SlideShare a Scribd company logo

Wi-Fi Roaming for All: Understanding OpenRoaming

Radiator Software
Radiator Software

Radiator Software's webinar presentation about OpenRoaming. How OpenRoaming works, what are the benefits for different organisations and how Radiator Software can help you deploy OpenRoaming in your business.

Technology
1 of 14
Download to read offline
OPENROAMING Wi-Fi Roaming for All
What is OpenRoaming? ● OpenRoaming is a Wi-Fi roaming federation. ● Wi-Fi roaming is like mobile phone roaming, but becoming an operator is less difficult. ● If you are already familiar with eduroam, OpenRoaming is like eduroam for all of us. ● The idea is that end users can utilise their existing user credentials (e.g. username-password, certificates, cellular identities (SIMs)) to automatically connect to Wi-Fi networks around the world.
With OpenRoaming™ WBA is acting as a centralized policy authority enabling an ecosystem for identity providers and Wi-Fi network providers to work together and deliver automatic and secure Wi-Fi experience to millions of users Source: https://wballiance.com/openroaming/how-it-works/ OpenRoaming video: https://www.youtube.com/watch?v=YvhZouk6MKM
Benefits for Operators ● Monetising own Wi-Fi network coverage ● Getting more revenues from Wi-Fi as a service networks ● Off-loading (roaming) data (and VoWiFi) into Wi-Fi networks ● Extending network coverage available to subscribers
Benefits for Guest Network Providers ● Easier, automatic admission/authentication of guest network users (into WPAx-Enterprise Wi-Fi networks) ● Multi-vendor supported network authentication, configuration and provisioning ● Additional monetisation of guest/hospitability Wi-Fi networks ● Called Access Network Providers (ANPs)
Benefits for Identity Providers ● Providing network access to identity provider users via roaming ● Cost-savings from using roaming Wi-Fi networks compared to cellular network roaming ● Multi-vendor supported network authentication, configuration and provisioning
How does OpenRoaming work? ● Wireless Broadband Alliance coordinates. ● Operators, vendors, companies, organisations can join as members, Radiator Software is a member. ● Joining as a member is not required for utilising and using OpenRoaming, OpenRoaming is available as a service from multiple service providers. ● Choosing between joining as a member or a service provider depends on which kind of OpenRoaming roles and access organisation is interested in. ● Roles: Independent OpenRoaming Implementer, Home Service Provider (HSP), Access Network Provider (ANP), Identity Provider (IdP) ● Access: OpenRoaming-Settled, OpenRoaming Settlement-Free
Settled and Settlement-Free Access ● The Settled Access is for those organisations interested in the monetisation of the Wi-Fi network. ● There are service providers offering OpenRoaming-Settled service or organisation can implement it themselves as a member of WBA following OpenRoaming WRIX specifications. ● The Settlement Free Access is for organisations interested more in the eduroam style multilateral roaming and providing and gaining network coverage without additional roaming costs. ● The Settlement Free Access is also available as a service or can be implemented by organisations themselves.
example.org RADIUS server example.com RADIUS server OpenRoaming Technical Functionality Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx RADIUS capable Wi-Fi controller or example.net’s own RADIUS server OpenRoaming Settled or Settlement-Free Access Service Provider Static Radius over TLS (RadSec, RFC 6614) connection Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx Global Public DNS Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx DNS discovery: NAPTR aaa+auth:radius.tls.tcp <realm> SRV <NAPTR result> Name lookup <SRV result> Dynamic RadSec connection to example.net’s IdP service provider Dynamic RadSec connections to example.com IdP Dynamic RadSec connection to example.org IdP user@example.com user@example.net user2@example.com user@example.org
OpenRoaming requirements for Access Network Provider (ANP) ● For organisations who only want to let OpenRoaming users roam in their network ● Minimum requirements: ○ Passpoint (Hotspot 2.0) compatible Wi-Fi network equipment ○ OpenRoaming Settled or Settlement-Free Access service from some WBA member service provider ○ No WBA membership needed ● Connecting directly to other OpenRoaming members requires WBA client certificate (via service provider or WBA membership), and an own RADIUS server
OpenRoaming requirements for Identity Provider (IdP) ● For organisations who want their members or subscribers roam in OpenRoaming member networks ● Minimum requirements: ○ (Passpoint (Hotspot 2.0) compatible Wi-Fi network equipment) * ○ Ability to configure OpenRoaming DNS records for IdP realm ○ OpenRoaming Settled or Settlement-Free Access service and IdP service from some WBA member service provider ○ No WBA membership needed ● Connecting directly to other OpenRoaming members requires WBA client+server certificate (via service provider or WBA membership) and an own RADIUS server. *) only if providing also Wi-Fi access network services (ANP)
OpenRoaming requirements for Operators ● Depend heavily on operator requirements for roaming logic, accounting, invoicing, WRIX/roaming broker functionality… ● Minimum requirements (same with IdPs): ○ (Passpoint (Hotspot 2.0) compatible Wi-Fi network equipment) ○ Ability to configure OpenRoaming DNS records for IdP realm ○ OpenRoaming Settled or Settlement-Free Access service and IdP service from some WBA member service provider ○ No WBA membership needed ● Connecting directly to other OpenRoaming members requires WBA client+server certificate (via service provider or WBA membership) and an own RADIUS server. *) only if providing also Wi-Fi access network services (ANP)
What can Radiator Software do for you? ● Radiator has all the features needed from RADIUS server for OpenRoaming. ● In addition Radiator has complementing functionality such as Diameter and SIM authentication (with SIM privacy) support. ● Our Radiator Auth.Fi service supports Settlement-Free OpenRoaming ANP and IdP roles. ● With Radiator Expert Services we can support you whether you are interested in building OpenRoaming-as-a-Service or just deploying or piloting it in your Wi-Fi network.
Thank you. Questions, Comments? Follow Radiator Software for more information… Radiator Software blog: https://blog.radiatorsoftware.com/ Twitter: https://twitter.com/RadiatorAAA Slideshare: https://slideshare.net/radiatorsoftware/ Bookings for conference calls: https://radiatorsoftware.com/contact/ / info@radiatorsoftware.com

