GPRS security

GPRS security

The GPRS network has some built-in security in the form of GPRS authentication. However this is minimal, and is not sufficient for carrier network security needs. A GTP firewall, such as FortiOS Carrier, is required to secure the Gi, Gn, and Gp interfaces.


GPRS authentication

GPRS authentication is handled by the SGSN to prevent unauthorized GPRS calls from reaching the GSM network beyond the SGSN (the base station system, and mobile station). Authentication is accomplished using some of the customer’s information with a random number and uses two algorithms to create ciphers that then allow authentication for that customer.

User identity confidentiality ensures that customer information stays between the mobile station and the SGSN — no identifying information goes past the SGSN. Past that point other numbers are used to identify the customer and their connection on the network.

Periodically the SGSN may request identity information from the mobile station to compare to what is on record, using the IMEI number.

Call confidentiality is achieved through the use of a cipher, similar to the GPRS authentication described earlier. The cipher is applied between the mobile station and the SGSN. Essentially a cipher mask is XORd with each outgoing frame, and the receiving side XORs with its own cipher to result in the original frame and data.


Parts of a GTPv1 network

A sample GTP network consists of the end handset sender, the sender’s mobile station, the carrier’s network including the SGSN and GGSN, the receiver’s mobile station, and the receiver handset.

When a handset moves from one mobile station and SGSN to another, the handset’s connection to the Internet is preserved because the tunnel the handset has to the Internet using GTP tracks the user’s location and information. For example, the handset could move from one cell to another, or between countries.


The parts of a GPRS network can be separated into the following groups according to the roles of the devices:

  • Radio access to the GPRS network is accomplished by mobile phones and mobile stations (MS).
  • Transport the GPRS packets across the GPRS network is accomplished by SGSNs and GGSNs, both local and remote, by delivering packets to the external services.
  • Billing and records are handled by CDF, CFR, HLR, and VLR devices.

GPRS networks also rely on access points and PDP contexts as central parts of the communication structure. These are not actual devices, but they are still critical .

These devices, their roles, neighboring devices, the interfaces and protocols they use are outlined in the following table.


Carrier network showing the interfaces used (GTPv1)


Devices on a GTPv1 network


Device role Neighboring Devices Interfaces used Protocols used

Mobile Users


Mobile Stations (MS)


Radio Access Tech- nology (RAT)


Mobile Stations



Mobile Users, SGSN




IP, Frame Relay


SGSN (local)


MS, SGSN (local or remote), GGSN (local and remote), CDR, CFR, HLR, VLR


Ga, Gb, Gn, Gp, Gz


IP, Frame Relay, GTP, GTP’


SGSN (remote)


SGSN (local)






GGSN (local)


SGSN (local or remote), GGSN (local and remote), CDR, CFR, HLR, VLR


Ga, Gi, Gn, Gp, Gz





GGSN (remote)


SGSN (local), WAP gateway, Internet, other external ser- vices



Gi, Gp







SGSN (local), GGSN (local)


Ga, Gz






SGSN (local), GGSN (local)


Ga, Gz



Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in FortiOS 5.4 Handbook and tagged on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.