Fortinet black logo

Version:

7.4.1
7.4.0
7.2.6

Version:

7.2.5
7.2.4
7.2.3

Version:

7.2.2
7.2.1
7.2.0

Version:

7.0.12
7.0.11
7.0.10

Version:

7.0.9
7.0.8
7.0.7

Version:

7.0.6
7.0.5
7.0.4

Version:

7.0.2
7.0.1
7.0.0

Version:

6.4.14
6.4.13
6.4.12

Version:

6.4.11
6.4.10
6.4.9

Version:

6.4.6
6.2.15
6.2.14

Version:

6.2.13
6.2.12
6.2.9

Version:

5.6.0

Table of Contents

FortiOS Carrier

7.0.10
7.4.1
7.4.0
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.6
6.2.15
6.2.14
6.2.13
6.2.12
6.2.9
5.6.0
Download PDF
Copy Doc ID 96af2db7-b12d-11ed-8e6d-fa163e15d75b:937851
Copy Link

FortiOS Carrier features

FortiOS Carrier supports all standard FortiOS features including SCTP firewalling. FortiOS Carrier adds the following additional features, specific to FortiOS Carrier:

  • Protection for Packet Forwarding Control Protocol (PFCP) in 4G Control-User Plane Separation (CUPS) and 5G signaling evolution networks. When PFCP is used as the control plane, the user plane is GTPv1-U. FortiOS Carrier uses a session helper to monitor PFCP traffic. The PFCP session helper must be enabled for PFCP protection to work. FortiOS Carrier can be installed in a wide variety of locations in any PFCP network to apply various types of PFCP protection depending on traffic and security needs, including.
    • Message filtering.
    • Monitoring.
    • PFCP protocol anomaly detection.
  • Protection for GTPv0, GTPv1, and GTPv2 traffic in 2G, 3G, 4G, and 5G carrier networks. FortiOS Carrier can be installed in a wide variety of locations in any GTP network to apply various types of GTP protection depending on traffic and security needs, including:
    • GTP tunnel limiting.
    • APN traffic filtering.
    • Message filtering.
    • Message rate limiting.
    • Various other methods of filtering GTP traffic based on content, addresses, technology, and so on.
    • GTP protocol anomaly detection.
    • Information element (IE) validation and removal.
    • Encapsulated IP traffic filtering.
    • Anti-overbilling protection.
    • RAT timeout filtering.
Previous
Next

FortiOS Carrier features

FortiOS Carrier supports all standard FortiOS features including SCTP firewalling. FortiOS Carrier adds the following additional features, specific to FortiOS Carrier:

  • Protection for Packet Forwarding Control Protocol (PFCP) in 4G Control-User Plane Separation (CUPS) and 5G signaling evolution networks. When PFCP is used as the control plane, the user plane is GTPv1-U. FortiOS Carrier uses a session helper to monitor PFCP traffic. The PFCP session helper must be enabled for PFCP protection to work. FortiOS Carrier can be installed in a wide variety of locations in any PFCP network to apply various types of PFCP protection depending on traffic and security needs, including.
    • Message filtering.
    • Monitoring.
    • PFCP protocol anomaly detection.
  • Protection for GTPv0, GTPv1, and GTPv2 traffic in 2G, 3G, 4G, and 5G carrier networks. FortiOS Carrier can be installed in a wide variety of locations in any GTP network to apply various types of GTP protection depending on traffic and security needs, including:
    • GTP tunnel limiting.
    • APN traffic filtering.
    • Message filtering.
    • Message rate limiting.
    • Various other methods of filtering GTP traffic based on content, addresses, technology, and so on.
    • GTP protocol anomaly detection.
    • Information element (IE) validation and removal.
    • Encapsulated IP traffic filtering.
    • Anti-overbilling protection.
    • RAT timeout filtering.
Previous
Next