The Challenge

When it is not possible to use IP and MAC addresses, traditional security tools such as firewalls become insufficient.

Cellular networks use identifiers such as IMSI and IMEI. IPs in cellular networks are dynamic, Network Address Translated (NATed), and not correlated to the devices themselves, which makes context-based segmentation based on IPs impossible without enrichment.

Access Point Names (APNs) are not sufficient.

Attempting to leverage APNs, which were designed for QoS and not segmentation, requires configuring both the core and the switch and is limiting and restricting.

OneLayer’s Solution

Where traditional solutions fail, OneLayer Bridge provides a robust solution. Policies follow the devices themselves, regardless of dynamic IPs or SIM swaps.


OneLayer Bridge automatically fingerprints devices and groups them based on device properties such as type, manufacturer and location, then uses this information to create context-based policies.


This approach ensures that security policies are always applied even when device properties change or new devices join.


The enforcement methodology is flexible enough to be applied via integration with firewalls, ACLs and through the core itself, leveraging core capabilities.

Request a demo today to learn more.

open popup