diff --git a/Kconfig.dependencies b/Kconfig.dependencies
index 88c0462ef2..8f040f87ac 100644
--- a/Kconfig.dependencies
+++ b/Kconfig.dependencies
@@ -35,6 +35,7 @@ config SIDEWALK_BLE
 	imply BT_CTLR_TX_PWR_DYNAMIC_CONTROL
 	imply BT_CTLR_ADVANCED_FEATURES
 	imply BT_EXT_ADV
+	imply BT_GATT_AUTHORIZATION_CUSTOM
 	help
 		Sidewalk Bluetooth Low Energy (BLE) module
 
diff --git a/samples/sid_end_device/src/cli/app.c b/samples/sid_end_device/src/cli/app.c
index e68148bfb6..9d31f69de2 100644
--- a/samples/sid_end_device/src/cli/app.c
+++ b/samples/sid_end_device/src/cli/app.c
@@ -14,6 +14,13 @@
 #include <json_printer/sidTypes2Json.h>
 #include <zephyr/logging/log.h>
 
+#include <sid_ble_uuid.h>
+#include <bt_app_callbacks.h>
+#include <zephyr/bluetooth/gatt.h>
+#if defined(CONFIG_SIDEWALK_DFU)
+#include <zephyr/mgmt/mcumgr/transport/smp_bt.h>
+#endif //defined(CONFIG_SIDEWALK_DFU)
+
 LOG_MODULE_REGISTER(app, CONFIG_SIDEWALK_LOG_LEVEL);
 
 static uint32_t persistent_link_mask;
@@ -109,6 +116,73 @@ static void on_sidewalk_status_changed(const struct sid_status *status, void *co
 	}
 }
 
+static bool gatt_authorize(struct bt_conn *conn, const struct bt_gatt_attr *attr)
+{
+	struct bt_conn_info cinfo = {};
+	int ret = bt_conn_get_info(conn, &cinfo);
+	if (ret != 0) {
+		LOG_ERR("Failed to get id of connection err %d", ret);
+		return false;
+	}
+	char uuid_s[50] = "";
+	bt_uuid_to_str(attr->uuid, uuid_s, sizeof(uuid_s));
+	LOG_DBG("GATT authorize : conn_id = %d, attr %s", cinfo.id, uuid_s);
+
+	if (cinfo.id == BT_ID_SIDEWALK) {
+		if (bt_uuid_cmp(attr->uuid, BT_UUID_DECLARE_128(SMP_BT_CHR_UUID_VAL)) == 0) {
+			LOG_WRN("Block SMP_BT_CHR_UUID_VAL in Sidewalk connection");
+			return false;
+		}
+	}
+
+#if defined(CONFIG_SIDEWALK_DFU)
+	if (cinfo.id == BT_ID_SMP_DFU) {
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(AMA_CHARACTERISTIC_UUID_VAL_WRITE)) == 0) {
+			LOG_WRN("block AMA_CHARACTERISTIC_UUID_VAL_WRITE in DFU connection");
+			return false;
+		}
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(AMA_CHARACTERISTIC_UUID_VAL_NOTIFY)) == 0) {
+			LOG_WRN("block AMA_CHARACTERISTIC_UUID_VAL_NOTIFY in DFU connection");
+			return false;
+		}
+
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE)) ==
+		    0) {
+			LOG_WRN("block VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE in DFU connection");
+			return false;
+		}
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY)) ==
+		    0) {
+			LOG_WRN("block VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY in DFU connection");
+			return false;
+		}
+
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE)) ==
+		    0) {
+			LOG_WRN("block LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE in DFU connection");
+			return false;
+		}
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY)) ==
+		    0) {
+			LOG_WRN("block LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY in DFU connection");
+			return false;
+		}
+	}
+#endif //defined(CONFIG_SIDEWALK_DFU)
+	return true;
+}
+
+static const struct bt_gatt_authorization_cb gatt_authorization_callbacks = {
+	.read_authorize = gatt_authorize,
+	.write_authorize = gatt_authorize,
+};
+
 void app_start(void)
 {
 	static sidewalk_ctx_t sid_ctx = { 0 };
@@ -137,6 +211,12 @@ void app_start(void)
 		.sub_ghz_link_config = app_get_sub_ghz_config(),
 	};
 
