The requirements to properly operate PrivateGSM are very important due to the huge amount of mobile devices hardware/software availability and to the highly variable characteristics of mobile networks.

In order to operate it properly several operating requirements must be satisfied.

1.1 Mobile devices

1.2 Network

Network behavior and quality is crucial to provide a good quality service. Some requirements are mandatory to operate the solution, other requirements affects the service quality, ranging from “not very good” to “impossible to a secure call”.

1.2.1 Mandatory

All these requirements are mandatory to operate the solution. Even one single requirement not satisfied makes impossible to run the solution.


There is no support for Proxy Server (being HTTP or SOCKS), so PrivateGSM when operated within an Intranet must be able to communicate directly with the PrivateServer Mobile Subscriptions

Mobile Devices must be equipped with a “data” plan that allow full internet communications without IP/TCP/UDP filters to the server and without protocol filters (Es: VoIP filters, like Vodafone carrier does).

The SIM card must be enabled to do full traffic without restriction (Es: WAP or WEB only subscription are not usable).

In presence of protocol specific filters it’s required to enable VoIP data option. Whenever this option it’s not available and VoIP is blocked (Es: UAE), the protocol obfuscation of PrivateGSM typically let it bypass but without guarantee on transport quality. Radio Interference

All the mobile devices must be equipped with a 2G/3G and/or WiFi connection that’s not subject to high radio interference.

In presence of Radio Interference (due to high load of network, to other equipment using same frequency or to distance/obstacles between mobile devices and radio concentrator) the voice quality would not be good due to high number of packet loss.

On critical network conditions it’s possible to finely tune PrivateGSM to operate like in a tactical environment, with reduced performance but higher reliability. Firewall TCP timeout


PrivateGSM must keep an always on connection to the PrivateServer with SIP/TLS over a TCP channel. It exchange keep-alive packet once every 10/20 minutes depending on the mobile platform.

The Firewall managing the connection of the server and of the client must allow TCP idle connection of at least 21 minutes.

The typical timeout is 30-60 minutes, but in some environment this default value is lowered for security/performance reasons.


1.2.2 Required to provide adequate quality

Whenever these requirements are satisfied, the users will perceive good quality and will have nice feedback. Quality of Service

 (QoS) requirements affects the perceived audio quality during secure calls. When the following requirements are met audio will be clear, not distorted, continuous, without gaps and with almost not perceivable delay: Stability of network connection

It is important to have high Call Success Ratio (CSR).

Unstable network connection can lead to inability to dial/receive calls, abruptly broken calls while speaking and impossibility to dial long calls.

To provide good quality, is required to have a stability window on both side of the call, caller and called. The stability window must cover the call duration and also the preceding 10 minutes:

Pre-call stability window is particularly critical with iPhone devices, which, currently, do not have a true multitasking OS and can adapt to network change typically within 10 minutes window period.


1.3 Server

We suggest to keep the following concept:

  • A minimum of 2 CPU core for each PrivateServer. We suggest these models:
    • Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
    • AMD Athlon(tm) 64 X2 Dual Core Processor 6000+

but the product is known to run smoothly on slower ones.

  • A minimum of 2GB of RAM for each PrivateServer (Consider quickly scaling up to 4GB of RAM)

  • A minimum of 50GB of storage for each PrivateServer (consider raising up to 100GB in case of high number of users of a specific server)

  • A minimum of one 100/1000 Mb/s NIC (or more NICs to setup the Network Segregation)

  • Almost one public IP Address, NATted to the server's NIC or directly assigned to it

  • One public hostname (with correct DNS resolution)

  • One SSL Certificate (accordingly with the hostname)

1.2.3 Required to enable the update feature on the PrivateServer

The following configuration is needed to enable the update feature on the PrivateServer: