2.4.8 Subscriber Identity Validation (SubsIdenValid)

This countermeasure screens the ingress diameter request message for an Inbound Roaming Subscriber to check if the Subscriber’s identity is valid.

This countermeasure considers the ingress diameter request message for an Inbound Roaming Subscriber as vulnerable if the MCC and MNC values present in the User-Name AVP are not provisioned as MCC and MNC of a Foreign network.

Apart from the mandatory configuration in DSA Mandatory Configuration, configure MCC_MNC_List Table for configuring MCC and MNC combinations of Foreign networks used by this countermeasure for validating Subscriber’s identity.