Controlling access to mobile networks
With the massive adoption of smartphones and growing rate of mobile phone thefts and identity fraud, pressure on operators is increasing to implement protective measures. Deploying an Equipment Identity Register (EIR) helps operators to protect their networks and revenues against the use of stolen and unauthorized devices. In a growing number of countries, governments and telecom regulators demand for installation of an EIR. In addition to fulfilling regulatory requirements, an EIR also provides an opportunity for operators to offer additional security services to their subscribers.
Next Generation EIR solution
The BroadForward Next Generation EIR provides a single, unified access point for authentication of mobile devices in the network. The BroadForward EIR is fully standards compliant, 100% software based product, supporting 2G/3G, 4G/LTE and IT interfaces. It also offers an extensive feature set for implementing service logic, active triggering, reporting, alarming and more.
The BroadForward EIR supports black-, grey- and white-lists, and unlimited options for additional lists (VIP list, exception list etc.), for individual IMEIs as well as IMEI ranges. It works across legacy and IP networks, supporting SS7/MAP as well as Diameter IMEI checks. Based on available IMSI / MSISDN information, flexible service logic can be applied for (un)blocking devices based on e.g. IMEI-IMSI combinations. Expiration can be applied for each entry in any of the lists. Flexible service logic can be applied to trigger actions at expiration (e.g. move to blacklist or whitelist). Extensive options are provided for reporting and notification at black- and grey-list detection (via SNMP, HTTP, SMS). This includes device location (optional, based on additional HSS / HLR check).
For implementation of nation-wide or operator group-wide EIR solutions, the BroadForward EIR supports a centralized EIR function for multiple operators in a single solution, including reporting per network.
From an operations, administration and management (OAM) perspective, the BroadForward EIR offers a wide range of functions to manage the EIR solution. This includes SNMP interface, logging and tracing, reporting, dashboards and a central provisioning interface based on HTTP (REST, SOAP). A local web interface is available for customer care and operations (supporting IMEI checking and modification of device status). The BroadForward EIR also supports security access control for remote peers (systems performing IMEI checks, provisioning systems, GUI user management), overload control etc.
The The BroadForward EIR supports all relevant 3GPP specifications for EIR. This includes TS 22.016, TS 29.272, TS 23.401, TS 23.060 and TS 29.002.
High capacity, high performant solution
Using standard (commercially off-the-shelf) servers or virtual machines, the BroadForward EIR can support 100 million IMEI records and 10,000’s of transactions per second on a single machine.It supports scaling up and scaling out, without any technical limits. When preferred, the traffic processing and database can be implemented on separate (virtual) machines, to enable independent scaling.
The BroadForward Next Generation EIR offers major differentiators compared to traditional EIR products:
- Enabling real-time IMEI checks, across local and external data sources;
- Single, unified solution for EIR, supporting both 2G / 3G and 4G / LTE;
- Works across Diameter, SS7 and various other protocols;
- Independent, centralized solution (unlike ‘on-board’ EIR functions on HSS, HLR, VLR, STP, SMSC etc.);
- Supports ETSI, 3GPP and GSMA standards for EIR;
- Enables additional services based on IMSI-IMEI correlation, vendor-specific AVP’s etc.;
- Configurable triggering of alarms and external applications;
- Operator control: easy customization of query interfaces, no need for scripting or development;
- No dependence on expensive database technologies;
- Completely GUI based configuration and operation / customer care;
- Central logging point (EDR-registration);
- Carrier grade, highly scalable, high available, geo-redundant solution;
- 100% software based, runs on standard off-the-shelf hardware or virtualized / hosted.