GPRS is a service within the worldwide mobile radio network GSM for data transport. As a rule, the GPRS network provider acts at the same time as Internet service provider and offers access to the worldwide web for the GPRS devices. Data traffic normally runs between a mobile field device with a GPRS connection and the company headquarters via GPRS network and Internet.

An internet connection supposes mobile devices to meet two requirements:

1. Protection of the terminal device against active interferences from the Internet (hacking)
2. Limiting the - compared with standard Internet - relatively expensive bandwidth on the transmission path to desired data traffic

The standard solution of most GPRS providers is a restriction of your changeover to Internet to a connection established by the GPRS terminal device itself. Any connecting requests from "outside" are denied. Thus, standard applications such as web surfing or e-mailing may be run in a safe and unimpeded way.

As a rule, this kind of insular routing is also used between GPRS devices and rounded off by attributing dynamic and private IP addresses to the terminal devices.

Note: In some countries also GPRS accesses without these restrictions are offered. You should use these only in case both an external security concept as well as a protection against extremely high costs due to undesired internet traffic may be installed.

The safe standard configuration of GPRS networks is an effective prevention of undesired as well as desired connections:

• Establishing a connection from a control station to the field device is impossible (polling)
• A field device with a web configuration is not addressable (mobile server)
• Field devices cannot connect to each other

Since connectivity is subject to routing rules, no harm may be done even if an external caller should happen to know your present IP address (e.g. through a service like dynDNS).

Security and availability may be realised at the same time if the GPRS provider or a service provider allows for an alternative configuration of the router to the Internet.

The service provider IC3S offers a service called "mdex fixed.IP" (see link in the right sidebar) creating for each customer a closed-circuit user group consisting of mobile devices and protected external accesses via Internet. The devices identify themselves at login and are given invariably the same IP addresses. The alternative routing rules permit free establishment of connections among each other: There are no restrictions on mobile servers, connections between mobile devices and polling from the control station.

Devices not belonging to the user group are invariably subject to the restrictive security rules as applied in the general GPRS network.

An additional advantage of closed-circuit user groups is that they do without additional protocols - this service is provided within the TCP/IP standard, thus avoiding any adaptation of terminal devices.

Service providers for closed-circuit user groups also go by the name of Virtual Mobile Operator (VMO), meaning to point out the fact that these providers use the radio network of a GPRS provider, but forward the data independently from it.