Mobile network operators use the GPRS Tunneling Protocol
(GTP) on various interfaces in roaming, Radio Access Network (RAN),
and cellular IoT (CIoT) deployments and within the packet core in
3G and 4G networks. GTP allows mobile subscribers to use their phones
(user equipment) to maintain a connection to a Packet Data Network
(PDN) for internet access while on the move.
GTP uses tunnels to allow two GPRS support nodes (GSNs) to communicate
over a GTP-based interface and to separate traffic into different
communication flows. GTP creates, modifies, and deletes tunnels
for transporting IP payloads between the user equipment, the GPRS
support nodes (GSNs) in the GPRS backbone network and the internet.
GTP comprises three types of traffic—control plane (GTP-C), user
plane (GTP-U), and charging (GTP’ derived from GTP-C) traffic. Enabling
GTP security on the Palo Alto Networks firewall allows you to statefully
inspect, validate, filter, and perform security checks on GTPv2-C,
GTPv1-C and GTP-U protocol messages.