FS.37 GTP-U Security
GPRS Tunnelling Protocol (GTP) is a group of IP-based communication protocols used to carry packet data within GSM, UMTS, and LTE networks. GTP is a set of three separate protocols: GTP Control (GTP-C), GTP User (GTP-U), and GTP Prime. GTP-U that carries user data tunnels within the GPRS core network, and between the radio access network and core network. The user data is transported in IPv4 or IPv6.
This document provides recommendations for Operators to detect and prevent attacks using GTP-U plane data on the network, services, and applications and to address the threat posed by malware and vulnerabilities, including specific examples.
This document also contains guidelines on how to logically deploy security capabilities (specific interfaces) and the modes of deployment. Implementation details are not included in this document and are left to each MNO to decide.
Audience: Technical security practitioner
Resource technology specifics: Radio access network (RAN), Core network
Resource type: Guideline
Resource enforcement: Voluntary
Resource certification type: Self-assessment