Er Wi Fi Integration Ericsson Info Tech Middle East

1,471 views
1,384 views

Published on

Wi Fi Integration Ericsson Info Tech Middle East

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,471
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Er Wi Fi Integration Ericsson Info Tech Middle East

  1. 1. Easing hotspot issuesWi-Fi integrationPeople want to be able to use their smartphones, laptops, tablets andother devices everywhere, and so they need access to 3G, 4G and Wi-Fi. A N DE R S LU N D S T RÖM A N D GÖR A N H A L L task of sending extra password informa- tion to their customers.Now that mobile broadband and drivers of this tenfold increase in mobile Numerous devices already supportmobile multimedia services are so data-traffic over a five-year period. EAP-SIM over Wi-Fi, including RIM’spopular, subscribers are beginning The strong growth in Wi-Fi-enabled BlackBerry phones, Nokia handsetsto expect broadband access to be handsets with SIM-based authentica- running Symbian, several SonyEricssonavailable wherever they go – not tion provides additional opportunities models, as well as Apple’s iPhone (mod-just at home or in the office. People to capture residential and hotspot ser- els 3 and 4) and iPad (models 1 and 2).want to be able to connect from vices – such as those often available at General support for Android devices istheir cars, on the train, in aircraft, airports that use web-login techniques. currently expected in 2012.from remote locations, in the urban As with most types of growth, this devel-jungle and even from areas where opment represents both opportunities Visionit is difficult to provide access, and challenges for operators to inte- Ericsson’s vision for Wi-Fi integrationsuch as in mines, tough terrain or grate Wi-Fi – allowing them to increase in 4th-generation IP networks, illustrat-subway tunnels. mobile-broadband reach while main- ed in Figure 2, is based on the ongoing taining convenience for subscribers. cooperation between Broadband ForumMarket situation and 3GPP EPC architectures, which usesThe Ericsson Traffic and Market Data Support for terminals a simple, functional architecture that isReport (November 2011)1 indicates that To provide subscribers with conve- scalable, flexible and easily tuned.mobile broadband subscriptions will nient access to operator hotspots and Wi-Fi solutions need to implementreach almost 5 billion in 2016 – a dramat- open access to residential Wi-Fi, new both packet-core integration and localic increase from the 900 million expect- mechanisms beyond today’s web-l­ gino breakout of services, using a BNG func-ed by the end of 2011. Irrespective of the and portal-based authentication are tion as shown in Figure 2. Traffic cantype of device used, internet access will required. If embedded SIM-security over be EPC-routed using the mobile service-continue to drive mobile-traffic develop- Wi-Fi is the chosen solution, the SIM of delivery cluster – PGWs, GGSNs and oth-ment; and mobile data-traffic is expect- the connecting device can provide an er value-added services – as part of the Gied to grow by nearly 60 percent a year access key using EAP-SIM or EAP-AKA network. Anchoring with mobile edgebetween 2011 and 2016. Subscribers authentication. In this way, a subscriber enables mobile service logic to apply fordownloading and watching video con- can connect to a mobile-broadband net- subscribers using Wi-Fi. This approachtent, and using ­ ideo-communication v work without having to enter a key man- reuses the northbound integration usu-services are expected to be the primary ually and operators avoid the additional ally implemented as part of the mobile BOX A Terms and abbreviations 3GPP 3rd Generation Partnership Project EAP-AKA EAP for UMTS Authentication and HSS Home Subscriber Server 4G 4th-generation mobile Key Agreement HTTP Hypertext Transfer Protocol wireless standards EAP-SIM EAP-Subscriber Identity Module IMS IP Multimedia Subsystem AAA authentication, authorization EPC Evolved Packet Core IMSI International Mobile Subscriber and accounting ePDG Evolved Packet Data Gateway Identity AVP attribute value pair GBA Generic Bootstrapping Architecture IP Internet Protocol BPCF Broadband Policy Control Function GGSN Gateway GPRS Support Node IP-CAN IP connectivity access network BNG Broadband Network Gateway Gi GGSN external interface IPsec IP Security CLIPS call line identification presentation – GGSN to PDN IPTV IP Television CMIPv4 Client-based mobile IPv4 GPRS general packet radio service IPv4 IP version 4 DHCP Dynamic Host Configuration GSM Global System for Mobile IPv6 IP version 6 Protocol Communications IKEv2 Internet Key Exchange version 2 DSMIPv6 Dual-stack Mobile IPv6 GTP GPRS Tunneling Protocol iWLAN interworking wireless local EAP Extensible Authentication Protocol GTPv1 GTP version 1 area network EAPoL EAP over LAN HLR home location register LAN local area network HSPA High-Speed Packet Access LTE Long Term EvolutionE R I C S S O N R E V I E W • 2 2011