Recommended

OpenRoaming- A Global Wi-Fi Roaming Enabler
OpenRoaming- A Global Wi-Fi Roaming EnablerOpenRoaming- A Global Wi-Fi Roaming Enabler
OpenRoaming- A Global Wi-Fi Roaming EnablerHughes Systique Corporation
 
Open vSwitch와 Mininet을 이용한 가상 네트워크 생성과 OpenDaylight를 사용한 네트워크 제어실험
Open vSwitch와 Mininet을 이용한 가상 네트워크 생성과 OpenDaylight를 사용한 네트워크 제어실험Open vSwitch와 Mininet을 이용한 가상 네트워크 생성과 OpenDaylight를 사용한 네트워크 제어실험
Open vSwitch와 Mininet을 이용한 가상 네트워크 생성과 OpenDaylight를 사용한 네트워크 제어실험Seung-Hoon Baek
 
Disk quota and sysd procd
Disk quota and sysd procdDisk quota and sysd procd
Disk quota and sysd procdGaurav Mishra
 
Oscp - Journey
Oscp - JourneyOscp - Journey
Oscp - JourneyVandana Verma
 
[CB19] Leveraging Yara Rules to Hunt for Abused Telegram Accounts by Asaf Apr...
[CB19] Leveraging Yara Rules to Hunt for Abused Telegram Accounts by Asaf Apr...[CB19] Leveraging Yara Rules to Hunt for Abused Telegram Accounts by Asaf Apr...
[CB19] Leveraging Yara Rules to Hunt for Abused Telegram Accounts by Asaf Apr...CODE BLUE
 
Aruba ClearPass Guest 6.3 User Guide
Aruba ClearPass Guest 6.3 User GuideAruba ClearPass Guest 6.3 User Guide
Aruba ClearPass Guest 6.3 User GuideAruba, a Hewlett Packard Enterprise company
 
