FS.37 GTP-U Security

Friday 6 Mar 2020 | Design and Development | Operational |

FS.37 GTP-U Security image

GPRS Tunnelling Protocol (GTP) is a group of IP-based communication protocols used to carry packet data within GSM, UMTS, and LTE networks. GTP is a set of three separate protocols: GTP Control (GTP-C), GTP User (GTP-U), and GTP Prime. GTP-U that carries user data tunnels within the GPRS core network, and between the radio access network and core network. The user data is transported in IPv4 or IPv6. 

This document provides recommendations for Operators to detect and prevent attacks using GTP-U plane data on the network, services, and applications and to address the threat posed by malware and vulnerabilities, including specific examples.

This document also contains guidelines on how to logically deploy security capabilities (specific interfaces) and the modes of deployment. Implementation details are not included in this document and are left to each MNO to decide.

Audience:  Technical security practitioner

Resource technology specifics: Radio access network (RAN), Core network

Resource type: Guideline

Resource enforcement: Voluntary

Resource certification type: Self-assessment

Advantage Disadvantage
  • Outlines various threats that may be located with GTP-U traffic
  • Identified various interfaces that may be used to detect and prevent these threats
  • Compiled by experts managing NFV for mobile operators
  • Does not cover the ways in which to implement security controls within the network
  • Confidential to GSMA members