+	int err = bt_gatt_authorization_cb_register(&gatt_authorization_callbacks);
+	if (err) {
+		LOG_ERR("Registering GATT authorization callbacks failed (err %d)", err);
+		return;
+	}
+
 	sidewalk_start(&sid_ctx);
 	sidewalk_event_send(sidewalk_event_platform_init, NULL, NULL);
 }
diff --git a/samples/sid_end_device/src/hello/app.c b/samples/sid_end_device/src/hello/app.c
index 13d37e0e65..05785b2f06 100644
--- a/samples/sid_end_device/src/hello/app.c
+++ b/samples/sid_end_device/src/hello/app.c
@@ -11,6 +11,15 @@
 #include <app_subGHz_config.h>
 #include <sid_hal_reset_ifc.h>
 #include <sid_hal_memory_ifc.h>
+#include <stdbool.h>
+
+#include <sid_ble_uuid.h>
+#include <bt_app_callbacks.h>
+#include <zephyr/bluetooth/gatt.h>
+#if defined(CONFIG_SIDEWALK_DFU)
+#include <zephyr/mgmt/mcumgr/transport/smp_bt.h>
+#endif //defined(CONFIG_SIDEWALK_DFU)
+
 #if defined(CONFIG_GPIO)
 #include <state_notifier/notifier_gpio.h>
 #endif
@@ -306,6 +315,73 @@ static int app_buttons_init(void)
 	return buttons_init();
 }
 
+static bool gatt_authorize(struct bt_conn *conn, const struct bt_gatt_attr *attr)
+{
+	struct bt_conn_info cinfo = {};
+	int ret = bt_conn_get_info(conn, &cinfo);
+	if (ret != 0) {
+		LOG_ERR("Failed to get id of connection err %d", ret);
+		return false;
+	}
+	char uuid_s[50] = "";
+	bt_uuid_to_str(attr->uuid, uuid_s, sizeof(uuid_s));
+	LOG_DBG("GATT authorize : conn_id = %d, attr %s", cinfo.id, uuid_s);
+
+	if (cinfo.id == BT_ID_SIDEWALK) {
+		if (bt_uuid_cmp(attr->uuid, BT_UUID_DECLARE_128(SMP_BT_CHR_UUID_VAL)) == 0) {
+			LOG_WRN("Block SMP_BT_CHR_UUID_VAL in Sidewalk connection");
+			return false;
+		}
+	}
+
+#if defined(CONFIG_SIDEWALK_DFU)
+	if (cinfo.id == BT_ID_SMP_DFU) {
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(AMA_CHARACTERISTIC_UUID_VAL_WRITE)) == 0) {
+			LOG_WRN("block AMA_CHARACTERISTIC_UUID_VAL_WRITE in DFU connection");
+			return false;
+		}
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(AMA_CHARACTERISTIC_UUID_VAL_NOTIFY)) == 0) {
+			LOG_WRN("block AMA_CHARACTERISTIC_UUID_VAL_NOTIFY in DFU connection");
+			return false;
+		}
+
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE)) ==
+		    0) {
+			LOG_WRN("block VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE in DFU connection");
+			return false;
+		}
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY)) ==
+		    0) {
+			LOG_WRN("block VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY in DFU connection");
+			return false;
+		}
+
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE)) ==
+		    0) {
+			LOG_WRN("block LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE in DFU connection");
+			return false;
+		}
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY)) ==
+		    0) {
+			LOG_WRN("block LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY in DFU connection");
+			return false;
+		}
+	}
+#endif //defined(CONFIG_SIDEWALK_DFU)
+	return true;
+}
+
+static const struct bt_gatt_authorization_cb gatt_authorization_callbacks = {
+	.read_authorize = gatt_authorize,
+	.write_authorize = gatt_authorize,
+};
+
 void app_start(void)
 {
 	if (app_buttons_init()) {
@@ -346,6 +422,11 @@ void app_start(void)
 		.sub_ghz_link_config = app_get_sub_ghz_config(),
 	};
 
+	int err = bt_gatt_authorization_cb_register(&gatt_authorization_callbacks);
+	if (err) {
+		LOG_ERR("Registering GATT authorization callbacks failed (err %d)", err);
+		return;
+	}
 	sidewalk_start(&sid_ctx);
 	sidewalk_event_send(sidewalk_event_platform_init, NULL, NULL);
 	sidewalk_event_send(sidewalk_event_autostart, NULL, NULL);
diff --git a/samples/sid_end_device/src/sensor_monitoring/app.c b/samples/sid_end_device/src/sensor_monitoring/app.c
index 98595732ef..347232c06f 100644
--- a/samples/sid_end_device/src/sensor_monitoring/app.c
+++ b/samples/sid_end_device/src/sensor_monitoring/app.c
@@ -21,6 +21,13 @@
 #include <sid_demo_parser.h>
 #include <json_printer/sidTypes2str.h>
 
+#include <sid_ble_uuid.h>
+#include <bt_app_callbacks.h>
+#include <zephyr/bluetooth/gatt.h>
+#if defined(CONFIG_SIDEWALK_DFU)
+#include <zephyr/mgmt/mcumgr/transport/smp_bt.h>
+#endif //defined(CONFIG_SIDEWALK_DFU)
+
 LOG_MODULE_REGISTER(app, CONFIG_SIDEWALK_LOG_LEVEL);
 