  2. 2. service edge. Solutions for convergedpolicy control and common user man- FIGURE 1 Mobile broadband subscriptions by device type,agement are essential tools for operators 2008–2016 (Source: Ericsson1)that want to offer Wi-Fi as an extensionof mobile broadband. Subscriptions (millions)User experience and services 5,000Wherever they are, and whatever access 4,500 Mobile PCs and tabletsnetwork they use, subscribers should be Handheld devicesable to enjoy seamless Wi-Fi and mobile- 4,000broadband connections, with consis- 3,500tent QoE for operator-provided as well 3,000as OTT content and services. New ser-vices, such as prepaid WLAN hotspot 2,500access, can be offered, reusing GGSN/ 2,000PGW prepaid integration, by validatingusers in fixed access using SIM-based 1,500authentication. Value-added services 1,000traditionally offered over mobile net-works could also be offered to subscrib- 500ers using fixed access. 0 Functions that support enhanced 2008 2009 2010 2011 2012 2013 2014 2015 2016user experience – such as HTTP enrich-ment, content-caching and parentalcontrol – can be deployed for both Wi-Fiand mobile broadband. In this way, An IPsec- and IKEv2-based client toward EPC standardization – without anys­ ubscribers get a consistent service and a TTG or ePDG, and connection with market uptake however. They place nooperators can reduce transport costs PMIPv6 or GTPv1 toward the GGSN/ demands on Wi-Fi access and treat fixedat the same time. The parental control PGW from the TTG/ePDG; access as a simple transport pipe with nofunction can be provided seamlessly A DSMIPv6-based client connecting to ability to set policies.and consistently for mobile and Wi-Fi PGW with or without ePDG; Before connecting to the networknetworks without the need to install A CMIPv4-based client with a stand- with a mobile-IP-based or iWLAN solu-new clients on a device. alone home agent; or tion, terminals must first set up a Wi-Fi GBA-based authentication for HTTP- access connection to get an IP address.Other solutions based services. As a result, terminals may be requiredUnder current 3GPP standards, mobile All of these options have been stan- to first handle authentication with thedevices switch from a fixed network dardized as pure overlay solutions in Wi-Fi network and then later performto a mobile network using one of the 3GPP and 3GPP2, and have existed for SIM-based authentication. In addition,f­ ollowing solutions: many years as part of the iWLAN and these options impact on terminal MAP Mobile Application Part Services UM User Management MME Mobility Management Entity Rx radio receiver UMTS Universal Mobile MPG mobile packet gateway SGi PGW external interface, PGW to Telecommunications System MSP multi-sequence positioning Packet Data Network (PDN) VLAN virtual LAN OTT over-the-top SGW service gateway Wi-Fi trademark of the Wi-Fi Alliance PCC policy and charging control SIGTRAN Signaling Transport over IP Wi-Fi AC Wi-Fi access controller PCRF policy and charging rules function SIM subscriber identity module WLAN wireless LAN PDIF packet data interworking function SoftGRE Tunneling with dynamic use of GRE PDN Packet Data Network as encapsulation protocol PGW PDN gateway SS7 signaling system 7 PEAP Protected Extensible SSID Service Set Identifier Authentication Protocol STa Diameter interface to 3GPP AAA PMIPv6 Proxy Mobile IPv6 from trusted non-3GPP access QoE quality of experience SWm ePDG to 3GPP AAA interface QoS quality of service SWx 3GPP AAA to HSS interface RADIUS Remote Authentication Dial-In User TTG tunnel termination gateway E R I C S S O N R E V I E W • 2 2011
