What is a Private APN and how does it secure a corporate network?

An Access Point Name (APN) is the address of the gateway between the internet and the Mobile Network Operator. In a 3G network, it is known as GGSN. A mobile user needs to configure the APN name in the device to access the gateway. An Access Point Name that can be used by any SIM card from an operator is known as a public APN.

Internet access with public APN
Internet access with a public APN

There could be multiple access point names a SIM card can have,  each represents a gateway. When someone browses the internet from a mobile phone, a secure tunnel is set up towards the gateway.  A web page request reaches the getaway, which in turn forwards to the website hosting server over the public internet. The public internet is not secure.

Why a company needs a private APN?

An APN that belongs to a company is known as a private APN. With a private APN, all mobile traffic that goes out from MNO to the internet will first go to the network of the company over a secure tunnel (private APN user).

With a private APN companies have control of all network traffic for mobile devices along with LAN.

Internet access with private apn
Internet access with private APN

For example, if all internet traffic goes out via a firewall from the local area network. But what if the same company also wants to pass all mobile data traffic via the same firewall? To do that they need to get all internet traffic from MNO to their network.

Here comes the role of the private APN. When a device attaches to the network with private APNs. The mobile operator sends all traffic over a secure VPN to the company’s network to go via a firewall.

How a private APN works?

Following are technical points about the internet traffic routing with a private APN.

  • A company sets up a firewall and all access points or a router within the office and sends all internet traffic via a firewall.
  • The firewall applies the rules and sends the request to the server on the internet. If it found anything malicious or unauthorized it drops.
  • To secure the data communication from the cellular network, the company buys the private APN.
  • To access the internet the devices in the company need to configure with a private APN.
  • When a devices access the internet, the outgoing packets first reach the MNO. MNO checks the network traffic from an APN that belongs to the company. It sends the packets to the router over a secure VPN tunnel.
  • Router routes packets to the external networks via the firewall, as they are coming directly from the LAN.

Why Private APNs are good for IoT and M2M devices?

An Internet Of things (IoT) device connects to the internet using a SIM card. It sends the data read by the censers to a central server located somewhere over the internet. If the IoT device company needs to use a private APN, to make communication secure and faster. The MNO will set up a tunnel with the server and route all device traffic to the server and vice versa.

M2M devices also need a similar secure network.