Re: Do we still need Gi Firewall for 3G/UMTS/HSPA network ?

[Alexander Harrowell <a.harrowell () gmail com>]

On Thursday 09 April 2009 16:48:32 Lee, Steven (NSG Malaysia) wrote:
> Hi all, in most of the existing 2G/2.5G mobile PS-core (Packet Switch)
> networks have Gi segment (interface between GGSN & IP Router/firewall). Due
> to the IP address constraint, operator usually do NAT on the Gi firewall to
> NAT the private IP to public IP in the past. Looking at the traffic pattern
> and user access behaviour, does it make sense to have firewall between the
> GGSN & Public Internet if the public IP addresses are sufficient to cater
> for mobile subscribers? Especially with 3G/UMTS/HSPA or even LTE in the
> future.
>
> Please share your thought and thanks in advance :)
>
> Regards,
> Steven Lee
I would think that, however you are providing IP addresses, any ingress point 
to a GSM core network ought to be carefully policed on security grounds. 
Especially if you have IMS or SIP-based services or intend to deploy them.

Attachment: signature.asc
Description: This is a digitally signed message part.