  3. 3. Easing hotspot issues design. Solutions based on iWLAN FIGURE 2 Wi-Fi integration in 4G networks – vision require terminals that support the IPsec and IKEv2 security protocols, in part by creating the cryptographic keys that are used during each session. Furthermore, PRCF UM these protocols need to be made avail- able to the client software handling the connectivity through different access Mobile network forms. PGW Access to local content using overlay solutions can be problematic via fixed access or a local breakout point, as user traffic is tunneled using IPsec or mobile IP to the anchor point in the mobile access network, making it difficult to isolate traffic between the terminal and the anchor point. YouTube The main benefit of overlay Virgin Media solutions is that they do not demand BNG Apple TV support from the Wi-Fi or fixed-access Fixed network network. Instead, all requirements are transferred to the terminal, with the mobile network providing the necessary support. Many operators and vendors have reported problems with overlay solu- tions and unmanaged Wi-Fi, and these FIGURE 3 Broadband Forum and 3GPP integrated architecture solutions have enjoyed only limit- ed success as a result. Joint 3GPP and SWx Broadband Forum studies have iden- EPC HSS tified the need for better models for Wi-Fi integration with mobile services S6a – models that take managed Wi-Fi into S10 account. This research has resulted in a PCRF Rx common architectural model, which is MME Gx Operator’s IP illustrated in Figure 3. S1-MME S11 services The target architecture supports both SGi S1-U S5 (e.g. IMS) local breakout and EPC-routed traffic. Serving PDN E-UTRAN gateway gateway Operators can decide whether they UTRAN S6b want to break out traffic locally in the S2b S9a BNG, or route it over the PGW. Based on S2c GERAN SWm ePDG 3GPP AAA server S2a EPC/LTE STa TABLE 1 Additional acronyms in Figure 3 BPCF Operator’s IP Fixed access AP access point services and local BNG AAA BBF Broadband Forum breakout BBF-defined access EDGE Enhanced Data rates for RG and network GSM Evolution E-UTRAN Enhanced UTRAN Broadband GERAN GSM EDGE Radio STB home network Access Network RG residential gateway STB set-top box WiFi TV PC Media AP center UE user equipment UTRAN Universal Terrestrial UE Radio Access NetworkE R I C S S O N R E V I E W • 2 2011
  4. 4. scalable and proven roaming principles,a GTP option is currently being added to FIGURE 4 Overview of current Ericsson solution functionalitythe 3GPP specification (S2a in Figure 3).This architecture supports commonauthentication using EAP methods overfixed access, enabling seamless login to MAP/SS7 SIGTRANWi-Fi networks by 3GPP terminals andWi-Fi-only devices. HLR PCRF With this architecture, both fixed Mobileand mobile operators can use their net- optimization Authenticationwork assets and capabilities to retain IP allocation AAAvalue and benefit financially from the User data flowincrease in highly sophisticated Wi-Fi-capable terminals. SSID2 operator 802.1x Radius For fixed access, the architectureincludes the following additional DHCP IP Apps multimedia IP BNGfunctionality: Mobile content app VLAN operator SIM-based authentication via communication with the HSS; IP fixed access converged policy control, where a policy SSID1 private controller can provide both fixed and VLAN private mobile policy control, as well as enabling fixed-access roaming with the QoS Internet provided by the visited network; nomadicity with anchoring in either the BNG or PGW. The anchor is selected by the policy controllers; mobility enabled by anchoring in PGW, providing IP-session continuity between fixed WLAN access and mobile access networks; and full mobile-service availability, FIGURE 5 Overview of current Ericsson solution functionality regardless of access network, by anchoring calls in the PGW.This architecture provides supportfor traditional use cases, such as peo- Mobile accessple using laptops to access web-loginWi-Fi services, as well as EAP-SIM/EAP- Mobile Mobile internetAKA authentication for residential and optimizationhotspot deployments. PCRF MME HSS PGW SGW The BNG can use the S2a interfaceto tunnel a specific user’s traffic intothe EPC network for a complete mobile EPC Broadband everywherefeature set with full reuse of all north- Apps multimediabound systems. This approach maxi- S2a Mobile content, appmizes an operator’s existing investment AAA GTPin packet core and enables authenti- IP fixed accesscated subscriber access over the fixed SSID1network. private VLAN private Overlay solutions are primarily Apps multimediaintended for deployment with unman- VLAN operator IPTV, content, apps BNGaged and unsecured Wi-Fi access points,but they continue to be part of the S2b SSID2and S2c standards shown in Figure 3. operator The Wi-Fi solutions in use today arebuilt on an authentication model for Internetfixed access, using local credentialsand port-based authentication for E R I C S S O N R E V I E W • 2 2011
