SlideShare a Scribd company logo

Carrier grade wi fi integration architecture

Satish Chavan
Satish Chavan

Carrier Grade Wi-Fi Integration Architecture

Technology
1 of 30
Satish Chavan Please note : Non commercial document for information purpose only
Wi-Fi or WiFi is a technology for wireless local area networking with devices based on the IEEE 802.11 standards. Wi-Fi is a trademark of the Wi-Fi Alliance, which restricts the use of the term Wi-Fi Certified to products that successfully complete interoperability certification testing Wi-Fi networks use radio waves—typically deployed within unlicensed spectrum over the 2.4 gigahertz (12 cm) UHF and 5 gigahertz (6 cm) SHF ISM radio bands to connect to a wireless access point called a “router”, which directly connects to the Internet. Users connecting to Wi-Fi at an airport, coffee shop, library or a hotel—have all used an open Wi-Fi network. Locations with open and public wireless access are called wireless or public Wi- Fi hotspots. it is more vulnerable to attack than wired connections, such as Ethernet. Web pages that use Transport Layer Security (TLS) are secure, but unencrypted Internet access can easily be detected by intruders. For protection, Wi-Fi has adopted various encryption technologies. The early encryption Wired Equivalent Privacy (WEP) proved easy to break. Higher quality protocols, such as Wi-Fi Protected Access (WPA, WPA2) were added later. An optional feature added in 2007, called Wi- Fi Protected Setup (WPS). Introduction
There are two basic types of deployment models in wireless: 1. capacity based deployment models 2. coverage based deployment models Capacity based deployment models In a capacity based type of deployment, the goal is to provide good quality wireless service to a concentrated set of concurrent users in a confined area. Factors to consider when designing capacity based networks are: • Number of users in a specific area covered by a single AP • Number of Wi-Fi devices per person • Percentage of users that are expected to be active • Types of applications and throughput needed • Mix of applications • Type of users in the network (2.4 GHz vs. 5GHz) • Legacy vs. .11n user protocols. Deployment models
In a coverage based wireless design, the goal is to provide good quality of service (in terms of RF signal strength) in as much of the area as possible with a single or multiple access points. Examples of coverage based deployments school ,warehouses ,Hosptals, clinics ,Hotels , Office . Factors to consider when designing coverage based networks are: • Type of site - office, cubicle, warehouse, single room motel/hotel, etc. • Floor plan and ceiling height – e.g. office (10 ft./3 m), warehouse (20 ft./3m), gym (30 ft./9m) • Construction materials and obstructions - e.g. concrete, brick, drywall, elevator shafts • Number of floors • Exclusion areas – locations where coverage is not required/ required Site characteristics Optimized for casual data Optimized for business-class Optimized for voice, video, Easy (line of sight,open space/cubes) 300-600 feet 200-300 feet 100-200 feet Medium (dry wall, wood) 150-250 feet 100-200 feet 50-100 feet Difficult (concrete, cluttered) 50-100 feet 40-70 feet 25-50 feet Coverage based deployment models
AP Based Topology Peer to peer Topology Point to multi-point bridge Topology Wi fi Topology
IEEE 802.11 Wi-Fi Standards  802.11a - Wireless network bearer operating in the 5 GHz ISM band with data rate up to 54 Mbps.  802.11b - Wireless network bearer operating in the 2.4 GHz ISM band with data rates up to 11 Mbps. 802.11e - Quality of service and prioritization 802.11f - Handover 802.11g - Wireless network bearer operating in 2.4 GHz ISM band with data rates up to 54 Mbps. 802.11h - Power control 802.11i - Authentication and encryption 802.11j - Interworking 802.11k - Measurement reporting 802.11n - Wireless network bearer operating in 2.4 & 5 GHz ISM bands with data rates up to 600 Mbps. 802.11s - Mesh networking 802.11ac - Wireless network bearer operating below 6GHz to provide data rates of at least 1Gbps per second for multi-station operation and 500 Mbps on a single link. 802.11ad - Wireless network bearer providing very high throughput at frequencies up to 60GHz. 802.11af - Wi-Fi in TV spectrum white spaces (often called White-Fi). 802.11ah - Wi-Fi using unlicensed spectrum below 1 GHz to provide long range communications and support for The Internet of Everything.
IEEE 802.11 Wi-Fi Standards summary
Carrier Grade Wi-Fi project key points Large Coverage Footprint and Radio performance Reliable, Carrier grade quality Capacity based Good Bandwidth, Speeds Integration Mobility and roaming Security Policy Easy to Use ROI and Value added Services offer.
High Density Design Recommendations -Best practices based on many successful installations and should serve as guidelines for proper design, planning, and deployment of a wireless network. 1) Identify High Density Areas - start the design process by using a live RF tool to identify areas of high density. 2) Use Dual Band APs - use dual band concurrent access points (2.4GHz and 5 GHz radios) to maximize available throughput for users. Always enable both radios. 3) Design AP Overlap - design the AP placement in high density areas such that each client always sees two to three access points. If one or two access point is overloaded at any given time, the client can be load balanced to another access point without any negative impact to the end user. 4) Load Balance Traffic - set the threshold on the AP to effectively utilize an over the air resource to ensure that you load balance the traffic to all of the access points that can be seen by clients. Recommend setting the maximum number of clients to 25 to 30 for high throughput applications and the minimum RSSI threshold of (-73dBm). This means that any particular AP will serve a maximum of 25 to 30 clients with good reception. 5) Set AP Power Lower – turning AP power up could cause additional co-channel and adjacent-channel interference. Recommended method is adding a third AP while setting the output power to one half or one quarter for the 2.4GHz AP and to one half for the 5 GHz AP. Design RecommendationsDetermining Access Point Throughput
When designing high density wireless networks, it is critical to understand which applications will be used and how much bandwidth each application will consume in terms of throughput per user. General references on how much throughput is needed for common applications such as internet, audio, video, printing, file sharing, and online testing. online video applications such as youtube.com. Throughput requirements can vary from 2 to 4Mpbs per user depending on the video resolution. Once the bandwidth per application is known, this number can be used to calculate the bandwidth required per user. In addition to the type of applications to be used, bandwidth requirements will vary based on the number of expected users on the wireless network. As more users access the network, throughput per user goes down causing slower transmission rates. If the network consists of mixed clients (11a, b, gand 11n modes), the average throughput per client will also go down with the greater the number of legacy clients Once the types of applications are identified and the bandwidth per type of application is determined, you can establish the aggregate bandwidth required by multiplying the total Mbps by the number of expected users in the coverage area. Establishing Bandwidth Requirements
In practice, there are several factors that will significantly reduce AP throughput vs. the theoretical limit: • Protocol and packet overhead - can reduce throughput by 40 - 50% • Slow or “far away” clients - clients that are further away or in an area of weaker signal strength must step down the transmission physical rate (PHY) rate to send the packet (e.g. a client sending a packet at 1 Mbps will take 100 times longer than a client sending the same packet at a PHY rate of 100Mbps), potentially causing an additional 50% degradation of throughput. • Uneven distribution of clients - in a dual band concurrent AP, both bands can simultaneously support client traffic. However, not all clients are dual band and there is no guarantee that even the dual band clients will evenly distribute themselves between 2.4 and 5GHz. Network effectiveness may be reduced by another 50% due to the behavior of the clients. • Control traffic – control traffic exchanged between the AP and various clients at low PHY rates can further reduce available bandwidth by 25%. • Other – co-channel and adjacent channel interference, network re-transmissions, and bad behavior clients will further reduce AP throughput. Determining Access Point Throughput