Postgresql on NFS - J.Battiato, pgday2016
Postgresql on NFS - J.Battiato, pgday2016Postgresql on NFS - J.Battiato, pgday2016
Postgresql on NFS - J.Battiato, pgday2016Jonathan Battiato
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingShapeBlue
 

Recommended

OpenRoaming- A Global Wi-Fi Roaming Enabler
OpenRoaming- A Global Wi-Fi Roaming EnablerOpenRoaming- A Global Wi-Fi Roaming Enabler
OpenRoaming- A Global Wi-Fi Roaming EnablerHughes Systique Corporation
 
Open vSwitch와 Mininet을 이용한 가상 네트워크 생성과 OpenDaylight를 사용한 네트워크 제어실험
Open vSwitch와 Mininet을 이용한 가상 네트워크 생성과 OpenDaylight를 사용한 네트워크 제어실험Open vSwitch와 Mininet을 이용한 가상 네트워크 생성과 OpenDaylight를 사용한 네트워크 제어실험
Open vSwitch와 Mininet을 이용한 가상 네트워크 생성과 OpenDaylight를 사용한 네트워크 제어실험Seung-Hoon Baek
 
Disk quota and sysd procd
Disk quota and sysd procdDisk quota and sysd procd
Disk quota and sysd procdGaurav Mishra
 
Oscp - Journey
Oscp - JourneyOscp - Journey
Oscp - JourneyVandana Verma
 
[CB19] Leveraging Yara Rules to Hunt for Abused Telegram Accounts by Asaf Apr...
[CB19] Leveraging Yara Rules to Hunt for Abused Telegram Accounts by Asaf Apr...[CB19] Leveraging Yara Rules to Hunt for Abused Telegram Accounts by Asaf Apr...
[CB19] Leveraging Yara Rules to Hunt for Abused Telegram Accounts by Asaf Apr...CODE BLUE
 
Aruba ClearPass Guest 6.3 User Guide
Aruba ClearPass Guest 6.3 User GuideAruba ClearPass Guest 6.3 User Guide
Aruba ClearPass Guest 6.3 User GuideAruba, a Hewlett Packard Enterprise company
 
Postgresql on NFS - J.Battiato, pgday2016
Postgresql on NFS - J.Battiato, pgday2016Postgresql on NFS - J.Battiato, pgday2016
Postgresql on NFS - J.Battiato, pgday2016Jonathan Battiato
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingShapeBlue
 
30 important-virtualization-vmware-interview-questions-with-answers
30 important-virtualization-vmware-interview-questions-with-answers30 important-virtualization-vmware-interview-questions-with-answers
30 important-virtualization-vmware-interview-questions-with-answersLatif Siddiqui
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftKubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftMihai Criveti
 
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski buildacloud
 
PowerDNS-Admin vs DNS-UI
PowerDNS-Admin vs DNS-UIPowerDNS-Admin vs DNS-UI
PowerDNS-Admin vs DNS-UIbarbarousisk
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeMyNOG
 
ClearPass Guest 6.4 User Guide
ClearPass Guest 6.4 User GuideClearPass Guest 6.4 User Guide
ClearPass Guest 6.4 User GuideAruba, a Hewlett Packard Enterprise company
 
Neutron qos overview
Neutron qos overviewNeutron qos overview
Neutron qos overviewSławomir Kapłoński
 
iptables 101- bottom-up
iptables 101- bottom-upiptables 101- bottom-up
iptables 101- bottom-upHungWei Chiu
 
VPNaaS in Neutron
VPNaaS in NeutronVPNaaS in Neutron
VPNaaS in NeutronKazunori Takeuchi
 
[234] toast cloud open stack sdn 전략-박성우
[234] toast cloud open stack sdn 전략-박성우[234] toast cloud open stack sdn 전략-박성우
[234] toast cloud open stack sdn 전략-박성우NAVER D2
 
Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조Seung-Hoon Baek
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallHuda Seyam
 
오픈스택: 구석구석 파헤쳐보기
오픈스택: 구석구석 파헤쳐보기오픈스택: 구석구석 파헤쳐보기
오픈스택: 구석구석 파헤쳐보기Jaehwa Park
 
How to build a Citrix infrastructure on AWS
How to build a Citrix infrastructure on AWSHow to build a Citrix infrastructure on AWS
How to build a Citrix infrastructure on AWSDenis Gundarev
 
Red Hat OpenStack 17 저자직강+스터디그룹_4주차
Red Hat OpenStack 17 저자직강+스터디그룹_4주차Red Hat OpenStack 17 저자직강+스터디그룹_4주차
Red Hat OpenStack 17 저자직강+스터디그룹_4주차Nalee Jang
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep diveTrinath Somanchi
 
Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~
Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~
Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~vxsejapan
 
Getting the most out of the Aruba Policy Enforcement Firewall
Getting the most out of the Aruba Policy Enforcement FirewallGetting the most out of the Aruba Policy Enforcement Firewall
Getting the most out of the Aruba Policy Enforcement FirewallAruba, a Hewlett Packard Enterprise company
 
CyberOps Associate Modul 22 Endpoint Protection
CyberOps Associate Modul 22 Endpoint ProtectionCyberOps Associate Modul 22 Endpoint Protection
CyberOps Associate Modul 22 Endpoint ProtectionPanji Ramadhan Hadjarati
 
OpenRoaming and CapPort
OpenRoaming and CapPortOpenRoaming and CapPort
OpenRoaming and CapPortKarri Huhtanen
 
openroaming-and-capport-2023-01-30.pdf
openroaming-and-capport-2023-01-30.pdfopenroaming-and-capport-2023-01-30.pdf
openroaming-and-capport-2023-01-30.pdfRadiator Software
 

More Related Content

What's hot

30 important-virtualization-vmware-interview-questions-with-answers
30 important-virtualization-vmware-interview-questions-with-answers30 important-virtualization-vmware-interview-questions-with-answers
30 important-virtualization-vmware-interview-questions-with-answersLatif Siddiqui
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftKubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftMihai Criveti
 
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski buildacloud
 
PowerDNS-Admin vs DNS-UI
PowerDNS-Admin vs DNS-UIPowerDNS-Admin vs DNS-UI
PowerDNS-Admin vs DNS-UIbarbarousisk
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeMyNOG
 
iptables 101- bottom-up
iptables 101- bottom-upiptables 101- bottom-up
iptables 101- bottom-upHungWei Chiu
 
[234] toast cloud open stack sdn 전략-박성우
[234] toast cloud open stack sdn 전략-박성우[234] toast cloud open stack sdn 전략-박성우
[234] toast cloud open stack sdn 전략-박성우NAVER D2
 
Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조Seung-Hoon Baek
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallHuda Seyam
 
오픈스택: 구석구석 파헤쳐보기
오픈스택: 구석구석 파헤쳐보기오픈스택: 구석구석 파헤쳐보기
오픈스택: 구석구석 파헤쳐보기Jaehwa Park
 
How to build a Citrix infrastructure on AWS
How to build a Citrix infrastructure on AWSHow to build a Citrix infrastructure on AWS
How to build a Citrix infrastructure on AWSDenis Gundarev
 
Red Hat OpenStack 17 저자직강+스터디그룹_4주차
Red Hat OpenStack 17 저자직강+스터디그룹_4주차Red Hat OpenStack 17 저자직강+스터디그룹_4주차
Red Hat OpenStack 17 저자직강+스터디그룹_4주차Nalee Jang
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep diveTrinath Somanchi
 
Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~
Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~
Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~vxsejapan
 
CyberOps Associate Modul 22 Endpoint Protection
CyberOps Associate Modul 22 Endpoint ProtectionCyberOps Associate Modul 22 Endpoint Protection
CyberOps Associate Modul 22 Endpoint ProtectionPanji Ramadhan Hadjarati
 