  5. 5. Easing hotspot issues residential services, or portal-based terminals, a mobile service-logic for while BNG is the most natural option forauthentication for hotspot-style ser- Wi-Fi terminals, as shown in Figure 5, residential deployments.vices. These existing solutions do not is currently under discussion for 3GPP In this tunnel setup, an IP address isprovide the required level of security Rel-11. allocated by the PGW (from a local IPand user convenience, and as users are As with the existing solution, the pool or a connected AAA server). Withhidden behind network-address trans- operator’s SSID will be broadcast on the this IP address, the client can accesslation, they cannot provide individual- residential gateway or the Wi-Fi hotspot the operator’s network and the inter-ized services. access point, which requires 802.1× net according to the subscriber’s service EAPoL to be enabled. The SSID traffic offerings. Figure 6 describes in more inAn in-depth pragmatic approach will be encapsulated into a dedicated detail how integration is implementedThe Ericsson Wi-Fi Integrated Network VLAN or a SoftGRE tunnel and termi- in the call flow.solution incorporates a number of nated in the BNG.recent developments, with support for When a device attempts to connect to 0- 802.11 association setup – the client802.1x and EAP-SIM in the latest gen- the operator SSID, either an EAP-SIM or device sets up the 802.11 association witheration of handsets, laptops and oth- EAP-AKA authentication procedure exe- the Wi-Fi access point;er devices. The solution provides local cutes – depending on whether the card 1- 802.1x EAPoL – the client device isbreakout of all traffic, with the option used is a SIM or a USIM. The device uses authenticated using EAP-SIM/EAP-AKAof using policy routing to direct certain EAPoL to communicate with the access over 802.1x and RADIUS to an AAA in theusers to mobile service-nodes, providing point, which in turn packages the infor- network. The RADIUS message is routed toadvanced mobile broadband functional- mation into a RADIUS message AVP car- the AAA, possibly transparently, throughity such as deep packet-inspection and rying either an EAP-SIM or EAP-AKA the BNG or a Wi-Fi access controller (Wi-Fiproxy functions optimized for mobile container. The RADIUS is routed to the AC);devices. AAA, which translates messages sent to 2- DHCP discover – the client device starts The Ericsson solution uses the SIM the HLR using a MAP gateway. a DHCP procedure to get an IP address. Thecard to authenticate an existing hand- Upon successful authentication, DHCP discovery is forwarded to the BNG orset seamlessly. Operators can provide a the client device starts a DHCP proce- a Wi-Fi AC;customized service offering with a large dure to obtain an IP address. A success- 3- RADIUS access request – the BNGfeature set and the solution supports ful authentication or DHCP request (Wi-Fi AC) triggers a radius access requesthotspots and residential deployments of triggers the initiation of a GTP tunnel for authorization of the IP (CLIPS) sessionoperator-managed Wi-Fi. Figure 4 pro- from the BNG (as shown in Figure 5 ) or and to make a connection between IMSI andvides an overview of the current solu- a Wi-Fi access controller, to the PGW in MAC addresses;tion functionality. the mobile network. The direct connec- 4- RADIUS accounting – a radius To enable further integration with tion from a Wi-Fi access controller pro- accounting procedure informs the AAA thatthe mobile network for SIM-based vides an alternative to BNG for hotspots, the IP (CLIPS) session is established; FIGURE 6 Call flow for Wi-Fi terminals connecting through mobile service logic HSS 802.1x SSID BNG AAA BPCF PGW PCRF Apps multimedia Mobile content, app. 0- 802.11 association setup 1- 802.1x EAPoL 1- RADIUS/ EAP authentication 2- DHCP discover 3- RADIUSaccess request 4- RADIUS accounting 5- GTP Create session request/response 6- IP-CAN establishment 8- DHCP offer 9- DHCP request 10- DHCP ack 7’- Optional authorization 7- Optional S9a establishment 11- RADIUS accountingE R I C S S O N R E V I E W • 2 2011
