Diameter Resource Adaptors

We recommend that you adhere to principles of Zero Trust while designing, commissioning, and modifying your deployment. Zero Trust includes authenticating and authorizing traffic whenever possible, giving the least amount of access required to sessions and entities, and assuming that a security breach could originate from anywhere. A Zero Trust security model helps mitigate the effect of a breach if a device or network is compromised. For more information on Zero Trust principles, see Zero Trust Model - Modern Security Architecture | Microsoft Security.

This documentation uses Transport Layer Security (TLS) certificates to refer to X.509 certificates used with the TLS protocol. Outside of this product’s documentation, you may see TLS certificates referred to as SSL/TLS certificates or just SSL certificates. These terms are often used interchangeably, even though Secure Sockets Layer (SSL) is a distinct protocol from TLS.

Diameter Resource Adaptors provides full support for protocols such as TLS. For details about supported protocols, see Diameter Resource Adaptors Statement of Compliance. To configure secure connections for Diameter Resource Adaptors, check the instructions in the Configuring Diameter Transport Security section of the Diameter Resource Adaptors Guide.

You must establish trust domains around your devices and network and configure security controls on the trust boundaries such as firewalls, network security groups, and rate limiting, even when you control the devices on both sides of the boundary.

We recommend that you replace certificates at least once per year, including removing the old certificates from your system. This is known as rotating certificates. You might need to rotate your certificates more frequently if they expire after less than one year, or if organizational policies require it.