What's hot (20)

30 important-virtualization-vmware-interview-questions-with-answers
30 important-virtualization-vmware-interview-questions-with-answers30 important-virtualization-vmware-interview-questions-with-answers
30 important-virtualization-vmware-interview-questions-with-answers
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
 
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftKubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
 
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
 
PowerDNS-Admin vs DNS-UI
PowerDNS-Admin vs DNS-UIPowerDNS-Admin vs DNS-UI
PowerDNS-Admin vs DNS-UI
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL Lee
 
ClearPass Guest 6.4 User Guide
ClearPass Guest 6.4 User GuideClearPass Guest 6.4 User Guide
ClearPass Guest 6.4 User Guide
 
Neutron qos overview
Neutron qos overviewNeutron qos overview
Neutron qos overview
 
iptables 101- bottom-up
iptables 101- bottom-upiptables 101- bottom-up
iptables 101- bottom-up
 
VPNaaS in Neutron
VPNaaS in NeutronVPNaaS in Neutron
VPNaaS in Neutron
 
[234] toast cloud open stack sdn 전략-박성우
[234] toast cloud open stack sdn 전략-박성우[234] toast cloud open stack sdn 전략-박성우
[234] toast cloud open stack sdn 전략-박성우
 
Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense Firewall
 
오픈스택: 구석구석 파헤쳐보기
오픈스택: 구석구석 파헤쳐보기오픈스택: 구석구석 파헤쳐보기
오픈스택: 구석구석 파헤쳐보기
 
How to build a Citrix infrastructure on AWS
How to build a Citrix infrastructure on AWSHow to build a Citrix infrastructure on AWS
How to build a Citrix infrastructure on AWS
 
Red Hat OpenStack 17 저자직강+스터디그룹_4주차
Red Hat OpenStack 17 저자직강+스터디그룹_4주차Red Hat OpenStack 17 저자직강+스터디그룹_4주차
Red Hat OpenStack 17 저자직강+스터디그룹_4주차
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep dive
 
Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~
Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~
Veritas Resiliency Platform3.3.2 ~オンプレミスへのデプロイメント~
 
Getting the most out of the Aruba Policy Enforcement Firewall
Getting the most out of the Aruba Policy Enforcement FirewallGetting the most out of the Aruba Policy Enforcement Firewall
Getting the most out of the Aruba Policy Enforcement Firewall
 
CyberOps Associate Modul 22 Endpoint Protection
CyberOps Associate Modul 22 Endpoint ProtectionCyberOps Associate Modul 22 Endpoint Protection
CyberOps Associate Modul 22 Endpoint Protection
 

Similar to Wi-Fi Roaming for All: Understanding OpenRoaming

OpenRoaming and CapPort
OpenRoaming and CapPortOpenRoaming and CapPort
OpenRoaming and CapPortKarri Huhtanen
 
openroaming-and-capport-2023-01-30.pdf
openroaming-and-capport-2023-01-30.pdfopenroaming-and-capport-2023-01-30.pdf
openroaming-and-capport-2023-01-30.pdfRadiator Software
 
Adding OpenRoaming to existing IDP and roaming federation service
Adding OpenRoaming to existing IDP and roaming federation serviceAdding OpenRoaming to existing IDP and roaming federation service
Adding OpenRoaming to existing IDP and roaming federation serviceRadiator Software
 
Adding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation serviceAdding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation serviceKarri Huhtanen
 
Radiator Portfolio Updates webinar, 8th and 10th of March 2022
Radiator Portfolio Updates webinar, 8th and 10th of March 2022Radiator Portfolio Updates webinar, 8th and 10th of March 2022
Radiator Portfolio Updates webinar, 8th and 10th of March 2022Radiator Software
 
LORIOT-Private-Network-Server.pdf
LORIOT-Private-Network-Server.pdfLORIOT-Private-Network-Server.pdf
LORIOT-Private-Network-Server.pdfssuser357595
 