  6. 6. 5- GTP Create session request/response be in place by the time 3GPP Release 11 Anders Lundström– the DHCP discover (or successful introduces S2a GTP. Ericsson also plansauthentication) will also trigger a GTP to offer pre-standard solutions for oper- joined Ericsson in 1999create session request to the PGW to get an ators who want rapid deployment of working in 3G packet-coreIP address from the PGW and to set up a converged fixed-mobile services and a system-management.tunnel for the client device’s user data or a seamless user experience. He currently works in thesubset thereof; product line Packet Networks as a 6- IP-CAN establishment – on GTP Conclusion strategic product manager for EPC.session establishment, a Gx session is In Ericsson’s vision for Wi-Fi integration In this role he is responsible fortypically also set up between the PGW and in fourth-generation IP networks, traffic convergence strategies for Wi-Fi integration as part of Ericsson’s overallthe PCRF. This allows policies for the from SIM-based terminals can be routed EPC offering. Previously, he was keysession to be downloaded to the PGW; through the mobile service­delivery clus- - lead for Ericsson in the development 7- Optional S9a establishment/7’- ter – PGWs, GGSNs and other ­ alue-added v of a 3GPP2 migration path LTE/EPCOptional authorization – policies for the services – to enable mobile ­ ervice-logic s and has spent several years workingBNG (Wi-Fi AC) from the PCRF in the mobile to apply for subscribers using Wi-Fi. in the US in various productnetwork may be included in signaling for the This approach maximizes an operator’s management positions.GTP tunnel setup, or sent via the S9a existing investment in packet core andinterface. Policies for the BNG (Wi-Fi AC) enables authenticated subscriber accessmay then be pushed from the PCRF to the over the fixed ­ etwork. nBPCF and further on to the BNG (Wi-Fi AC); Göran Hallthe standardization of this process is still is an expert in Packetunder discussion and several alternatives Core Networkexist, including policy download for traffic Architecture at Productthat is broken out at the BNG (Wi-Fi AC); Unit Packet Core, System 8,9,10- DHCP offer, request and ack – Technology. He joined Ericsson inwhen the GTP session is established, the 1991 to work on development andclient device receives a DHCP offer with the standardization, primarily withinIP address assigned by the PGW and the the area of packet core networkDCHP request/ack procedures will confirm architecture for GPRS, WCDMA, PDCthe IP address for the client; and and later also EPC, serving as a key 11- RADIUS accounting – if accounting is lead for the development of initial EPCperformed in the fixed AAA in addition to standards and nodes. He is currently responsible for technical strategiesthe PGW, a RADIUS accounting can also be and forward-looking activities at PDUsent to the BPCF from the BNG to trigger PC System and Technology.the policy download to BPCF from the PCRF.The initial solution will support nomad-ic mobility between mobile access andWi-Fi, but mobility support betweencellular and Wi-Fi access to enable IPsession continuity is currently beingresearched. Existing terminals cansupport the nomadic solution, where-as the solution for session continuitywill probably require terminal updates.Currently, mobility between Wi-Fi and3GPP access is not supported, howev-er, there are already many applicationsimplemented to handle a change of IPaddress allowing the user session to con-tinue after just a short interrupt. As existing S2a interface specifica-tions support only PMIPv6 for S2a, thedevelopment of a solution based on stan- eferences Rdards will require an evolution of theS2a interface specifications to include 1. Traffic and Market Data Report onGTP usage. Ericsson is currently seek- the Pulse of the Networked Society,ing an alignment between S2b and S2a November 2011, http://hugin.GTP interfaces. This alignment should info/1061/R/1561267/483187.pdf E R I C S S O N R E V I E W • 2 2011

×