Wi-Fi offloading Explosion of data consumption in mobile networks. 3GPP access networks UMTS, LTE and LTE-A suffer from limited availability of licensed spectrum. Wi-Fi is ideally positioned to extend the cellular coverage. It uses unlicensed spectrum in ISM bands (2,4 GHz 5 GHz). First step (today) is manual selection of a Wi-Fi hotspot and login. Goal Goal of 3GPP standardization is to create a converged network solution with seamless coverage including Wi-Fi. Additional network elements will be added to handle network selection, authentication, security, flow control and handovers.  Data streams shall even be able to use both connections (cellular and Wi-Fi) at the same time depending on QoS requirements Wi-Fi offloading
Wi-Fi networks: trusted or untrusted. The EPC architecture defines two access path for non- 3GPP access networks towards EPC: trusted and untrusted. Trusted non 3GPP access path: 1. Security level (from operator perspective) is sufficiently safe. 2. Authentication similar to 3GPP access - via USIM credentials Example: carrier’s own installed Wi-Fi Untrusted non 3GPP access path: 1. No secure safety level 2. IPsec tunnels are used Example: access using public hotspots Wi-Fi offloading
Typically up to 45% of data is already offloaded by user ‘casual offload’ at home, work and public WiFi Difficult to assess how much can be offloaded as you can’t count what would have never been on cellular. A successful WiFi offload strategy can only be achieved by deploying a successful WiFi management solution. Challenge: 1. Flat Rate plans 2. Demand for data keeps on increasing 3. Limitations of Licensed spectrum 4. Can’t use traditional methods of expansion •Wi-Fi is existing everywhere •Currently 40% content delivered to smartphones over Wi- Fi •802.11N adds significant capacity changes •Doesn’t depend on RAN nodes for routing •Can be applied to legacy and new technologies Wi-Fi offloading
Wi-Fi offloading -Architecture
Application based switching 3GPP R6 Wi fi mobility 3GPP Release 8 Wi-Fi offloading -3GPP Release 6 and 8 offload
3GPP Release 10- Wi fi Seamless offload and IP flow mobility Wi-Fi offloading -3GPP Release 10- Wi fi Seamless offload
Wi-Fi + cellular integration–solution
Source -- http://www.slideshare.net/c0nd3/cisco-mobile-offloadarchitecture21062012 Wi-Fi + cellular integration– Cisco carrier solution
Source : http://www.slideshare.net/mjarski/introduction-to-ruckus-carrier-solutions Wi-Fi + cellular integration – Ruckus carrier solution
Wi-Fi + cellular integration– Elitecore carrier solution Source : http://www.elitecore.com/telecompractices/wi-fi-service-management-platform-smp.html
Authentication Options -Two main authentication models • EAP/802.1x – WLC or AP authentication / ISG - Authorization • AAA is the authentication server • EAP-SIM/AKA - proper supplicant software available on terminal device • Seamless authentication ,requires client config. (certificates, username/pwd, etc) Weblogin – Portal-based Authentication and Authorization • Open SSID • Subsequent Logins are transparent/automatic using device MAC address • Vulnerable to MAC Spoofing • Requires no client configuration, completely Web- based Authentication
Alternative authentication methods include: 1. EAP-TTLS while retrieving policies as if it was a EAP-SIM/AKA authentication. 2. Authentication via one-time SMS (to verify a mobile subscriber) 3. WISPr-compliant client on the user device 4. Captive portal with manual log-in 5. 3rd party authentication tokens (such as SecurID) 6. MAC-based authentication (allows simple re-authentication of devices which have previously been authenticated using another methods such as manual log- in) 7. location-based multi-device login, making MAC-based authentication more secure.
• 802.1x Authentication using the EAP-TLS protocol. •TTLS (Tunneled Transport Layer Security) •Username/password inside secure tunnel •This is the most common form of EAP •Very widely supported, simple with certificate-based security •EAP-SIM Full Authentication Based on RFC-4186 •SIM – Use GSM SIM over EAP • Only works in SIM-based devices •. No configuration on device. • Requires connection to HLR associated with SIM
Web Portal Flow First Time Auth. Web Portal Flow Second time Auth. http://www.slideshare.net/rafaeljunquera/telesemana-webinar-enero-22-2013
UAM/WISPrAuthentication 1. Open SSID2. 2. User connects and receives IP address from the DHCP Server 3. DHCP/NAT can be also applied by the AP 4. User Web Traffic is redirected to the login page (redirection enforced by the controller or AP) 5. User and Pass are checked against RADIUS 6. User is authenticated and proper policies are applied/enforced at the Access Point (rate limit, volume and /or time quota)
UAM/WISPr Authentication First time UAM/WISPr Authentication second time http://www.slideshare.net/rafaeljunquera/telesemana-webinar-enero-22-2013
Best practice for Wi-Fi offloading – EAP-SIM/AKA SIM-based authentication is the best practice for authentication for mobile data offloading as it utilizes the same mechanism as in the 3G/LTE network making the authentication process seamless and secure for the end-user. An automatic authentication process in combination with smartphones’ tendency to prioritize Wi-Fi over 3G/LTE connections will ensure a high rate of offloaded users. The authenticates users based on the information retrieved from the HLR or HSS in the mobile core in accordance with the 3GPP AAA functionality. The Wi-Fi network must support the 802.1x in order to deliver SIM credentials to the SIM authentication function, which provides the additional benefit of encrypting the Wi-Fi link with the same level of security as that which is found in the 3G/LTE network. The security and the automatic authentication process make the Wi-Fi network a trusted extension of the 3G/LTE network. Together with the new IEEE 802.11u standard, SIM-based EAP-SIM/AKA authentication has become the foundation of the next generation hotspot – Hotspot 2.0, as defined by the Hotspot 2.0 Task Group in the Wi-Fi Alliance. Mobile operators will need alternative authentication methods to support customers Wi-Fi devices not support SIM-cards or support for EAP-SIM/AKA. Wi-Fi offloading -Best practice
What precautions can users take to help secure their use of public Wi-Fi networks? • Manually select Wi-Fi networks laptop, tablet or smartphone are set to manually select a Wi-Fi network, rather than having it automatically connect • Use a VPN solutions provide encryption and security across public networks, as well as masking your IP address so that opportunities for phishing are dramatically reduced. • Use two-factor authentication step adds an extra layer of protection for public password-sniffing hackers to try and overcome. • Check the authenticity- Wi-Fi hotspot for the correct network name and password. Be wary if there is no WPA or WPA2 password (for Wi-Fi protected access). • Check for HTTPS web pages -ensure that the web pages you visit are https encrypted where possible. SSL/TLS encryption, thus making Man-in-the-Middle (MiTM) attacks much less likely. • Patching and updating software on a regular basis is an essential security practice, especially when it comes to Wi-Fi. • Avoid accessing sensitive information.By and large, public Wi-Fi networks should not be used to access email, online banking and credit card accounts, or any other sensitive data . • Logout when finished and Turn off Wi-Fi if not in use Don’t stay permanently signed in to your personal accounts when accessing public Wi-Fi hotspots as you may leave yourself exposed. For further security, log out from each website after each session. Security- public Wi-Fi networks
In fact, 46% of global mobile data traffic is being offloaded to WiFi today. A study estimates public Wi-Fi hotspots to grow to 340 million by 2016 globally, amounting to 1 hotspot for every 20 people India -Carrier WiFi KDDI (Japan) rolled out the world’s largest Wi-Fi based offload network. Satish Chavan satchavan@gmail.com http://in.linkedin.com/in/satchavan Please note : Non commercial document for information purpose only January 2017

