GTPv2, defined in 3GPP TS 29.274, is dramatically different from GTPv1. For example, the following diagram shows how the Evolved Packet Core (EPC) manages user data flow between mobile users (UE) and the data network. The EPC includes the following components:
- Mobility Management Entity (MME) that accepts mobile user data and performs tasks with it such as Bearer Control
- Home Subscriber Server (HSS) that performs tasks such as authentication and services automation
- Serving Gateway (SGW) that performs tasks such as Mobility Anchoring
- Packet data network Gateway (PGW) that performs tasks such as UE IP address allocation
- Policy and Charging Rules Function (PCRF) that performs tasks such as controlling QoS and throughput
FortiOS Carrier can be installed in any of the GTP data streams in your network, depending on the type of protection that you need. For overall protection you can install FortiOS Carrier between the mobile users and the EPC. If you are concerned about protecting the EPC from the internet or about protecting packet data networks, you can install FortiOS Carrier between the EPC and any TCP/IP networks that the EPC connects to.