8.4 Signaling Firewall
The Signaling Firewall feature provides network security for Diameter networks in LTE
domains. This feature configured with firewall rules by the System OAM only operates on
DA-MP servers. When you enable or disable a diameter or RADIUS connection, a
notification is sent to the servers to update the firewall rules to allow or disallow
incoming network traffic.
Note:
In new DSR installations, the Signaling Firewall is enabled by default; however, during a DSR upgrade without the feature, the Signaling Firewall is disabled by default. Otherwise, it uses the setting from the previous release.Use Common Security, and then Maintenance,
and then Signaling Firewall to:
- View the administrative state of an active signaling node and operational status of all servers.
- Click plus (+) to view the operational status of each servers.
- Enable or disable the administrative state of a selected signaling node.
- Check pause updates to stop the real-time status updates.
Signaling Firewall Maintenance Elements
The following table describes fields on the Signaling Firewall maintenance
page.
Table 8-4 Signaling Firewall Maintenance Elements
Field | Description |
---|---|
Signaling Node | Name of the SOAM Server group |
Admin State | Signaling node can be:
|
Servers | Total number of active DA-MP servers reporting on the firewall status in the signaling node. |
Operational Status | Operational status from all active servers is collectively
used to determine the status of the signaling firewall at a
signaling node level. Status can be:
Cell background color is useful in troubleshooting when the operational status of the signaling firewall is degraded, unknown, orfailed:
|
Operational Reason | Operation reason describes the status:
|
Enabling Signaling Firewall Nodes
Use this task to enable the Signaling Firewall on a signaling node.
The firewall status of each server contributes to the overall firewall operational status of the signaling node.
Enable is only active when you select the Signaling Node (top-level row) and
the administrative state is disabled.
- Click Common Security, and then Maintenance, and then Signaling Firewall.
- Select the Signaling Node.
- Click Enable.
- Click OK or Cancel.
Disabling Signaling Firewall Nodes
Use this task to disable Signaling Firewall on a signaling node.
Disable is only active when you select the Signaling Node
(top-level row) and theadministrative state is enabled. Signaling firewalls are only
enabled on the DA-MPServers shown in the signaling node you select.
- Click Common Security, and then Maintenance, and then Signaling Firewall.
- Select the Signaling Node.
- Click Disable.
- Click OK or Cancel.