Recommended

LTE :Mobile Network Security
LTE :Mobile Network SecurityLTE :Mobile Network Security
LTE :Mobile Network SecuritySatish Chavan
 
Module 6 Wireless Network security
Module 6 Wireless Network securityModule 6 Wireless Network security
Module 6 Wireless Network securitynikshaikh786
 
Carrier WiFi Architectures
Carrier WiFi ArchitecturesCarrier WiFi Architectures
Carrier WiFi ArchitecturesMarc Nader
 
LTE Security Training – LTE and LTE-Advanced Security
LTE Security Training – LTE and LTE-Advanced SecurityLTE Security Training – LTE and LTE-Advanced Security
LTE Security Training – LTE and LTE-Advanced SecurityBryan Len
 
01 elements of modern networking by nader elmansi
01 elements of modern networking by nader elmansi01 elements of modern networking by nader elmansi
01 elements of modern networking by nader elmansiNader Elmansi
 
Security Testing 4G (LTE) Networks - 44CON 2012
Security Testing 4G (LTE) Networks - 44CON 2012Security Testing 4G (LTE) Networks - 44CON 2012
Security Testing 4G (LTE) Networks - 44CON 201244CON
 
nokia_netact_brochure
nokia_netact_brochurenokia_netact_brochure
nokia_netact_brochureAna Sousa
 
IoT Seminar (Jan. 2016) - (4) friedhelm rodermund - lwm2m and lpwa
IoT Seminar (Jan. 2016) - (4) friedhelm rodermund - lwm2m and lpwaIoT Seminar (Jan. 2016) - (4) friedhelm rodermund - lwm2m and lpwa
IoT Seminar (Jan. 2016) - (4) friedhelm rodermund - lwm2m and lpwaOpen Mobile Alliance
 

