Secure WIMAX network demo AFCEA West 2007

Secure WiMAX Network Demonstration
AFCEA WEST: TECHNET 2007

by
Joseph Celano
Space and Naval Warfare Systems Center, San Diego
Code 2871, Information Engineering Branch Head
and
Jon Marcy
Nortel Government Solutions
Vice President, Navy Programs

Introduction

The Space and Naval Warfare Systems Center, San Diego (SSC SD), Code 2871, and
Nortel Government Solutions (NGS), a U.S. company wholly owned by Nortel, have
established a cooperative research and development agreement (CRADA) to create a
secure wireless architecture for military use, such as supporting littoral operations. The
CRADA efforts are aimed at improving the means of a comprehensive secure wireless
network with reliable quality of service and control; especially for unmanned systems
within military, humanitarian, and public safety operations in a C4ISR environment.

AFCEA WEST Secure Wireless Network Demonstration

To kick off the new partnership, SSC SD and NGS deployed a converged wireless
enterprise network that consisted of WiMAX, WiFi, and commercial GSM technologies
for the AFCEA West Conference held in San Diego, CA, from 27 January through 2
February 2007. The network demonstrated the delivery of ad-hoc networking in a secure
environment providing telephony, video, and data services.

Scenario

An Amphibious Ready Group (ARG), composed of U.S. Navy amphibious ships and a
landing force of U.S. Marines, demonstrates the United States commitment and resolve
in diversified situations, including warfighting and humanitarian missions. One continual
challenge of each ARG, which involves about 5,000 people, is the current means of
communication provided by legacy tactical radios and satellite connectivity. The AFCEA
West demonstration provided insight on advanced flexible terrestrial-based
communications solution that offers broadband-like speeds for data exchanges, and one
that can work in the mobile ad-hoc environment of the littoral operating area.

Architecture

The concept behind the architecture was to mimic a ship-to-shore configuration where
the shore point of entry was the SSC SD location at Point Loma, and the ship point of
entry was the San Diego Convention Center. The line of sight distance between the two
points was approximately five miles.

1


The CRADA team evaluated two unregulated wireless technologies to implement the
five-mile, line-of-sight connection: 802.11a and 802.16d. At the Point Loma facility, they
added a secondary wireless connection using 802.11a to interconnect the building
hosting the SSC SD Secure Wireless Network Lab with the building that provided the
highest point of presence needed for establishing a clear line of sight.

An IP-enabled PBX telephone switch, VoIP telephones, and a GSM mobile switch
controller were located at the SSC SD Secure Wireless Network Lab to emulate an
ashore-based configuration.

The San Diego Convention Center end of the link represented mobile and afloat units. A
CAT5 cable was installed to extend the connection to the floor of the exhibit hall where
the cable was terminated into an IP switch. Hosted off the IP switch was a GSM base
transceiver station, an 802.11a/b/g access point, and several VoIP telephone sets.
Interconnected via wireless mesh technology, additional 802.11a/b/g access points were
placed at multiple locations on the exhibit floor, and VoIP telephone handsets were
extended from each access point.

SSC SD
Wireless
San Diego
Network Lab on
Convention
Point Loma Center

5 Miles
Direct Line of Sight

The technical objective of the topology was to demonstrate the ability to extend IP
telephony and GSM cellular access through a secure wireless bridge. All GSM cell
phones and VoIP handsets (both wireline and wireless) were able to accomplish their
registration process and cross-connect through the PBX. The results were that locations
hosting a wireless mesh 802.11 access point were able to successfully make and

2


receive calls off the PBX located at the Point Loma SSC SD Secure Wireless Network
Lab. Additionally, GSM calls were able to be made mobile-to-mobile and mobile-to-VoIP
telephone set.

Detailed Design

The following diagram captures the design and topology for the demonstration network.

802.11a 5 miles LOS (parabolic-29dbi) Day 1/Back-up

802.16d 5 miles LOS (internal panel) Days 2-3/Primary

GS
M
GSM

NGS
GSM Pico
Microsoft Booth
WLAN SPAWAR Booth

SSC SD Secure
Digital VoIP
Wireless Network
Lab on Point Loma

Blackbox Booth Fortress Booth

Convention Center

SSC SD Secure Wireless Network Lab on Point Loma

The configuration created for SSC SD was comprised of:

• CS1000M Communication Server or PBX (Running Succession 4.5)
• PP5520 IP Data Switch
• HX-1000 GSM Controller
• i2007 IP Telephone Handsets
• ES520 IP 802.11 Access Points
o Radios - high-power 802.11a radio and high-power 802.11a/b/g radio
o Range - tested up to 7 miles with omni-antennas and 32 miles with
directional antennas
o High-assurance security encryption - AES 128, 192 & 256; WPA2
(802.11i) Suite B software upgradeable (Q1 2007); WIDS Sensor Module
(Q1 2007) Multi-factor Authentication™
o Mesh technology - self-forming, self-healing network
o Environmental - UL 60950-1, NEMA 3/3S/4, MIL-STD 810F

