Mobile network operators \u2013 you need better visibility into current threats to your networks. You may know \u201cwhat,\u201d and you may even know \u201cwhen,\u201d but often you don\u2019t know \u201cwhere,\u201d \u201cwho\u201d or \u201cwhy.\u201d So how can you act with confidence using incomplete information?<\/p>\n
Here\u2019s a common scenario many MNOs face. You may have information about the malware involved, and you may even suspect it slipped past the internet firewall to infect some of your mobile subscribers. But if you don\u2019t have visibility into which devices, peering points or subscribers are involved, or the context of the attack, and you have few enforcement tools beyond the internet firewall policy, what can you do when your network is threatened?<\/p>\n
Mobile security needs are unique because mobile devices are \u2026 well \u2026 mobile<\/em>. Unlike enterprise data centers or fixed-line service providers, mobile network operators cannot rely upon static IP addresses to identify devices or subscribers so they can quarantine or block. And security systems are quite separate from the systems that house subscriber and device identification, so that makes matching threat traffic session logs to devices or subscribers a manual, cumbersome and time-consuming task.<\/p>\n When an attack is looming, mobile network operators need complete information, and they need it quickly.<\/p>\n Palo Alto Networks Next-Generation Security Platform provides all the pieces to the security data puzzle, allowing MNOs to quickly pinpoint the attack source and understand the malware context so they can take appropriate action or prevent it altogether. Our technology provides full application-layer visibility to all mobile peering points, including RAN, roaming or Wi-Fi access \u2013 network areas that, in the past, may have needed little protection. Advanced GTP inspection functions provides IMSI\/IMEI identification correlated to specific malicious sessions, displayed on one management GUI, which eliminates the frantic rush to manually match logs to identify who is attacking your network.<\/p>\n So, the next time malware like Mirai or ransomware like WannaCry is perusing your subscriber base looking for innocent victims, you\u2019ll be able to see it coming \u2013 no matter where it\u2019s coming from \u2013 and you\u2019ll have complete information and context to decide what the appropriate enforcement action should be.<\/p>\n Now you can know what, when, where, why and \u2013 most importantly \u2013 who.<\/p>\n