SMS firewall management — 5 best practices — GMS
SMS firewalls are essential tools to securing a mobile operator’s network and revenues. However, with fraud constantly evolving, so should your network protections efforts. In this article, we look at five best practices that will help you stay at the top of your firewall game.
Clear traffic segregation
Separating P2P from A2P is a key function of a firewall. Firewalls don’t just protect against spam or malicious messages; they also aid in monetising messaging. But there is some simple housekeeping that can be done to aid and enhance this process.
Segmenting and identifying messages by source allows the firewall to quickly identify traffic coming in over certain grey routes.
Additionally, it is vital to understand the different potentials of local and international traffic. International traffic has a greater value than local traffic because of the commercial relationships its transit is built upon and the network resources it uses, not to mention its utility to the enterprise — hence it should be priced higher than local traffic.
Without distinct traffic segregation, a mobile operator will never receive the full value of their messaging traffic since a significant portion of it might be priced at a considerably lower rate, being mistaken for local traffic. However, even when operators do make this distinction, the traffic still may not be divided into clear, unambiguous “streams.”
At its most basic, traffic segregation can be achieved by controlling the connection types each kind of traffic has access to. This way, you can separate traffic into clearly defined types based on the protocol used, which potentially means tracking traffic origins and potential manipulations by analysing the data.
The final thing to consider is that separating international SMS from domestic requires learning which is which. Since you can’t just rely on global titles or IP addresses to reliably tell the traffic’s origin, you first need to associate these identifiers with a certain service, figure out where it is based and where this service sends its messages from. This brings us to…
Thorough testing
An exhaustive testing regime reveals network vulnerabilities, which is vital at the start of a monetisation project when few rigorous rules will be in place. Continuous testing provides an even better picture of evolving threats, showing you any changes in traffic trends.
Manipulating sender IDs, exploiting under-protected P2P connections, or SIM farms — everything goes for the dishonest players looking for ways to bypass your firewall and increase their margins.
For this reason, a wide-ranging database of international services and manipulations allows prioritisation of services most relevant to the operator’s business.
Using a database of prominent international services and unique message details associated with each helps to combat such manipulations, making it easier to spot deviations in the message contents and global titles, revealing the likelihood of noncompliant routing. Combined with the operator’s own insights and considering their priorities, this helps to fine-tune the operator’s SMS firewall. With threats constantly evolving, a programme of ongoing testing and reporting becomes vital for monetisation efforts.
Setting the right SMS Firewall ruleset and ongoing firewall management
Things can become quite chaotic when traffic reaches the firewall — with all the numerous exploits like notorious grey routes and the sheer complexity of messaging routing. Hence, one of the firewall’s roles is to organise all incoming traffic via an effective set of rules.
We have already made the first steps by sorting the traffic into A2P, P2P, and P2A and cross-categorising it into national and international. The next obvious step is sifting out spam. Finally, it is necessary to come up with the blocking rules for illegitimate traffic, which can be a tad trickier: you have to be aware of the bypass techniques and manipulations used by fraudsters, which can vary from market to market.
It is worth notice that simply deploying a firewall is not enough for sufficient network protection. Eliminating SMS grey routes and dealing with unbillable messaging for good calls for proper firewall configuration. This means continuous rules updates and reconfiguration as new threats arrive. With fraudsters constantly looking for new exploits and unprotected routes, firewalls must be maintained and rules updated just as frequently.
Read more at https://www.gms-worldwide.com/blog/sms-firewall-management-5-best-practices/
Originally published at https://www.gms-worldwide.com on July 26, 2021.