Recommended

LTE :Mobile Network Security
LTE :Mobile Network SecurityLTE :Mobile Network Security
LTE :Mobile Network SecuritySatish Chavan
 
Module 6 Wireless Network security
Module 6 Wireless Network securityModule 6 Wireless Network security
Module 6 Wireless Network securitynikshaikh786
 
Carrier WiFi Architectures
Carrier WiFi ArchitecturesCarrier WiFi Architectures
Carrier WiFi ArchitecturesMarc Nader
 
LTE Security Training – LTE and LTE-Advanced Security
LTE Security Training – LTE and LTE-Advanced SecurityLTE Security Training – LTE and LTE-Advanced Security
LTE Security Training – LTE and LTE-Advanced SecurityBryan Len
 
01 elements of modern networking by nader elmansi
01 elements of modern networking by nader elmansi01 elements of modern networking by nader elmansi
01 elements of modern networking by nader elmansiNader Elmansi
 
Security Testing 4G (LTE) Networks - 44CON 2012
Security Testing 4G (LTE) Networks - 44CON 2012Security Testing 4G (LTE) Networks - 44CON 2012
Security Testing 4G (LTE) Networks - 44CON 201244CON
 
nokia_netact_brochure
nokia_netact_brochurenokia_netact_brochure
nokia_netact_brochureAna Sousa
 
IoT Seminar (Jan. 2016) - (4) friedhelm rodermund - lwm2m and lpwa
IoT Seminar (Jan. 2016) - (4) friedhelm rodermund - lwm2m and lpwaIoT Seminar (Jan. 2016) - (4) friedhelm rodermund - lwm2m and lpwa
IoT Seminar (Jan. 2016) - (4) friedhelm rodermund - lwm2m and lpwaOpen Mobile Alliance
 
Architecture for Mobile Data Offload over Wi-Fi Access Networks
Architecture for Mobile Data Offload over Wi-Fi Access NetworksArchitecture for Mobile Data Offload over Wi-Fi Access Networks
Architecture for Mobile Data Offload over Wi-Fi Access NetworksCisco Service Provider
 
Wireless network security
Wireless network security Wireless network security
Wireless network security Aurobindo Nayak
 
Understanding Wi-Fi offload
Understanding Wi-Fi offloadUnderstanding Wi-Fi offload
Understanding Wi-Fi offloadKenan Masic
 
WLAN Traffic Offload in LTE
WLAN Traffic Offload in LTE WLAN Traffic Offload in LTE
WLAN Traffic Offload in LTE Praveen Kumar
 
4G LTE Security - What hackers know?
4G LTE Security - What hackers know?4G LTE Security - What hackers know?
4G LTE Security - What hackers know?Stephen Kho
 
IMS Naming Identity
IMS Naming IdentityIMS Naming Identity
IMS Naming IdentityKent Loh
 
Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)Wail Hassan
 
Dynamic Data Offloading : Connect Intelligently With ANDSF
Dynamic Data Offloading : Connect Intelligently With ANDSFDynamic Data Offloading : Connect Intelligently With ANDSF
Dynamic Data Offloading : Connect Intelligently With ANDSFGreen Packet
 
4G EPC architecture by saurav sarker
4G EPC architecture by saurav sarker4G EPC architecture by saurav sarker
4G EPC architecture by saurav sarkerSaurav Sarker
 
Wireless LAN Security
Wireless LAN SecurityWireless LAN Security
Wireless LAN SecurityAbu Rayhan Ahmmed Rimu
 
IMS IP multimedia subsystem presentation
IMS IP multimedia subsystem presentationIMS IP multimedia subsystem presentation
IMS IP multimedia subsystem presentationWaldir R. Pires Jr
 
Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)
Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)
Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)Cisco Service Provider Mobility
 
China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit
China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit
China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit kimw001
 
NGN & IMS
NGN & IMSNGN & IMS
NGN & IMSSamuel Dratwa
 
Network function virtualization
Network function virtualizationNetwork function virtualization
Network function virtualizationSatish Chavan
 
Virtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptVirtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptOECLIB Odisha Electronics Control Library
 
Meru Presentation
Meru PresentationMeru Presentation
Meru Presentationmacmillant
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private NetworkRicha Singh
 
Ruckus wp wifi-into-core
Ruckus wp wifi-into-coreRuckus wp wifi-into-core
Ruckus wp wifi-into-corewarchitect
 
IRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLAN
IRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLANIRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLAN
IRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLANIRJET Journal
 
Wireless lan
Wireless lanWireless lan
Wireless lanMourad Mahrous
 
Wi fi and wimax
Wi fi and wimax Wi fi and wimax
Wi fi and wimax Sanjay Hp
 

More Related Content

What's hot

Architecture for Mobile Data Offload over Wi-Fi Access Networks
Architecture for Mobile Data Offload over Wi-Fi Access NetworksArchitecture for Mobile Data Offload over Wi-Fi Access Networks
Architecture for Mobile Data Offload over Wi-Fi Access NetworksCisco Service Provider
 
Wireless network security
Wireless network security Wireless network security
Wireless network security Aurobindo Nayak
 
Understanding Wi-Fi offload
Understanding Wi-Fi offloadUnderstanding Wi-Fi offload
Understanding Wi-Fi offloadKenan Masic
 
WLAN Traffic Offload in LTE
WLAN Traffic Offload in LTE WLAN Traffic Offload in LTE
WLAN Traffic Offload in LTE Praveen Kumar
 
4G LTE Security - What hackers know?
4G LTE Security - What hackers know?4G LTE Security - What hackers know?
4G LTE Security - What hackers know?Stephen Kho
 
IMS Naming Identity
IMS Naming IdentityIMS Naming Identity
IMS Naming IdentityKent Loh
 
Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)Wail Hassan
 
Dynamic Data Offloading : Connect Intelligently With ANDSF
Dynamic Data Offloading : Connect Intelligently With ANDSFDynamic Data Offloading : Connect Intelligently With ANDSF
Dynamic Data Offloading : Connect Intelligently With ANDSFGreen Packet
 
4G EPC architecture by saurav sarker
4G EPC architecture by saurav sarker4G EPC architecture by saurav sarker
4G EPC architecture by saurav sarkerSaurav Sarker
 
IMS IP multimedia subsystem presentation
IMS IP multimedia subsystem presentationIMS IP multimedia subsystem presentation
IMS IP multimedia subsystem presentationWaldir R. Pires Jr
 
Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)
Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)
Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)Cisco Service Provider Mobility
 
China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit
China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit
China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit kimw001
 
Network function virtualization
Network function virtualizationNetwork function virtualization
Network function virtualizationSatish Chavan
 
Meru Presentation
Meru PresentationMeru Presentation
Meru Presentationmacmillant
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private NetworkRicha Singh
 
Ruckus wp wifi-into-core
Ruckus wp wifi-into-coreRuckus wp wifi-into-core
Ruckus wp wifi-into-corewarchitect
 
IRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLAN
IRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLANIRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLAN
IRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLANIRJET Journal
 

What's hot (20)

Architecture for Mobile Data Offload over Wi-Fi Access Networks
Architecture for Mobile Data Offload over Wi-Fi Access NetworksArchitecture for Mobile Data Offload over Wi-Fi Access Networks
Architecture for Mobile Data Offload over Wi-Fi Access Networks
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
 
Understanding Wi-Fi offload
Understanding Wi-Fi offloadUnderstanding Wi-Fi offload
Understanding Wi-Fi offload
 
WLAN Traffic Offload in LTE
WLAN Traffic Offload in LTE WLAN Traffic Offload in LTE
WLAN Traffic Offload in LTE
 
4G LTE Security - What hackers know?
4G LTE Security - What hackers know?4G LTE Security - What hackers know?
4G LTE Security - What hackers know?
 
IMS Naming Identity
IMS Naming IdentityIMS Naming Identity
IMS Naming Identity
 
Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)
 
Dynamic Data Offloading : Connect Intelligently With ANDSF
Dynamic Data Offloading : Connect Intelligently With ANDSFDynamic Data Offloading : Connect Intelligently With ANDSF
Dynamic Data Offloading : Connect Intelligently With ANDSF
 
4G EPC architecture by saurav sarker
4G EPC architecture by saurav sarker4G EPC architecture by saurav sarker
4G EPC architecture by saurav sarker
 
Wireless LAN Security
Wireless LAN SecurityWireless LAN Security
Wireless LAN Security
 
IMS IP multimedia subsystem presentation
IMS IP multimedia subsystem presentationIMS IP multimedia subsystem presentation
IMS IP multimedia subsystem presentation
 
Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)
Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)
Architecture for Mobile Data Offload over Wi-Fi Access Networks (White Paper)
 
China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit
China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit
China Mobile - OpenStack Summit 2016/Red Hat Mini NFV Summit
 
NGN & IMS
NGN & IMSNGN & IMS
NGN & IMS
 
Network function virtualization
Network function virtualizationNetwork function virtualization
Network function virtualization
 
Virtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptVirtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) ppt
 
Meru Presentation
Meru PresentationMeru Presentation
Meru Presentation
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Ruckus wp wifi-into-core
Ruckus wp wifi-into-coreRuckus wp wifi-into-core
Ruckus wp wifi-into-core
 
IRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLAN
IRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLANIRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLAN
IRJET- Dynamic Adaption of DCF and PCF Mode of IEEE 802.11 WLAN
 

Similar to Carrier grade wi fi integration architecture

Wi fi and wimax
Wi fi and wimax Wi fi and wimax
Wi fi and wimax Sanjay Hp
 
Wireless Networks.pptx
Wireless Networks.pptxWireless Networks.pptx
Wireless Networks.pptxMinecraftJava
 
4G wireless system-mj
4G wireless system-mj4G wireless system-mj
4G wireless system-mjmjleo
 
wirless lan 802.11
wirless lan 802.11wirless lan 802.11
wirless lan 802.11mankuuu
 
Brief introduction of wi max technology
Brief introduction of wi max technologyBrief introduction of wi max technology
Brief introduction of wi max technologyMd. Tamim Haider
 
Wi-Fi access points for business
Wi-Fi access points for businessWi-Fi access points for business
Wi-Fi access points for businessICON
 
4.report (gi fi technology)
4.report (gi fi technology)4.report (gi fi technology)
4.report (gi fi technology)JIEMS Akkalkuwa
 
Wimax - Opportunites for Developing Nations
Wimax - Opportunites for Developing NationsWimax - Opportunites for Developing Nations
Wimax - Opportunites for Developing Nationskamalmittal1
 
Presentation of-wimax
Presentation of-wimaxPresentation of-wimax
Presentation of-wimaxRubab Fatima
 
Qualcomm: Making the best use of unlicensed spectrum
Qualcomm: Making the best use of unlicensed spectrumQualcomm: Making the best use of unlicensed spectrum
Qualcomm: Making the best use of unlicensed spectrumQualcomm Research
 

Similar to Carrier grade wi fi integration architecture (20)

Wireless lan
Wireless lanWireless lan
Wireless lan
 
Wi fi and wimax
Wi fi and wimax Wi fi and wimax
Wi fi and wimax
 
Shubham
ShubhamShubham
Shubham
 
Wireless LAN
Wireless LANWireless LAN
Wireless LAN
 
PACE-IT: Wireless LAN Infrastructure (part 1)
PACE-IT: Wireless LAN Infrastructure (part 1)PACE-IT: Wireless LAN Infrastructure (part 1)
PACE-IT: Wireless LAN Infrastructure (part 1)
 