3


o Management - Browser-based GUI, CLI or SNMP
o Form factor - Small (less than 4lbs), rugged, heat-dispersing unit with no
moving parts
• WiMAX Base Station
o BPSK/QPSK/16QAM/64QAM
o Up to +23dBm transmitter; -103 dBm receiver sensitivity
o Adaptive modulation
o Multi-channel transmitter and receiver diversity across multiple radios
o Full-duplex/half-duplex FDD and TDD operation
o Advanced software features
o Full IEEE 802.16 QoS/service classes
o Full IEEE 802.1d transparent bridging
o IEEE 802.1Q/p VLAN tagging-untagging bridging and router functionality

The PBX was configured to support IP telephony and was interconnected to Nortel i2007
VoIP handsets, while providing trunk connectivity to an ES520 wireless 802.11 Access
Point. From the ES520 Access Point, a short wireless link was made to an adjacent
building where a clear line-of-sight shot was obtained. At that location, an Ethernet
“relay” was established by interconnecting the ES520 with the WiMAX Base Station.

San Diego Convention Center

The configuration created for the San Diego Convention Center was comprised of:

• PP5520 IP Data Switch
• GSM Base Transceiver Station
o 1 TRX, 8-channel BTS in a 1RU chassis
o 3 TRX, 24-channel BTS in a 2RU chassis
o Single 10/100 Ethernet connection to Zynetix controller
o Two antenna connections for TX and RX antenna connections
o Range 2 to 10+ miles depending on antenna height, terrain type, tree
cover, and frequency
o Frequency - 850MHz, 900MHz, 1800MHz, and 1900MHz options
o Supports GPRS (CS1 to CS4)
o Integrated “Network Listen” capability – minimizes RF planning
o Radio Interface
Frequencies - 900, 1800 and 1900MHz
Output power - 43dBm
Power Control - 22 to 43dBm in 12 x 2dBm steps
Antenna - external SMA connectors for TX and RX
Configuration - 1 to 3 TRX, 8 to 24 timeslots
o Services
Circuit switched data supports secure calls at 9600bps
Tele-Services Telephony, SMS MT/MO/CB
GSM encryption - A5/1, A5/2 (requires applicable export license)
GPRS support CS1-4, Multi-slot class 12, Dynamic PDCH
• ES520 IP 802.11 Access Points
• i2007 IP telephone handsets
• IP wireless handsets
• GSM Wireless PDAs

4


• WiMAX Remote

At the San Diego Convention Center, a WiMAX remote was mounted on the mezzanine,
and a CAT5 cable was extended from the mezzanine to the exhibit floor where it was
terminated into a PP5520 IP switch. Hosted off the IP switch was a GSM base
transceiver station, an 802.11a/b/g access point, and several VoIP telephone sets.
Interconnected via wireless mesh technology, additional 802.11a/b/g access points were
placed at multiple locations on the exhibit floor, and VoIP telephone handsets were
terminated off each access point.

Security

Fortress Layer Two encryption was activated across the RF paths carrying IP traffic. A
Sectera encryption engine running Type Four (AES) encryption was used on the GSM
system. Working with secure GSM handsets from General Dynamics, the CRADA team
was able to become secure when a call was operational.

Summary

The secure WiMAX network demonstration proved that hybrid cellular/802.11/802.16
radio networks can be created and integrated with appropriate security to protect the IP
and/or telephony traffic. VoIP calls were clear and latency was non-existent. Interoper-
ability between IP and TDM (cellular) was accomplished using an IP-enabled PBX that
supported SIP.

About the Secure Wireless Network CRADA

The Secure Wireless Network Lab has been established in Building 84, Topside, at SSC
SD, in partnership with NGS. The lab focuses on designing a secure, multi-spectrum
wireless network for fixed and mobile voice and data communications that meets all
requirements of U.S. Department of Defense Directive 8100.2. Wireless technologies
initially include Wi-Fi (802.11a/b/g), GSM, WiMAX (802.16d/e), MIMO, and OFDM.
Other 4G (fourth-generation) wireless technologies will be added. Using an open-
architecture approach, multiple vendors and government organizations will be integrated
into the secure wireless network.

The secure wireless network is currently limited to Point Loma, San Diego, but the goal
is to extend the network throughout the San Diego metropolitan area, as well as to
Camp Pendleton, CA, and St Julian’s Creek in the Norfolk, VA, area.

For further information about the CRADA or how to participate in the research and
development agreement, please contact Joseph Celano at joe.celano@navy.mil, 619-
553-9433 (office), or 858-774-3843 (mobile).

5

Secure WIMAX network demo AFCEA West 2007

More Related Content

What's hot

Viewers also liked

Similar to Secure WIMAX network demo AFCEA West 2007

Recently uploaded

Secure WIMAX network demo AFCEA West 2007