It is the recommendation of the GSMA Fraud and Security Group to implement strict filters in end nodes (STP’s & FW’s) and only allow active roaming partners through.
Protecting your network against SS7 hacking and fraud starts with implementing strict SS7 filters, allowing only network node global title ranges of roaming partners to communicate with own nodes.
To protect against attacks on the mobile core network performed through the General Packet Radio Service (GPRS) Exchange (GRX) or Internet Protocol Exchange (IPX) network strict firewall rules with IP ranges of roaming partners should be implemented according to the GSMA. With Roaming Audit this is an easy task.