ROOTS wireless solution - designing the next wireless user experience oct17
ROOTS wireless solution - designing the next wireless user experience oct17ROOTS wireless solution - designing the next wireless user experience oct17
ROOTS wireless solution - designing the next wireless user experience oct17ROOTS Communications Pte Ltd
 
CASE STUDY: Curve IT and Purdicom are excited to announce the first, of many,...
CASE STUDY: Curve IT and Purdicom are excited to announce the first, of many,...CASE STUDY: Curve IT and Purdicom are excited to announce the first, of many,...
CASE STUDY: Curve IT and Purdicom are excited to announce the first, of many,...Purdicom
 
Building the Network - The Things Conference 2018
Building the Network - The Things Conference 2018Building the Network - The Things Conference 2018
Building the Network - The Things Conference 2018Johan Stokking
 
LoRaWAN roaming
LoRaWAN roamingLoRaWAN roaming
LoRaWAN roamingActility
 
Business and Deployment Issues for Carrier WiFi
Business and Deployment Issues for Carrier WiFiBusiness and Deployment Issues for Carrier WiFi
Business and Deployment Issues for Carrier WiFiWi-Fi 360
 
Unravelling Managed SD-WAN Services
Unravelling Managed SD-WAN ServicesUnravelling Managed SD-WAN Services
Unravelling Managed SD-WAN ServicesRalph Santitoro
 
Databook 2018 ver2
Databook 2018 ver2Databook 2018 ver2
Databook 2018 ver2DrayTek
 
Carrier WiFi Architectures
Carrier WiFi ArchitecturesCarrier WiFi Architectures
Carrier WiFi ArchitecturesMarc Nader
 
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingBeyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingKarri Huhtanen
 
5 Emerging Innovations In Carrier WiFi
5 Emerging Innovations In Carrier WiFi5 Emerging Innovations In Carrier WiFi
5 Emerging Innovations In Carrier WiFiAlepo
 
Unibox Technical Overview
Unibox Technical OverviewUnibox Technical Overview
Unibox Technical OverviewRishikesh Ghare
 
Pure-Play Virtualization for Rural Broadband
Pure-Play Virtualization for Rural BroadbandPure-Play Virtualization for Rural Broadband
Pure-Play Virtualization for Rural BroadbandADVA
 

Similar to Wi-Fi Roaming for All: Understanding OpenRoaming (20)

OpenRoaming and CapPort
OpenRoaming and CapPortOpenRoaming and CapPort
OpenRoaming and CapPort
 
openroaming-and-capport-2023-01-30.pdf
openroaming-and-capport-2023-01-30.pdfopenroaming-and-capport-2023-01-30.pdf
openroaming-and-capport-2023-01-30.pdf
 
Adding OpenRoaming to existing IDP and roaming federation service
Adding OpenRoaming to existing IDP and roaming federation serviceAdding OpenRoaming to existing IDP and roaming federation service
Adding OpenRoaming to existing IDP and roaming federation service
 
Adding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation serviceAdding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation service
 
Radiator Portfolio Updates webinar, 8th and 10th of March 2022
Radiator Portfolio Updates webinar, 8th and 10th of March 2022Radiator Portfolio Updates webinar, 8th and 10th of March 2022
Radiator Portfolio Updates webinar, 8th and 10th of March 2022
 
DS_Kloudyy_v2015
DS_Kloudyy_v2015DS_Kloudyy_v2015
DS_Kloudyy_v2015
 
LORIOT-Private-Network-Server.pdf
LORIOT-Private-Network-Server.pdfLORIOT-Private-Network-Server.pdf
LORIOT-Private-Network-Server.pdf
 
ROOTS wireless solution - designing the next wireless user experience oct17
ROOTS wireless solution - designing the next wireless user experience oct17ROOTS wireless solution - designing the next wireless user experience oct17
ROOTS wireless solution - designing the next wireless user experience oct17
 
CASE STUDY: Curve IT and Purdicom are excited to announce the first, of many,...
CASE STUDY: Curve IT and Purdicom are excited to announce the first, of many,...CASE STUDY: Curve IT and Purdicom are excited to announce the first, of many,...
CASE STUDY: Curve IT and Purdicom are excited to announce the first, of many,...
 
