Methods and systems for enhancing network security in a telecommunications signaling network
First Claim
1. A method for screening network management messages in a communications network, the method comprising:
- (a) receiving, at a network node, a network management message originating from a location in a network;
(b) determining whether a predetermined parameter in the network management message is not associated with the originating location; and
(c) in response to determining that the parameter is not associated with the originating location, performing a network security action for the network management message.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for providing enhanced network security for network management messages and subsystem management messages are disclosed. A network security function receives a network or subsystem management message from a first location in a network. The network security function determines whether one or more predetermined parameters in the network management message are not associated with the originating location. In response to determining that are not associated with the originating location, a network security action, such as discarding the message and/or notifying a network operator, is performed.
20 Citations
37 Claims
-
1. A method for screening network management messages in a communications network, the method comprising:
-
(a) receiving, at a network node, a network management message originating from a location in a network;
(b) determining whether a predetermined parameter in the network management message is not associated with the originating location; and
(c) in response to determining that the parameter is not associated with the originating location, performing a network security action for the network management message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for screening subsystem management messages in a communications network, the method comprising:
-
(a) receiving, at a network node, a subsystem management message originating from a location in a network;
(b) determining whether a predetermined parameter in the subsystem management message is not associated with the originating location; and
(c) in response to determining that the parameter is not associated with the originating location, performing a network security action for the subsystem management message. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A routing node having a screening function for protecting a network against malicious network management messages, the routing node comprising:
-
(a) a link interface module for receiving network management messages from originating locations in a network; and
(b) a network security function operatively associated with the link interface module for determining whether one or more predetermined parameters in each network management message are not associated with the originating location for the message, and, in response to determining that one or more of the parameters are not associated with the originating location, for performing a network security action. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30)
-
-
31. A routing node having a screening function for protecting a network against malicious subsystem management messages, the routing node comprising:
-
(a) a link interface module for receiving subsystem management messages from originating locations in a network; and
(b) a network security function operatively associated with the link interface module for determining whether one or more predetermined parameters in each subsystem management message are not associated with the originating location for the message, and, in response to determining that one or more of the parameters are not associated with the originating location, for performing a network security action. - View Dependent Claims (32, 33, 34, 35, 36, 37)
-
Specification