Wireless Networks.pptx
Wireless Networks.pptxWireless Networks.pptx
Wireless Networks.pptx
 
WiMAX.ppt
WiMAX.pptWiMAX.ppt
WiMAX.ppt
 
4G wireless system-mj
4G wireless system-mj4G wireless system-mj
4G wireless system-mj
 
Wireless LAN
Wireless LANWireless LAN
Wireless LAN
 
Wireless
WirelessWireless
Wireless
 
Ap7532 datasheet
Ap7532 datasheetAp7532 datasheet
Ap7532 datasheet
 
wirless lan 802.11
wirless lan 802.11wirless lan 802.11
wirless lan 802.11
 
Brief introduction of wi max technology
Brief introduction of wi max technologyBrief introduction of wi max technology
Brief introduction of wi max technology
 
Wi-Fi access points for business
Wi-Fi access points for businessWi-Fi access points for business
Wi-Fi access points for business
 
Gigabit fidelity
Gigabit fidelityGigabit fidelity
Gigabit fidelity
 
4.report (gi fi technology)
4.report (gi fi technology)4.report (gi fi technology)
4.report (gi fi technology)
 
Wimax - Opportunites for Developing Nations
Wimax - Opportunites for Developing NationsWimax - Opportunites for Developing Nations
Wimax - Opportunites for Developing Nations
 
wlans
wlanswlans
wlans
 
Presentation of-wimax
Presentation of-wimaxPresentation of-wimax
Presentation of-wimax
 
Qualcomm: Making the best use of unlicensed spectrum
Qualcomm: Making the best use of unlicensed spectrumQualcomm: Making the best use of unlicensed spectrum
Qualcomm: Making the best use of unlicensed spectrum
 

