Security threats that cannot be ignored depends on how the softswitch network is self-protected

Network security does not only occur on search engines and major websites. Currently, Softswitch networks are facing serious security problems. Let's take a look at how Softswitch networks respond to these problems. A typical softswitch network consists of four layers: business layer, core switch layer, control layer, and access layer. They face security threats: the capacity of softswitch devices and various gateway devices can be very large, once interrupted, it affects geometric progression amplification. The bearer network of the softswitch system is based on the IP network.

If the bearer network is faulty or unstable, the heartbeat mechanism is chaotic, the service cannot be normally carried out, the core node is unstable, or the network is disconnected, and the link and Route status are abnormal; the softswitch system provides a wide range of services and applications through open business interfaces, but open business interfaces pose a risk of being attacked; the intelligent user terminals of the softswitch system and the complexity of access methods impose high requirements on the fault tolerance of the softswitch protocol processing. The public access areas make the softswitch network in a more open network environment, more vulnerable to attacks. The following is an in-depth analysis of these threats.

(1) security threats of core devices

The softswitch network adopts the separation of call and bearer control technology, which greatly improves the processing capability of network devices. It can handle more traffic and carry more business loads, but it is followed by security issues. For network devices designed using boards, a single board can carry more traffic and load under normal circumstances, which may cause a larger range of business interruptions in the event of a fault.

At present, the security of softswitch devices is completely dependent on the vendor's hardware and software security design, failover and isolation are implemented in the case of faults through Master/Slave, 1 + 1, N + 1 backup, automatic switching, software and hardware modular design, and other methods. However, there are still some security risks in actual operation.

◆ Reliability of backup and replacement cannot be guaranteed: the replacement of key equipment (especially some key interface boards) generally affects the operation of services or equipment, and the success rate of replacement cannot be guaranteed at present, the switch may fail in an emergency.

◆ The reliability of the software cannot be guaranteed: there are some problems with the software versions and patch policies of some vendors, and too many software and patches bring about compatibility and reliability issues.

(2) security threats to bearer Networks

The bearer network of the softswitch system uses an IP group network. communication protocols and media information are transmitted in the form of IP packets. The main security threats facing the bearer network include network storms, virus (worm) flooding, and hacker attacks. Network storms and viruses consume a large amount of network resources and bandwidth, leading to slow access to normal services, or even access to network resources, leading to network paralysis. Hackers attack key devices in the network, tamper with their routes and user data, and cause route exceptions and network access failures. According to the actual operation, the bearer network has the greatest impact on the softswitch network, mainly due to the unstable quality of the IP network.

(3) Access Network Security Threats

The Softswitch Network provides flexible and diverse network access methods, and any location that can access the IP network can access the terminal. This feature brings security risks while providing convenience for users. Some users use illegal terminals or devices to access the network, occupy network resources, illegally use services and services, and even initiate attacks to the network. In addition, the access is unrelated to the location, making it difficult to locate the exact location of the security attack after a security event occurs, and the responsible person cannot be traced.

(4) security threats at the network layer

Although the security of a single or regional core node can be guaranteed by load balancing or backup, there are still security risks at the network level. In the existing softswitch network, there are many platform devices (SHLR, NP service platform, SCP, and so on), and they often exist in the form of single points. Once these nodes fail, it will seriously affect network services. In terms of actual operation, the current threats at the network layer are mainly business interruptions, congestion, and overflow caused by the paralysis of important business nodes. SHLR and general number conversion (No. 1 Platform) and other key platforms have the greatest impact. Therefore, we should pay attention to the phenomenon such as the depletion of traffic resources caused by sudden traffic shocks.