Features
Messaging
SMS Campaigns SMS-VOICE Gateway RCS Messaging WhatsApp API SMS Firewall
Voice & VoIP
VoIP Routing SBC Ringless Voicemail PBX Services TTS
Signalling & Core
SS7 Gateway Diameter OCS Mobile Core
Compliance
ENUM/NAPTR 10DLC STIR/SHAKEN MNP/LNP
Security
Firewall DDoS Mitigation IPSec VPN
Sector Antennas Massive MIMO Remote Radio Units Baseband Units eNodeB / gNodeB Outdoor Small Cells Indoor Small Cells Tower Masts Site Power
Plans About Blog Contact
Security

Multi-Layer Telecom Firewall

Protect your VoIP and SMS infrastructure from fraud, abuse, and unauthorized access with a carrier-grade multi-layer security stack. Application-layer SIP inspection, IP reputation filtering, adaptive rate limiting, protocol anomaly detection, and real-time fraud scoring operate simultaneously across all traffic — without adding perceptible latency to legitimate calls and messages.

Get Started Talk to Sales
Defense Layers

Five Layers of Traffic Protection

Telecom fraud attacks are multi-vector: SIP brute force, IPRN dialers, SIM-box bypass, SMS grey routes, and flood attacks all require different defenses. The MOBITELSMS security stack applies five independent inspection layers — network-level ACLs, IP reputation, protocol validation, behavioral rate limiting, and real-time fraud scoring — to each session before it reaches the billing core. Each layer can block, rate-limit, challenge, or flag traffic independently, and events from all layers are correlated in a unified security dashboard for rapid incident response.

Features

Firewall Capabilities

SIP Application-Layer Inspection
Deep inspection of every SIP INVITE, REGISTER, OPTIONS, and SUBSCRIBE message. Validates mandatory headers, detects malformed messages, identifies scanning toolkits (SIPVicious, Nmap SIP scripts) by their distinctive header patterns, and blocks SIP INVITE floods. Strips dangerous headers (Via spoofing, contact header injection) before forwarding.
IP Reputation Filtering
Maintains a blocklist of known fraudulent IPs, Tor exit nodes, anonymizing proxies, datacenter ASNs that originate only fraud traffic, and IPs reported by the carrier community. Blocklists are updated every 15 minutes from threat intelligence feeds and shared across all platform nodes. Whitelist overrides prevent false positives for legitimate VPN users.
Adaptive Rate Limiting
Per-IP, per-device, and per-account rate limiting with adaptive thresholds. Normal traffic from a legitimate customer generates a baseline; deviations trigger progressive responses — first warning, then throttle, then block. SMPP TPS limits, SIP CPS limits, and registration attempt limits are enforced independently with configurable burst allowances.
Real-Time Fraud Scoring
Each call or SMS receives a fraud score (0–100) computed from multiple signals: call duration distribution, destination number patterns (premium rate, IPRN, grey-list), time-of-day anomalies, velocity (calls per minute exceeding historical baseline), and STIR/SHAKEN attestation level. Scores above threshold trigger automatic holds, alerts, or balance freeze.
Access Control Lists
Granular ACL rules based on source IP CIDR, country code, ASN, destination prefix, calling number, and time-of-day. Rules are ordered by priority and evaluated in sub-microsecond lookup via hash tables. Support for allow, deny, redirect, and rate-limit actions. ACL changes take effect immediately via hot-reload without dropping active calls.
Security Event Dashboard
Unified real-time dashboard showing blocked events, fraud score distribution, top blocked IPs, attack timeline, and per-customer risk metrics. Configurable alerting via email, webhook, or SMS for critical security events. Exportable event logs in JSON, CSV, or syslog format for SIEM integration with Splunk, Elastic, or Datadog.
Technical Specifications

Specifications

Inspection Layers5 (Network / Reputation / Protocol / Rate / Fraud)
ProtocolsSIP (UDP/TCP/TLS), SMPP 3.4/5.0, HTTP API
ACL RulesUnlimited; hash-table evaluated, O(1)
IP Blocklist UpdatesEvery 15 minutes from threat feeds
Inspection Latency<1ms added per session (in-path)
Throughput5,000+ SIP CPS, 15,000+ SMS TPS
SIEM IntegrationSyslog, JSON webhook, Elastic ECS
HA ModeActive-active, shared blocklist via distributed cache

Harden Your Telecom Perimeter

Telecom fraud costs the industry over $38 billion annually. The MOBITELSMS multi-layer firewall blocks attacks at every level — from IP reputation to behavioral anomaly detection — protecting your revenue and your customers.

Get Started Talk to Sales

MOBITELSMS Assistant

Hi! I'm the MOBITELSMS assistant. How can I help you today?