Automated Visibility and Actionable Insight

Mobile network operators can’t easily see all areas where threats are entering their networks or determine their sources. With incomplete and uncorrelated threat information – often from multiple and separate legacy security systems, operators are unable to fully protect their networks and subscribers. This increases vulnerability to network and service outages and endangers subscriber privacy.

Palo Alto Networks® Next-Generation Security Platform provides automated, application-layer visibility, prevention and enforcement across all peering points in the mobile network. Operators can determine when and where threats are entering the network, and which devices or subscribers are impacted, to take appropriate enforcement action.

Signaling Protection

Palo Alto Networks Next-Generation Security Platform provides comprehensive signaling protection across all signaling protocols and peering points in the mobile network. Advanced GTP features correlate threat data to subscriber and device identifiers, providing easily accessible and actionable information. SCTP security provides protection against both malicious and unintentional signaling overload at interfaces that use SCTP protocols, including those caused by malicious attacks, roaming partners, local outages and other traffic anomalies that can interrupt service or cause outages.

Consistent Prevention, Protection and Enforcement Across All Peering Points

With Palo Alto Networks, mobile network operators can leverage application-layer visibility and enforcement, and correlate threats with identification data across both data and signaling plane traffic at all areas of the network – the internet, the radio access network, or RAN, roaming network and non-3GPP points of presence, and virtual, physical, cloud and hybrid technologies. PAN-OS® supports physical appliances and chassis as well as virtual instances, providing operators maximum deployment flexibility and operational ease in migrating to virtualized networks.

Typical deployment use cases include:

  • Internet security (S/Gi)
  • Roaming security (S8/Gp)
  • Radio access network security (S1/S11)
  • Non-3GPP network access (S2)
  • IoT security
  • Signaling protection

Identify Infected Devices and Their Subscribers

Uncorrelated systems with incomplete data don’t allow operators to quickly identify the type of threat or determine where and who it’s coming from. Fast response is essential for an effective security posture. Advanced GTP inspection features included in PAN-OS address a major blind spot by inspecting both control and user planes for anomalies, and extracting device and subscriber identifiers, correlating them with threats.

 

Increase IoT Value Chain Revenue

MNOs are looking for ways to increase their value to their customers and provide new revenue opportunity. IoT is a significant opportunity, but concerns on security, fundamental to capturing this opportunity, have risen in significance. MNOs need a way to address this growing need and capture new IoT revenue opportunity with a network-based solution.

Using Palo Alto Networks Next Generation Security Platform, MNOs and other service providers can provide a safe network, free from infected devices. This will strengthen their value propositions, enable new monetization opportunities, and provide critical information to bolster security strategies.  

 

Palo Alto Networks has a dedicated sales and technical team for mobile network operators.  Contact us today for more information or to schedule:

 


ADDITIONAL RESOURCES

Additional Resources

The Palo Alto Networks Next–Generation Security Platform includes a comprehensive set of security appliances and software products, services and features that prevent successful security breaches and provide significantly enhanced application-layer visibility in mobile networks. This enables the maximum deployment flexibility with effective and consistent security efficacy as mobile operators migrate to virtualized and software-defined network architectures.

Further information on the products within the Palo Alto Networks Next–Generation Security Platform, applicable in most mobile network infrastructure deployments, can be found here:


Interested in reading more? View all Service Provider Resources


 

What is a denial of service attack (DoS) ?

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users by flooding it with traffic.
  • 3
  • 55354

What is an Intrusion Prevention System?

An Intrusion Prevention System (IPS) is a network security prevention technology that examines network traffic flow to detect and prevent vulnerability exploits
  • 5
  • 106201

Product Summary Specsheet

Key features, performance capacities and specifications for all Palo Alto Networks firewalls.
  • 85
  • 235271

What is a Zero Trust Architecture?

Businesses who want to prevent the exfiltration of sensitive data and improve their defense against modern cyber threats can consider a Zero Trust architecture.
  • 1
  • 37757

What is Cybersecurity?

Cybersecurity refers to the preventative techniques used to protect the integrity of networks, programs and data from attack, damage, or unauthorized access.
  • 4
  • 80388

PA-5200 Series Datasheet

Palo Alto Networks® PA-5200 Series of next-generation firewall appliances is comprised of the PA-5280, PA-5260, PA-5250 and PA-5220.
  • 21
  • 87324