Recently uploaded

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 

Recently uploaded (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 

Carrier grade wi fi integration architecture

  • 1. Satish Chavan Please note : Non commercial document for information purpose only
  • 2. Wi-Fi or WiFi is a technology for wireless local area networking with devices based on the IEEE 802.11 standards. Wi-Fi is a trademark of the Wi-Fi Alliance, which restricts the use of the term Wi-Fi Certified to products that successfully complete interoperability certification testing Wi-Fi networks use radio waves—typically deployed within unlicensed spectrum over the 2.4 gigahertz (12 cm) UHF and 5 gigahertz (6 cm) SHF ISM radio bands to connect to a wireless access point called a “router”, which directly connects to the Internet. Users connecting to Wi-Fi at an airport, coffee shop, library or a hotel—have all used an open Wi-Fi network. Locations with open and public wireless access are called wireless or public Wi- Fi hotspots. it is more vulnerable to attack than wired connections, such as Ethernet. Web pages that use Transport Layer Security (TLS) are secure, but unencrypted Internet access can easily be detected by intruders. For protection, Wi-Fi has adopted various encryption technologies. The early encryption Wired Equivalent Privacy (WEP) proved easy to break. Higher quality protocols, such as Wi-Fi Protected Access (WPA, WPA2) were added later. An optional feature added in 2007, called Wi- Fi Protected Setup (WPS). Introduction
  • 3. There are two basic types of deployment models in wireless: 1. capacity based deployment models 2. coverage based deployment models Capacity based deployment models In a capacity based type of deployment, the goal is to provide good quality wireless service to a concentrated set of concurrent users in a confined area. Factors to consider when designing capacity based networks are: • Number of users in a specific area covered by a single AP • Number of Wi-Fi devices per person • Percentage of users that are expected to be active • Types of applications and throughput needed • Mix of applications • Type of users in the network (2.4 GHz vs. 5GHz) • Legacy vs. .11n user protocols. Deployment models
  • 4. In a coverage based wireless design, the goal is to provide good quality of service (in terms of RF signal strength) in as much of the area as possible with a single or multiple access points. Examples of coverage based deployments school ,warehouses ,Hosptals, clinics ,Hotels , Office . Factors to consider when designing coverage based networks are: • Type of site - office, cubicle, warehouse, single room motel/hotel, etc. • Floor plan and ceiling height – e.g. office (10 ft./3 m), warehouse (20 ft./3m), gym (30 ft./9m) • Construction materials and obstructions - e.g. concrete, brick, drywall, elevator shafts • Number of floors • Exclusion areas – locations where coverage is not required/ required Site characteristics Optimized for casual data Optimized for business-class Optimized for voice, video, Easy (line of sight,open space/cubes) 300-600 feet 200-300 feet 100-200 feet Medium (dry wall, wood) 150-250 feet 100-200 feet 50-100 feet Difficult (concrete, cluttered) 50-100 feet 40-70 feet 25-50 feet Coverage based deployment models
  • 5. AP Based Topology Peer to peer Topology Point to multi-point bridge Topology Wi fi Topology
  • 6. IEEE 802.11 Wi-Fi Standards  802.11a - Wireless network bearer operating in the 5 GHz ISM band with data rate up to 54 Mbps.  802.11b - Wireless network bearer operating in the 2.4 GHz ISM band with data rates up to 11 Mbps. 802.11e - Quality of service and prioritization 802.11f - Handover 802.11g - Wireless network bearer operating in 2.4 GHz ISM band with data rates up to 54 Mbps. 802.11h - Power control 802.11i - Authentication and encryption 802.11j - Interworking 802.11k - Measurement reporting 802.11n - Wireless network bearer operating in 2.4 & 5 GHz ISM bands with data rates up to 600 Mbps. 802.11s - Mesh networking 802.11ac - Wireless network bearer operating below 6GHz to provide data rates of at least 1Gbps per second for multi-station operation and 500 Mbps on a single link. 802.11ad - Wireless network bearer providing very high throughput at frequencies up to 60GHz. 802.11af - Wi-Fi in TV spectrum white spaces (often called White-Fi). 802.11ah - Wi-Fi using unlicensed spectrum below 1 GHz to provide long range communications and support for The Internet of Everything.
  • 7. IEEE 802.11 Wi-Fi Standards summary
  • 8. Carrier Grade Wi-Fi project key points Large Coverage Footprint and Radio performance Reliable, Carrier grade quality Capacity based Good Bandwidth, Speeds Integration Mobility and roaming Security Policy Easy to Use ROI and Value added Services offer.
  • 9. High Density Design Recommendations -Best practices based on many successful installations and should serve as guidelines for proper design, planning, and deployment of a wireless network. 1) Identify High Density Areas - start the design process by using a live RF tool to identify areas of high density. 2) Use Dual Band APs - use dual band concurrent access points (2.4GHz and 5 GHz radios) to maximize available throughput for users. Always enable both radios. 3) Design AP Overlap - design the AP placement in high density areas such that each client always sees two to three access points. If one or two access point is overloaded at any given time, the client can be load balanced to another access point without any negative impact to the end user. 4) Load Balance Traffic - set the threshold on the AP to effectively utilize an over the air resource to ensure that you load balance the traffic to all of the access points that can be seen by clients. Recommend setting the maximum number of clients to 25 to 30 for high throughput applications and the minimum RSSI threshold of (-73dBm). This means that any particular AP will serve a maximum of 25 to 30 clients with good reception. 5) Set AP Power Lower – turning AP power up could cause additional co-channel and adjacent-channel interference. Recommended method is adding a third AP while setting the output power to one half or one quarter for the 2.4GHz AP and to one half for the 5 GHz AP. Design RecommendationsDetermining Access Point Throughput
  • 10. When designing high density wireless networks, it is critical to understand which applications will be used and how much bandwidth each application will consume in terms of throughput per user. General references on how much throughput is needed for common applications such as internet, audio, video, printing, file sharing, and online testing. online video applications such as youtube.com. Throughput requirements can vary from 2 to 4Mpbs per user depending on the video resolution. Once the bandwidth per application is known, this number can be used to calculate the bandwidth required per user. In addition to the type of applications to be used, bandwidth requirements will vary based on the number of expected users on the wireless network. As more users access the network, throughput per user goes down causing slower transmission rates. If the network consists of mixed clients (11a, b, gand 11n modes), the average throughput per client will also go down with the greater the number of legacy clients Once the types of applications are identified and the bandwidth per type of application is determined, you can establish the aggregate bandwidth required by multiplying the total Mbps by the number of expected users in the coverage area. Establishing Bandwidth Requirements
  • 11. In practice, there are several factors that will significantly reduce AP throughput vs. the theoretical limit: • Protocol and packet overhead - can reduce throughput by 40 - 50% • Slow or “far away” clients - clients that are further away or in an area of weaker signal strength must step down the transmission physical rate (PHY) rate to send the packet (e.g. a client sending a packet at 1 Mbps will take 100 times longer than a client sending the same packet at a PHY rate of 100Mbps), potentially causing an additional 50% degradation of throughput. • Uneven distribution of clients - in a dual band concurrent AP, both bands can simultaneously support client traffic. However, not all clients are dual band and there is no guarantee that even the dual band clients will evenly distribute themselves between 2.4 and 5GHz. Network effectiveness may be reduced by another 50% due to the behavior of the clients. • Control traffic – control traffic exchanged between the AP and various clients at low PHY rates can further reduce available bandwidth by 25%. • Other – co-channel and adjacent channel interference, network re-transmissions, and bad behavior clients will further reduce AP throughput. Determining Access Point Throughput