Building the Network - The Things Conference 2018
Building the Network - The Things Conference 2018Building the Network - The Things Conference 2018
Building the Network - The Things Conference 2018
 
LoRaWAN roaming
LoRaWAN roamingLoRaWAN roaming
LoRaWAN roaming
 
What is captive portal?
What is captive portal?What is captive portal?
What is captive portal?
 
Business and Deployment Issues for Carrier WiFi
Business and Deployment Issues for Carrier WiFiBusiness and Deployment Issues for Carrier WiFi
Business and Deployment Issues for Carrier WiFi
 
Unravelling Managed SD-WAN Services
Unravelling Managed SD-WAN ServicesUnravelling Managed SD-WAN Services
Unravelling Managed SD-WAN Services
 
Databook 2018 ver2
Databook 2018 ver2Databook 2018 ver2
Databook 2018 ver2
 
Carrier WiFi Architectures
Carrier WiFi ArchitecturesCarrier WiFi Architectures
Carrier WiFi Architectures
 
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingBeyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
 
5 Emerging Innovations In Carrier WiFi
5 Emerging Innovations In Carrier WiFi5 Emerging Innovations In Carrier WiFi
5 Emerging Innovations In Carrier WiFi
 
Unibox Technical Overview
Unibox Technical OverviewUnibox Technical Overview
Unibox Technical Overview
 
Pure-Play Virtualization for Rural Broadband
Pure-Play Virtualization for Rural BroadbandPure-Play Virtualization for Rural Broadband
Pure-Play Virtualization for Rural Broadband
 

Recently uploaded

New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 

Recently uploaded (20)

