Secure GPRS Tunneling Protocol (GTP) in Mobile Networks
Mobile Network Operators use the GPRS
Tunneling Protocol (GTP) on various interfaces in roaming and Radio
Access Network (RAN) deployments, and within the packet core in
3G and 4G networks. GTP allows mobile subscribers to use their phones
(user equipment) to maintain a connection to a Packet Data Network
(PDN) for internet access while on the move. The protocol uses tunnels
to allow two GPRS support nodes (GSNs) to communicate over a GTP-based
interface and separate traffic into different communication flows.
GTP creates, modifies, and deletes tunnels for transporting IP payloads
between the user equipment, the GPRS support nodes (GSNs) in the
GPRS backbone network and the internet.
GTP comprises of three types of traffic—control
plane (GTP-C), user plane (GTP-U) and charging (GTP’ derived from
GTP-C) traffic. Enabling GTP Security on the Palo Alto Networks
firewall allows you to statefully inspect, validate, filter, and
perform security checks on GTPv2-C, GTPv1-C and GTP-U protocol messages.