 #define PARAM_UNUSED (0U)
@@ -230,6 +237,73 @@ void app_start_tasks(void)
 	k_thread_name_set(&app_rx, "app_rx");
 }
 
+static bool gatt_authorize(struct bt_conn *conn, const struct bt_gatt_attr *attr)
+{
+	struct bt_conn_info cinfo = {};
+	int ret = bt_conn_get_info(conn, &cinfo);
+	if (ret != 0) {
+		LOG_ERR("Failed to get id of connection err %d", ret);
+		return false;
+	}
+	char uuid_s[50] = "";
+	bt_uuid_to_str(attr->uuid, uuid_s, sizeof(uuid_s));
+	LOG_DBG("GATT authorize : conn_id = %d, attr %s", cinfo.id, uuid_s);
+
+	if (cinfo.id == BT_ID_SIDEWALK) {
+		if (bt_uuid_cmp(attr->uuid, BT_UUID_DECLARE_128(SMP_BT_CHR_UUID_VAL)) == 0) {
+			LOG_WRN("Block SMP_BT_CHR_UUID_VAL in Sidewalk connection");
+			return false;
+		}
+	}
+
+#if defined(CONFIG_SIDEWALK_DFU)
+	if (cinfo.id == BT_ID_SMP_DFU) {
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(AMA_CHARACTERISTIC_UUID_VAL_WRITE)) == 0) {
+			LOG_WRN("block AMA_CHARACTERISTIC_UUID_VAL_WRITE in DFU connection");
+			return false;
+		}
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(AMA_CHARACTERISTIC_UUID_VAL_NOTIFY)) == 0) {
+			LOG_WRN("block AMA_CHARACTERISTIC_UUID_VAL_NOTIFY in DFU connection");
+			return false;
+		}
+
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE)) ==
+		    0) {
+			LOG_WRN("block VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE in DFU connection");
+			return false;
+		}
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY)) ==
+		    0) {
+			LOG_WRN("block VND_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY in DFU connection");
+			return false;
+		}
+
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE)) ==
+		    0) {
+			LOG_WRN("block LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_WRITE in DFU connection");
+			return false;
+		}
+		if (bt_uuid_cmp(attr->uuid,
+				BT_UUID_DECLARE_128(LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY)) ==
+		    0) {
+			LOG_WRN("block LOG_EXAMPLE_CHARACTERISTIC_UUID_VAL_NOTIFY in DFU connection");
+			return false;
+		}
+	}
+#endif //defined(CONFIG_SIDEWALK_DFU)
+	return true;
+}
+
+static const struct bt_gatt_authorization_cb gatt_authorization_callbacks = {
+	.read_authorize = gatt_authorize,
+	.write_authorize = gatt_authorize,
+};
+
 void app_start(void)
 {
 	if (app_buttons_init()) {
@@ -264,6 +338,12 @@ void app_start(void)
 		.sub_ghz_link_config = app_get_sub_ghz_config(),
 	};
 
+	int err = bt_gatt_authorization_cb_register(&gatt_authorization_callbacks);
+	if (err) {
+		LOG_ERR("Registering GATT authorization callbacks failed (err %d)", err);
+		return;
+	}
+
 	app_start_tasks();
 	sidewalk_start(&sid_ctx);
 	sidewalk_event_send(sidewalk_event_platform_init, NULL, NULL);
diff --git a/utils/sidewalk_dfu/nordic_dfu.c b/utils/sidewalk_dfu/nordic_dfu.c
index bb7eb7cc25..52a75c8fba 100644
--- a/utils/sidewalk_dfu/nordic_dfu.c
+++ b/utils/sidewalk_dfu/nordic_dfu.c
@@ -15,6 +15,7 @@
 #include <zephyr/sys/reboot.h>
 #include <state_notifier/state_notifier.h>
 #include <bt_app_callbacks.h>
+#include <sid_ble_uuid.h>
 
 #include <zephyr/logging/log.h>
 LOG_MODULE_REGISTER(nordic_dfu, CONFIG_SIDEWALK_LOG_LEVEL);
@@ -37,8 +38,7 @@ static struct bt_le_adv_param adv_params = { .id = BT_ID_DEFAULT,
 
 static const struct bt_data ad[] = {
 	BT_DATA_BYTES(BT_DATA_FLAGS, (BT_LE_AD_GENERAL | BT_LE_AD_NO_BREDR)),
-	BT_DATA_BYTES(BT_DATA_UUID128_ALL, 0x84, 0xaa, 0x60, 0x74, 0x52, 0x8a, 0x8b, 0x86, 0xd3,
-		      0x4c, 0xb7, 0x1d, 0x1d, 0xdc, 0x53, 0x8d),
+	BT_DATA_BYTES(BT_DATA_UUID128_ALL, SMP_BT_SVC_UUID_VAL),
 };
 
 static const struct bt_data sd[] = {