PEP

Policy Enforcement Point

Core Network
Introduced in R99
A functional entity within the Policy and Charging Control (PCC) architecture that enforces policy decisions. It resides in the gateway (e.g., P-GW, TDF) and applies gating, QoS, and charging rules to user data flows. It is the execution point that translates policy rules into network actions.

Description

The Policy Enforcement Point (PEP) is a critical network function within the 3GPP Policy and Charging Control (PCC) framework. It is the entity responsible for enforcing policy decisions made by the Policy and Charging Rules Function (PCRF) in the user plane. The PEP is typically co-located with the gateway that handles the user's data traffic, such as the Packet Data Network Gateway (P-GW) in EPS, the Gateway GPRS Support Node (GGSN) in GPRS, or the Traffic Detection Function (TDF). Its primary role is to apply the authorized policies to individual IP data flows, ensuring that network resources are used in accordance with subscriber profiles, service plans, and real-time network conditions.

Architecturally, the PEP interfaces with the PCRF via the Gx reference point (or the Sd reference point for a TDF). It receives PCC rules, which are bundles of instructions containing information for identifying a service data flow, its associated charging parameters, and the policy control to apply (e.g., gating, QoS marking, bitrate limits). The PEP installs, modifies, or removes these rules. Key components within the PEP include the service data flow detection mechanism, which uses packet filters (e.g., 5-tuple) to identify traffic, and the enforcement engines for gating (allowing/blocking packets), QoS (setting DSCP markings, managing bearers), and charging (triggering credit control events, applying uplink/downlink bandwidth limits).

How it works is a continuous loop of control. When a new service is initiated, the PEP may request rules from the PCRF. Upon receipt, it installs the rule and begins inspecting packets. For each packet, it matches against installed filters. If a match is found, the PEP executes the associated actions: it may forward or drop the packet (gating), mark its DiffServ Code Point (QoS), shape or police the flow to the authorized bitrates, and collect usage data for offline or online charging. The PEP also reports events (like usage volume, service termination) back to the PCRF. This dynamic enforcement allows for sophisticated service differentiation, such as prioritizing VoIP traffic, throttling peer-to-peer traffic, or enabling sponsored data services, all in real-time based on centralized policy logic.

Purpose & Motivation

The Policy Enforcement Point exists to bridge the gap between high-level business policies and real-time network packet processing. Before the standardized PCC architecture, policy control was often static, configured directly on network gateways, making it difficult to create dynamic, subscriber-aware, or service-specific rules. This limited operators' ability to offer tiered QoS, implement fair usage policies, or create innovative charging models like zero-rating.

The PEP solves the problem of decentralized and inflexible policy execution. It was motivated by the need for a clear separation of control and user plane, where intelligent policy decisions are made centrally (PCRF) and enforced consistently at the traffic choke points. This architecture allows operators to rapidly deploy new services and charging plans without reconfiguring every gateway individually. It addresses limitations of previous approaches by providing a standardized interface (Gx) for dynamic rule provisioning, enabling real-time interaction between the charging system, subscription database, and the network edge.

Historically, its creation was driven by the evolution towards all-IP networks and the demand for sophisticated service control beyond simple best-effort internet access. The PEP enables key operator capabilities: guaranteeing QoS for IMS services like VoLTE, implementing parental controls, managing network congestion, and enabling partner services (like sponsored data). It is fundamental to the monetization and efficient operation of modern mobile broadband networks, turning simple data pipes into intelligent, billable services.

Key Features

  • Enforces PCC rules received from the PCRF via the Gx interface
  • Performs service data flow detection using packet filters
  • Executes gating control (allow/deny) for data flows
  • Applies QoS enforcement (bitrate policing/shaping, DSCP marking)
  • Triggers charging events and interacts with Online/Offline Charging Systems
  • Reports usage and event triggers (e.g., volume, location change) to the PCRF

Evolution Across Releases

R99 Initial

Introduced the basic concept of a Policy Enforcement Point within early policy control frameworks. It was a functional entity in the gateway responsible for applying relatively simple rules related to service authorization and basic QoS, laying the groundwork for the later standardized PCC architecture.

TS 23.203TS 23.207TS 23.802TS 23.803TS 33.794

Defining Specifications

SpecificationTitle
TS 23.203 3GPP TS 23.203
TS 23.207 3GPP TS 23.207
TS 23.802 3GPP TS 23.802
TS 23.803 3GPP TS 23.803
TS 33.794 3GPP TR 33.794