Mobile Roaming Security

We help you protect your mobile core and subscribers from GPRS Tunneling Protocol (GTP) attacks and malicious or careless peers.

GTP Attacks from RAN and Roaming

Security threats to the mobile network have escalated as cyberattacks grow in sophistication and volume and use lightly protected mobile and IoT devices in their botnets or targeted attacks.

GPRS Tunneling Protocol (GTP) is at the heart of providing seamless interconnection at multiple network interfaces. As traffic, devices and interconnection partners surge, so does the use of GTP. Attackers try to exploit vulnerabilities by abusing GTP interfaces exposed to the network. After collecting network information and subscriber identities, attackers can launch a number of different attacks against subscribers and operators. GTP is inherently insecure as it was not designed with security in mind.

Operators must now include a GTP firewall as part of their current network security posture and as they evolve the network to 5G.

Fraud and Overbilling

Attackers can spoof subscriber identities to gain access to unauthorized services. Attackers can either bypass operator charging systems with an invalid IMSI or have the services billed to an actual subscriber. Operators will incur financial losses from data usage and the subscriber will get a huge bill.

Denial of Service

With a spoofed IMSI, attackers can hijack mobile connections, which will then deny service to the subscriber. By injecting malformed or malicious packets or a sufficient volume of GTP-C packets, attackers can also cause network elements to malfunction, disrupting services for a large number of subscribers or causing network degradation.


Attackers can intercept and snoop into GTP traffic to gain valuable subscriber information such as user location access credentials and other confidential details. This breach of confidentiality and the information gained can then be used to launch additional attacks on the subscriber or the network.

Network Resource Attacks

Internal network resources such as NAT are exposed to possible DoS attack. SCTP packets can be manipulated that allows malicious traffic to gain unauthorized access and propagate to other components.

Solution Brief

GTP Firewall in 4G and 5G Mobile Networks

Boost security for 4G and 5G NSA networks with GTP firewall, part of the 5G security portfolio. GTP firewall aims to protect against GTP protocol vulnerabilities, fraudulent use, confidentiality breaches, DDoS attacks by malicious peers and other threats.

Download Solution Brief

How We Can Help

Our comprehensive security solution for the mobile carrier networks ensures protection of your network and subscribers from GTP attacks coming in from radio access networks (RAN) and roaming networks. The security portfolio includes:

Mobile Signaling Protection

  • Deploy GTP firewall with granular SCTP filtering to protect the packet core from attacks coming in on roaming interfaces
  • Securely connect eNodeB/gNodeB and MME through IPsec VPN tunnels

Gi-LAN Security

  • Deploy a carrier-class Gi/SGi firewall that protects the Gi-LAN
  • Reduce network functions sprawl through consolidation of Gi/SGi firewall, CGNAT and application visibility and control
  • Advanced logging features to help meet stringent compliance requirements

Integrated DDoS Protection

  • Defend NAT IP address pools from targeted DDoS attacks for maximum service uptime
  • Defend critical mobile infrastructure such as MME against DDoS attacks coming in on GTP protocol