NCCS Publishes ITSAR for Network Next-Generation Firewall (NGFW) Including IDS & IPS

March 24, 2025

Share This Post

Strengthening Telecom Security in India

The National Centre for Communication Security (NCCS) has officially released a new Indian Telecom Security Assurance Requirement (ITSAR) for Network Next-Generation Firewalls (NGFW), including Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). This new ITSAR aims to bolster network security by setting stringent standards for security mechanisms in critical telecom infrastructure.

With increasing cyber threats and a rapidly evolving digital landscape, India’s telecom sector requires robust security solutions to protect against unauthorized access, mitigate threats, and ensure secure communication. The latest ITSAR outlines essential security requirements for NGFWs, ensuring that products used in Indian networks meet high security standards before deployment.

What is a Next-Generation Firewall (NGFW)?

A Next-Generation Firewall (NGFW) is a modern security device that extends beyond traditional firewall functionalities. While conventional firewalls monitor and control traffic based on IP addresses, ports, and protocols, NGFWs incorporate advanced security features, such as:

Deep Packet Inspection (DPI) – Analyzing the contents of network packets to detect malicious activity.

Intrusion Prevention System (IPS) – Blocking threats in real time before they cause damage.

Application Awareness – Identifying and managing network traffic based on applications rather than just ports and IPs.

Threat Intelligence Integration – Leveraging global threat intelligence databases to prevent cyber attacks.

SSL/TLS Decryption – Inspecting encrypted traffic to detect hidden threats.

User Identity Awareness – Applying security policies based on user roles and identities.

With these capabilities, NGFWs play a crucial role in securing telecom networks and safeguarding sensitive data against cyber threats.

Key Highlights of ITSAR for NGFW Including IDS & IPS

The ITSAR Number: ITSAR112062503, released on March 5, 2025, outlines detailed security requirements for NGFWs used in India’s telecom sector. The document addresses security measures across several key areas:

1. Common Security Requirements:

Access & Authorization Controls – Role-based access control (RBAC) with multi-factor authentication.
Software Security – Ensuring secure updates, vulnerability testing, and protection against malware and backdoors.
User Audit & Logging – Secure storage of audit logs with real-time monitoring.
Data Protection – Encryption of stored and transmitted data using cryptographic security controls.
Traffic Filtering & Network Segmentation – Blocking unauthorized network traffic and enforcing traffic isolation.

2. Advanced Security Features

Stateful Packet Inspection (SPI) – Monitoring active connections and filtering traffic accordingly.
Intrusion Detection & Prevention System (IDPS) – Detecting and mitigating network intrusions.
Virtual Private Network (VPN) Support – Secure communication over public and private networks.
Firewall Failover Protection – Ensuring network continuity in case of system failures.
Threat Intelligence & Deep Packet Inspection (DPI) – Analyzing traffic patterns and identifying potential threats in real time.

3. Compliance & Implementation Timeline

The new ITSAR establishes strict guidelines for compliance and sets the following implementation deadlines:

📅 March 5, 2025 – The ITSAR is officially published.

📅 Mandatory Compliance – All telecom equipment manufacturers and service providers must ensure that NGFWs comply with ITSAR security standards before deploying them in Indian networks.

Impact on Telecom Equipment Manufacturers & Service Providers

With the enforcement of this ITSAR, manufacturers, network operators, and telecom service providers must align their products with the latest security standards to obtain necessary approvals. Compliance with these regulations will impact:

✅ Type Approval & Certification – Products must undergo rigorous testing to meet security assurance requirements.

✅ Market Access & Regulatory Approvals – Ensuring compliance is essential for smooth import and distribution in India.

✅ Network Security & Risk Management – Strengthening defenses against cyber threats and unauthorized access.

How C-PRAV Can Assist with Compliance

Navigating new regulatory requirements can be complex, but C-PRAV is here to help! As a leading compliance and certification partner, we offer expert guidance in security testing, certification, and approval processes for NGFWs, IDS, and IPS.

Security Testing & Certification Support – Ensuring your products meet NCCS standards.
Regulatory Compliance Consulting – Helping you streamline approval processes.
Global Market Access Solutions – Assisting with international approvals beyond India.

📩 For inquiries, contact us at: india@c-prav.com

📞 Call us: +91 99023 85494

Stay ahead of evolving security regulations with C-PRAV – Your Trusted Compliance Partner!

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

BIS has deferred all registrations for CCTV cameras that do not comply with ER:01.

In a bold and decisive move, BIS has taken this step to ensure that all CCTV camera manufacturers strictly comply with ER:01 standards, reinforcing security protocols

Author April 28, 2025

Mexico Opens Public Consultation on Mandatory IFT Seal for Telecom and Broadcasting Equipment

Mexico’s Federal Telecommunications Institute (IFT) has launched a public consultation regarding the upcoming mandatory use of the IFT logo on certified telecommunications and broadcasting equipment.

Author April 24, 2025