Methods, systems, and computer readable media for providing diameter signaling router with firewall functionality
First Claim
1. A system for Diameter routing and firewall filtering, the system comprising:
- a Diameter signaling router, comprising;
a network interface for receiving, from a first Diameter node, a first Diameter message having Diameter information, wherein the Diameter information includes Diameter header portion information;
a firewall module configured to determine whether the first Diameter message satisfies a firewall policy, wherein the firewall policy is based on at least a portion of the Diameter header portion information in the first Diameter message, wherein the firewall module includes functionality for performing an equipment identity register (EIR) dip using information from the first Diameter message, wherein the functionality for performing an EIR dip includes an EIR database for storing equipment-related information used in determining whether user equipment is authorized or blocked and an EIR dip function for accessing the EIR database in determining whether equipment-related information associated with the first Diameter message is present in the EIR database; and
a routing module configured to forward at least a portion of the first Diameter message towards a second Diameter node in response to the first Diameter message satisfying the firewall policy, wherein the second Diameter node is a home subscriber server (HSS) or a mobility management entity (MME).
4 Assignments
0 Petitions
Accused Products
Abstract
According to one aspect, the subject matter described herein includes a system for Diameter routing and firewall filtering. The system includes a Diameter signaling router comprising a network interface for receiving, from a first Diameter node, a first Diameter message having Diameter information. The Diameter signaling router also includes a firewall module for determining whether the first Diameter message satisfies a firewall policy. The firewall policy is based on at least a portion of the Diameter information in the first Diameter message. The Diameter signaling router further includes a routing module for forwarding at least a portion of the first Diameter message towards a second Diameter node in response to the first Diameter message satisfying the firewall policy.
-
Citations
28 Claims
-
1. A system for Diameter routing and firewall filtering, the system comprising:
-
a Diameter signaling router, comprising; a network interface for receiving, from a first Diameter node, a first Diameter message having Diameter information, wherein the Diameter information includes Diameter header portion information; a firewall module configured to determine whether the first Diameter message satisfies a firewall policy, wherein the firewall policy is based on at least a portion of the Diameter header portion information in the first Diameter message, wherein the firewall module includes functionality for performing an equipment identity register (EIR) dip using information from the first Diameter message, wherein the functionality for performing an EIR dip includes an EIR database for storing equipment-related information used in determining whether user equipment is authorized or blocked and an EIR dip function for accessing the EIR database in determining whether equipment-related information associated with the first Diameter message is present in the EIR database; and a routing module configured to forward at least a portion of the first Diameter message towards a second Diameter node in response to the first Diameter message satisfying the firewall policy, wherein the second Diameter node is a home subscriber server (HSS) or a mobility management entity (MME). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 24, 25)
-
-
14. A method for Diameter routing and firewall filtering, the method comprising:
at a Diameter signaling router; receiving, from a first Diameter node and at a network interface, a first Diameter message having Diameter information, wherein the Diameter information includes Diameter header portion information; determining whether the first Diameter message satisfies a firewall policy, wherein the firewall policy is based on at least a portion of the Diameter header portion information in the first Diameter message, wherein the firewall module includes functionality for performing an equipment identity register (EIR) dip using information from the first Diameter message, wherein the functionality for performing an EIR dip includes an EIR database for storing equipment-related information used in determining whether user equipment is authorized or blocked and an EIR dip function for accessing the EIR database in determining whether equipment-related information associated with the first Diameter message is present in the EIR database; and forwarding at least a portion of the first Diameter message towards a second Diameter node in response to the first Diameter message satisfying the firewall policy, wherein the second Diameter node is a home subscriber server (HSS) or a mobility management entity (MME). - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 26, 27)
-
28. A non-transitory computer readable medium having stored thereon executable instructions that when executed by the processor of a computer control the computer to perform steps comprising:
at a Diameter signaling router; receiving, from a first Diameter node and at a network interface, a first Diameter message having Diameter information, wherein the Diameter information includes Diameter header portion information; determining whether the first Diameter message satisfies a firewall policy, wherein the firewall policy is based on at least a portion of the Diameter header portion information in the first Diameter message, wherein the firewall module includes functionality for performing an equipment identity register (EIR) dip using information from the first Diameter message, wherein the functionality for performing an EIR dip includes an EIR database for storing equipment-related information used in determining whether user equipment is authorized or blocked and an EIR dip function for accessing the EIR database in determining whether equipment-related information associated with the first Diameter message is present in the EIR database; and forwarding at least a portion of the first Diameter message towards a second Diameter node in response to the first Diameter message satisfying the firewall policy, wherein the second Diameter node is a home subscriber server (HSS) or a mobility management entity (MME).
Specification