Академический Документы
Профессиональный Документы
Культура Документы
M K HAK.
Agenda
GPRS
EDGE
Deployment Reference
Security in GPRS
GPRS
(General Packet Radio Service)
Agenda
General GPRS
GPRS Network
GPRS Roaming
GPRS Security
Security in GPRS
General GPRS
GSM Bit Rate Evolution
100
90
80
70
60
50 Higher
40 Bandwidth!
30
20
10
0
9.6kbps 14.4kbps HSCSD GPRS Technology
(Today) CS-2 EDGE
38.4-64kbps 115kbps 384kbps
CS-1
GPRS Network
Network Architecture – 1/2
A’’ A MAP
BTS BSC MSC/VLR HLR
Gr (MAP)
BTS
Gb
Packet data for the radio interface
Gs Gc IP
Network
CS and PS data descrimination
Gi (IP)
Slot and channel allocation
SGSN GGSN
Existing A’’ interface is reused
Gd (MAP) Gn Gn BSC
GPRS Mobility Management
SMS-GMSC Backbone
Network
Gb – Frame Relay
SMS-IWMSC
IP Allocation of PDCH in cells
MS Handling of GPRS Paging
Broadcast GPRS information
HLR
GPRS subscription and
routing information
Network Architecture – 2/2 Maps subscriber to one
or more GGSNs
A’’ A MAP Update SGSN at attach and
BTS BSC MSC/VLR HLR detach
Gr (MAP)
Gb
Gs Gc IP
Network
Gi (IP)
SMS-GMSC SGSN GGSN
MS SMS-IWMSC
Gi (X.25)
MSC Gd (MAP) Gn Gn
Corporate
Mediation Backbone Network
Network
Types of CDRs in GPRS
S-CDR : radio n/w related (fm SGSN)
G-CDR : for External n/w usage (fm GGSN)
M-CDR : related to MM activities (fm SGSN)
2 CDRs related to usage of SMS with GPRS (fm SGSN)
Charging in GPRS – 2/2
SMS-G/IW MSC
Gd (MAP)
A’’ A
BTS BSC MSC/VLR HLR
Gr (MAP)
Gs (BSSAP+)
Gb
ISP
Gi (IP) Network
SGSN GGSN
MS Gi (IP)
Gn Gn
Corporate
Mediation Backbone Network
ISP
MS Network
SGSN GGSN
f1
f2
fn
BCCH TCH
SDCCH PDCH
Efficient use of Radio Resources
Example on Radio Channel Allocation
TS 1
TS 2 Circuit
Switched
TS 3
TS 4
TS 5
TS 3 Packet
Switched
TS 2
TS 1
Time
GPRS Roaming
PLMN Roaming
HPLMN
DNS
ISP
SGSN GGSN
UPLMN
DNS
MS SGSN GGSN
GGSN
GGSN
VPLMN
ISP Roaming
HPLMN
SGSN GGSN
DNS
ISP
MS SGSN GGSN
GGSN
VPLMN
Multi PLMN Support
BSS
HPLMN2
BSS
HLR
HLR
HPLMN3 SGSN
Gb
BSS GGSN ISP
HLR
M-PLMN feature provides seamless PLMN Roaming
HPLMN1
SGSN GGSN ISP
Normal GSM Roaming
SGSN
HPLMN2
GPRS Roaming Scenario (with GRX)
VPLMN1
DNS
HPLMN
DNS SLA
GRX
GRX
DNS
DNS DNS
VPLMN2 - INT
GRX DNS
Corporate Roaming
Partner #1
Network #1
GTP
Firewall Firewall
VPN VPN
Roaming
Corporate Partner #2
Network #2
Security Threats on the Gn / Gp Interface
• Threat:
– Denial of Service from invalid or flood of GTP traffic
– Undesirable GTP messages
• Solution:
– GTP traffic management prevents the GSNs from being overwhelmed
– GTP packet sanity check in firewall prevents GSNs from having to try to
process malformed GTP packets
– GTP stateful inspection prevents GSNs from having to process GTP
packets which don’t make sense because of no PDP context or wrong
PDP context state
– GTP policies which determine which GTP messages should be allowed
Security Threats on the Gn / Gp Interface
• Threat:
– GTP traffic from a non-roaming partner can kill a MS session or
hijack a session
– GTP traffic spoofed to appear from a valid roaming partner
• Solution:
– GTP security policies block traffic from non-roaming partners
– High performance IPSec tunnels across GRX can be used to
maintain confidentiality and integrity of GTP and prevent GTP
from being spoofed
Security Threats on the Gi Interface
• Threat:
– A subscribers Internet connection may be flooded by incoming
traffic
– The Gi Internet connection may be flooded
– Hackers may attack subscribers with malicious traffic
• Solution:
– Firewall traffic management protects the Gi Internet connection
for subscribers and the PLMN as a whole
– Firewall can protect against many common attacks
Security Threats on the Gi Interface
• Threat:
– Mobile Subscribers attack each other
– Corporate customers attack each other
• Solution:
– Firewall Gi tunnel hub sends all Internet traffic to the firewall
before its sent back to the GGSN; security policies prevent
subscribers from attacking each other
– Firewall Gi tunnel hub uses virtual routers to logically separate
traffic corporate intranet traffic all the way from the GGSN to the
corporate network
EDGE
(Enhanced Data rates for GSM Evolution)
Agenda
General EDGE
EDGE Network
Security in GPRS
GPRS Evolution
- The Way to UMTS SMS-G/IW MSC SOG
ISP
EDGE Network
MS BTS SGSN GGSN
UMTS
Corporate
U BTS R
BTS R BG
Network
MS N
N Backbone
T
BTS C
C Network
R BTS
R
R
A
N
N
N BTS
BTS PTM-SC
C
C
384 kbps
EDGE boosts GSM…
Data rates
EDGE
115 kbps
GPRS
57.6 kbps
54.4
50
40
44.8
30 29.6
22.4
20 20.0
14.4 17.6
12.0 14.8
11.2
10
8.0 8.4
0
MCS2
MCS3
MCS4
MCS1
MCS5
MCS6
MCS7
MCS8
MCS9
CS1
CS2
CS4
CS3
GPRS EGPRS
GMSK modulation 8PSK modulation
(E)GPRS Basic Technical Parameters
GSM EDGE
Modulation GMSK 8-PSK / GMSK
Symbol rate 270 ksym/s 270 ksym/s
Modulation bit rate 270 kb/s 810 kb/s
Radio data rate per time slot 22.8 kb/s 69.2 kb/s
User data rate per time slot 20kb/s (CS4) 59,2 kb/s (MCS9)
User data rate (8 time slots) 160kb/s 473,6kb/s
(182.4kb/s) (553.6kb/s)
Network modification !
Internet
GPRS Protocol
GPRS MS SGSN GGSN
GGSN
EDGE
BTS PCU
TRU
Deployment
ERICSSON GPRS Deployment
Thank You !!