  • 12. Wi-Fi offloading Explosion of data consumption in mobile networks. 3GPP access networks UMTS, LTE and LTE-A suffer from limited availability of licensed spectrum. Wi-Fi is ideally positioned to extend the cellular coverage. It uses unlicensed spectrum in ISM bands (2,4 GHz 5 GHz). First step (today) is manual selection of a Wi-Fi hotspot and login. Goal Goal of 3GPP standardization is to create a converged network solution with seamless coverage including Wi-Fi. Additional network elements will be added to handle network selection, authentication, security, flow control and handovers.  Data streams shall even be able to use both connections (cellular and Wi-Fi) at the same time depending on QoS requirements Wi-Fi offloading
  • 13. Wi-Fi networks: trusted or untrusted. The EPC architecture defines two access path for non- 3GPP access networks towards EPC: trusted and untrusted. Trusted non 3GPP access path: 1. Security level (from operator perspective) is sufficiently safe. 2. Authentication similar to 3GPP access - via USIM credentials Example: carrier’s own installed Wi-Fi Untrusted non 3GPP access path: 1. No secure safety level 2. IPsec tunnels are used Example: access using public hotspots Wi-Fi offloading
  • 14. Typically up to 45% of data is already offloaded by user ‘casual offload’ at home, work and public WiFi Difficult to assess how much can be offloaded as you can’t count what would have never been on cellular. A successful WiFi offload strategy can only be achieved by deploying a successful WiFi management solution. Challenge: 1. Flat Rate plans 2. Demand for data keeps on increasing 3. Limitations of Licensed spectrum 4. Can’t use traditional methods of expansion •Wi-Fi is existing everywhere •Currently 40% content delivered to smartphones over Wi- Fi •802.11N adds significant capacity changes •Doesn’t depend on RAN nodes for routing •Can be applied to legacy and new technologies Wi-Fi offloading
  • 16. Application based switching 3GPP R6 Wi fi mobility 3GPP Release 8 Wi-Fi offloading -3GPP Release 6 and 8 offload
  • 17. 3GPP Release 10- Wi fi Seamless offload and IP flow mobility Wi-Fi offloading -3GPP Release 10- Wi fi Seamless offload
  • 18. Wi-Fi + cellular integration–solution
  • 21. Wi-Fi + cellular integration– Elitecore carrier solution Source : http://www.elitecore.com/telecompractices/wi-fi-service-management-platform-smp.html
  • 22. Authentication Options -Two main authentication models • EAP/802.1x – WLC or AP authentication / ISG - Authorization • AAA is the authentication server • EAP-SIM/AKA - proper supplicant software available on terminal device • Seamless authentication ,requires client config. (certificates, username/pwd, etc) Weblogin – Portal-based Authentication and Authorization • Open SSID • Subsequent Logins are transparent/automatic using device MAC address • Vulnerable to MAC Spoofing • Requires no client configuration, completely Web- based Authentication
  • 23. Alternative authentication methods include: 1. EAP-TTLS while retrieving policies as if it was a EAP-SIM/AKA authentication. 2. Authentication via one-time SMS (to verify a mobile subscriber) 3. WISPr-compliant client on the user device 4. Captive portal with manual log-in 5. 3rd party authentication tokens (such as SecurID) 6. MAC-based authentication (allows simple re-authentication of devices which have previously been authenticated using another methods such as manual log- in) 7. location-based multi-device login, making MAC-based authentication more secure.
  • 24. • 802.1x Authentication using the EAP-TLS protocol. •TTLS (Tunneled Transport Layer Security) •Username/password inside secure tunnel •This is the most common form of EAP •Very widely supported, simple with certificate-based security •EAP-SIM Full Authentication Based on RFC-4186 •SIM – Use GSM SIM over EAP • Only works in SIM-based devices •. No configuration on device. • Requires connection to HLR associated with SIM
  • 25. Web Portal Flow First Time Auth. Web Portal Flow Second time Auth. http://www.slideshare.net/rafaeljunquera/telesemana-webinar-enero-22-2013
  • 26. UAM/WISPrAuthentication 1. Open SSID2. 2. User connects and receives IP address from the DHCP Server 3. DHCP/NAT can be also applied by the AP 4. User Web Traffic is redirected to the login page (redirection enforced by the controller or AP) 5. User and Pass are checked against RADIUS 6. User is authenticated and proper policies are applied/enforced at the Access Point (rate limit, volume and /or time quota)
  • 27. UAM/WISPr Authentication First time UAM/WISPr Authentication second time http://www.slideshare.net/rafaeljunquera/telesemana-webinar-enero-22-2013
  • 28. Best practice for Wi-Fi offloading – EAP-SIM/AKA SIM-based authentication is the best practice for authentication for mobile data offloading as it utilizes the same mechanism as in the 3G/LTE network making the authentication process seamless and secure for the end-user. An automatic authentication process in combination with smartphones’ tendency to prioritize Wi-Fi over 3G/LTE connections will ensure a high rate of offloaded users. The authenticates users based on the information retrieved from the HLR or HSS in the mobile core in accordance with the 3GPP AAA functionality. The Wi-Fi network must support the 802.1x in order to deliver SIM credentials to the SIM authentication function, which provides the additional benefit of encrypting the Wi-Fi link with the same level of security as that which is found in the 3G/LTE network. The security and the automatic authentication process make the Wi-Fi network a trusted extension of the 3G/LTE network. Together with the new IEEE 802.11u standard, SIM-based EAP-SIM/AKA authentication has become the foundation of the next generation hotspot – Hotspot 2.0, as defined by the Hotspot 2.0 Task Group in the Wi-Fi Alliance. Mobile operators will need alternative authentication methods to support customers Wi-Fi devices not support SIM-cards or support for EAP-SIM/AKA. Wi-Fi offloading -Best practice
  • 29. What precautions can users take to help secure their use of public Wi-Fi networks? • Manually select Wi-Fi networks laptop, tablet or smartphone are set to manually select a Wi-Fi network, rather than having it automatically connect • Use a VPN solutions provide encryption and security across public networks, as well as masking your IP address so that opportunities for phishing are dramatically reduced. • Use two-factor authentication step adds an extra layer of protection for public password-sniffing hackers to try and overcome. • Check the authenticity- Wi-Fi hotspot for the correct network name and password. Be wary if there is no WPA or WPA2 password (for Wi-Fi protected access). • Check for HTTPS web pages -ensure that the web pages you visit are https encrypted where possible. SSL/TLS encryption, thus making Man-in-the-Middle (MiTM) attacks much less likely. • Patching and updating software on a regular basis is an essential security practice, especially when it comes to Wi-Fi. • Avoid accessing sensitive information.By and large, public Wi-Fi networks should not be used to access email, online banking and credit card accounts, or any other sensitive data . • Logout when finished and Turn off Wi-Fi if not in use Don’t stay permanently signed in to your personal accounts when accessing public Wi-Fi hotspots as you may leave yourself exposed. For further security, log out from each website after each session. Security- public Wi-Fi networks
  • 30. In fact, 46% of global mobile data traffic is being offloaded to WiFi today. A study estimates public Wi-Fi hotspots to grow to 340 million by 2016 globally, amounting to 1 hotspot for every 20 people India -Carrier WiFi KDDI (Japan) rolled out the world’s largest Wi-Fi based offload network. Satish Chavan satchavan@gmail.com http://in.linkedin.com/in/satchavan Please note : Non commercial document for information purpose only January 2017