnecting signaling links and should investigate new, and more thorough screening capabilities. Operators of products built on general purpose computing products should proactively monitor all security issues associated with those products and promptly apply security fixes, as necessary. Operators should be particularly vigilant with respect to signaling traffic delivered or carried over Internet Protocol networks. Network Operators that do employ the Public Internet for signaling, transport, or maintenance communications and any maintenance access to Network Elements should employ authentication, authorization, accountability, integrity, and confidentiality mechanisms (e.g., digital signature and encrypted VPN tunneling).
Network Type(s) Wireline
Industry Role(s) Service Provider; Network Operator; Equipment Supplier
Keyword(s) Cyber Security;Encryption;Network Elements;Network Operations;Policy;
Reference/Comments ITU SS7 Standards, “Securing SS7 Telecommunications Networks”, Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, 5-6 June 2001.