New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 

Wi-Fi Roaming for All: Understanding OpenRoaming

  • 2. What is OpenRoaming? ● OpenRoaming is a Wi-Fi roaming federation. ● Wi-Fi roaming is like mobile phone roaming, but becoming an operator is less difficult. ● If you are already familiar with eduroam, OpenRoaming is like eduroam for all of us. ● The idea is that end users can utilise their existing user credentials (e.g. username-password, certificates, cellular identities (SIMs)) to automatically connect to Wi-Fi networks around the world.
  • 3. With OpenRoaming™ WBA is acting as a centralized policy authority enabling an ecosystem for identity providers and Wi-Fi network providers to work together and deliver automatic and secure Wi-Fi experience to millions of users Source: https://wballiance.com/openroaming/how-it-works/ OpenRoaming video: https://www.youtube.com/watch?v=YvhZouk6MKM
  • 4. Benefits for Operators ● Monetising own Wi-Fi network coverage ● Getting more revenues from Wi-Fi as a service networks ● Off-loading (roaming) data (and VoWiFi) into Wi-Fi networks ● Extending network coverage available to subscribers
  • 5. Benefits for Guest Network Providers ● Easier, automatic admission/authentication of guest network users (into WPAx-Enterprise Wi-Fi networks) ● Multi-vendor supported network authentication, configuration and provisioning ● Additional monetisation of guest/hospitability Wi-Fi networks ● Called Access Network Providers (ANPs)
  • 6. Benefits for Identity Providers ● Providing network access to identity provider users via roaming ● Cost-savings from using roaming Wi-Fi networks compared to cellular network roaming ● Multi-vendor supported network authentication, configuration and provisioning
  • 7. How does OpenRoaming work? ● Wireless Broadband Alliance coordinates. ● Operators, vendors, companies, organisations can join as members, Radiator Software is a member. ● Joining as a member is not required for utilising and using OpenRoaming, OpenRoaming is available as a service from multiple service providers. ● Choosing between joining as a member or a service provider depends on which kind of OpenRoaming roles and access organisation is interested in. ● Roles: Independent OpenRoaming Implementer, Home Service Provider (HSP), Access Network Provider (ANP), Identity Provider (IdP) ● Access: OpenRoaming-Settled, OpenRoaming Settlement-Free
  • 8. Settled and Settlement-Free Access ● The Settled Access is for those organisations interested in the monetisation of the Wi-Fi network. ● There are service providers offering OpenRoaming-Settled service or organisation can implement it themselves as a member of WBA following OpenRoaming WRIX specifications. ● The Settlement Free Access is for organisations interested more in the eduroam style multilateral roaming and providing and gaining network coverage without additional roaming costs. ● The Settlement Free Access is also available as a service or can be implemented by organisations themselves.
  • 9. example.org RADIUS server example.com RADIUS server OpenRoaming Technical Functionality Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx RADIUS capable Wi-Fi controller or example.net’s own RADIUS server OpenRoaming Settled or Settlement-Free Access Service Provider Static Radius over TLS (RadSec, RFC 6614) connection Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx Global Public DNS Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx DNS discovery: NAPTR aaa+auth:radius.tls.tcp <realm> SRV <NAPTR result> Name lookup <SRV result> Dynamic RadSec connection to example.net’s IdP service provider Dynamic RadSec connections to example.com IdP Dynamic RadSec connection to example.org IdP user@example.com user@example.net user2@example.com user@example.org
  • 10. OpenRoaming requirements for Access Network Provider (ANP) ● For organisations who only want to let OpenRoaming users roam in their network ● Minimum requirements: ○ Passpoint (Hotspot 2.0) compatible Wi-Fi network equipment ○ OpenRoaming Settled or Settlement-Free Access service from some WBA member service provider ○ No WBA membership needed ● Connecting directly to other OpenRoaming members requires WBA client certificate (via service provider or WBA membership), and an own RADIUS server
  • 11. OpenRoaming requirements for Identity Provider (IdP) ● For organisations who want their members or subscribers roam in OpenRoaming member networks ● Minimum requirements: ○ (Passpoint (Hotspot 2.0) compatible Wi-Fi network equipment) * ○ Ability to configure OpenRoaming DNS records for IdP realm ○ OpenRoaming Settled or Settlement-Free Access service and IdP service from some WBA member service provider ○ No WBA membership needed ● Connecting directly to other OpenRoaming members requires WBA client+server certificate (via service provider or WBA membership) and an own RADIUS server. *) only if providing also Wi-Fi access network services (ANP)
  • 12. OpenRoaming requirements for Operators ● Depend heavily on operator requirements for roaming logic, accounting, invoicing, WRIX/roaming broker functionality… ● Minimum requirements (same with IdPs): ○ (Passpoint (Hotspot 2.0) compatible Wi-Fi network equipment) ○ Ability to configure OpenRoaming DNS records for IdP realm ○ OpenRoaming Settled or Settlement-Free Access service and IdP service from some WBA member service provider ○ No WBA membership needed ● Connecting directly to other OpenRoaming members requires WBA client+server certificate (via service provider or WBA membership) and an own RADIUS server. *) only if providing also Wi-Fi access network services (ANP)
  • 13. What can Radiator Software do for you? ● Radiator has all the features needed from RADIUS server for OpenRoaming. ● In addition Radiator has complementing functionality such as Diameter and SIM authentication (with SIM privacy) support. ● Our Radiator Auth.Fi service supports Settlement-Free OpenRoaming ANP and IdP roles. ● With Radiator Expert Services we can support you whether you are interested in building OpenRoaming-as-a-Service or just deploying or piloting it in your Wi-Fi network.
  • 14. Thank you. Questions, Comments? Follow Radiator Software for more information… Radiator Software blog: https://blog.radiatorsoftware.com/ Twitter: https://twitter.com/RadiatorAAA Slideshare: https://slideshare.net/radiatorsoftware/ Bookings for conference calls: https://radiatorsoftware.com/contact/ / info@radiatorsoftware.com