FS.37 GTP-U Security

GPRS Tunnelling Protocol (GTP) is a group of IP-based communication protocols used to carry packet data within GSM, UMTS, and LTE networks. GTP is a set of three separate protocols: GTP Control (GTP-C), GTP User (GTP-U), and GTP Prime. GTP-U that carries user data tunnels within the GPRS core network, and between the radio access network and core network. The user data is transported in IPv4 or IPv6. 

This document provides recommendations for Operators to detect and prevent attacks using GTP-U plane data on the network, services, and applications and to address the threat posed by malware and vulnerabilities, including specific examples.

This document also contains guidelines on how to logically deploy security capabilities (specific interfaces) and the modes of deployment. Implementation details are not included in this document and are left to each MNO to decide.

Audience:  Technical security practitioner

Resource technology specifics: Radio access network (RAN), Core network

Resource type: Guideline

Resource enforcement: Voluntary

Resource certification type: Self-assessment