Gsma Fs.38 !!top!! Jun 2026

Adopt if you are a consortium of telcos or neutral hosts. Avoid if you are a single enterprise building a private edge.

By implementing the defensive architecture outlined in GSMA FS.38, communications providers can actively mitigate a diverse spectrum of network-layer threats:

: Attacks designed to overwhelm network resources and disrupt service availability.

The specification moves away from the traditional central cloud (hyperscaler model) toward a network of autonomous "Stores." gsma fs.38

FS.38 is formally titled IoT Security Guidelines for Service Providers and Device Manufacturers . Its primary innovation lies in moving away from generic best practices toward a concrete architecture defined by discrete security domains. The document structures IoT security around three logical layers: the device, the network, and the application/service platform.

FS.38 serves as a centralized guideline for mobile network operators (MNOs) to identify and mitigate vulnerabilities within SIP signaling. Key areas of focus include:

GSMA FS.38 (Session Initiation Protocol (SIP) Interconnect Security Guide) is a pivotal Permanent Reference Document (PRD) designed to address the unique security challenges of SIP-based communication in modern telecommunications. Adopt if you are a consortium of telcos or neutral hosts

SIP NETWORK SECURITY (GSMA FS.38) │ ┌────────────────────────────────┼────────────────────────────────┐ ▼ ▼ ▼ [Network Segmentation] [Mandatory Encryption] [Signaling Firewalls] Isolates the IMS core from Secures data via TLS/SRTP Deploys edge protection to subscriber-facing data. against voice eavesdropping. block malformed SIP traffic. T-TUT-ICTS-2022-2-MSW-E.docx - ITU

The GSMA FS.38 specification has various applications across the mobile industry:

: The guidelines provide a means for operators to verify the security claims made by equipment vendors during tender processes. The specification moves away from the traditional central

In the world of modern telecommunications, the Session Initiation Protocol (SIP) has become one of the most widely deployed signaling protocols. It underpins everything from voice and video calls to instant messaging and is the engine behind services such as Voice over LTE (VoLTE), Voice over 5G (Vo5G), and Rich Communication Services (RCS). As the telecoms industry has evolved, so too have the threats targeting this ubiquitous protocol. Recognizing the need for a unified, end-to-end security framework, the GSM Association (GSMA) developed , the "SIP Network Security" Permanent Reference Document (PRD). First published in April 2021, this document represents a major industry milestone, providing a comprehensive guide to securing SIP-based networks and services.

After adopting GSMA FS.38:

The applications of GSMA FS.38 are diverse and widespread, spanning multiple industries and use cases: