Upload
thecqgl
View
220
Download
0
Embed Size (px)
Citation preview
8/12/2019 Wi-Fi Offload HOW v2!03!13
1/25
ABSTRACTSeamless Wi-Fi ofoad is a new paradigm in unied mobile and wireless data services. This paper
examines how mobile network operators can build on EAP-SIM and convergent Wi-Fi / 3G / LTE
service management solutions to deliver high-quality carrier-class Wi-Fi to smartphones, tablets
and non-SIM devices. Solutions will empower operators to address a broad base of users with
new business models reecting a range of new and attractive data service.
HOWWI-FI OFFLOAD
SEAMLESS WI-FI OFFLOAD:FROM VISION TO REALITY
APTILO NETWORKS WHITE PAPERBy Claus Hetting, Senior Consultant & Analyst
Copyright Aptilo Networks v2 03-13
Interested in WHY? Read our other white paper Seamless Wi-Fi Ofoad: A business opportunity today
8/12/2019 Wi-Fi Offload HOW v2!03!13
2/25
8/12/2019 Wi-Fi Offload HOW v2!03!13
3/25
3
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
SEAMLESS WI-FI:A NEW PARADIGM IN UNIFIED COMMUNICATIONSThere is no question that Wi-Fi ofoad is one of the mobile industrys most hotly debated business
opportunities right now. Many of the worlds largest mobile operators already recognize Wi-Fi
as a business-critical technology and some are in the early phases of deploying seamless Wi-Fi
ofoad. A few progressive new operators entering the mobile arena today even consider Wi-Fi
their primary technology and use mobile services as a secondary network layer only.
The drivers for Wi-Fi ofoad are well known: Wi-Fi-capable devices are everywhere and more
than a billion are equipped with SIM cards. For many users of tablets, smartphones, and laptops,
Wi-Fi has become the preferred means of connectivity. Razor-sharp competition is forcing many
mobile carriers to cut spending while looking for new ways to stand out in the market. Seamless
Wi-Fi services for SIM-enabled users may well be the differentiator that the mobile industry hasbeen looking for.
So how can mobile operators turn the vision of seamless Wi-Fi into reality? Aptilo has for more
than 10 years been instrumental in transforming the potential of Wi-Fi technology into successful
commercial data services serving millions of satised Wi-Fi users worldwide through close to 100
service provider customers.
The next step is using seamless Wi-Fi ofoad to satisfy the millions of smartphone and tablet users
demanding still more data. Many view the unication of the widely successful world of mobile
broadband with the equally successful world of Wi-Fi as a paradigm shift for both.
This White Paper examines how to build the right solutions and services to achieve the goal of
making carrier-class Wi-Fi seamlessly accessible to SIM-enabled users while efciently supporting
a growing base of non-SIM devices. Contrary to common belief seamless Wi-Fi ofoad is alreadyavailable today. The evolution of seamless Wi-Fi will within a few years empower mobile operators
to manage and control Wi-Fi networks as fully integrated extensions of their mobile 3G/ LTE
infrastructure and services.
WHAT IS SEAMLESS WI-FI AUTHENTICATION?Seamless Wi-Fi authentication allows SIM-enabled smartphones and tablets to access Wi-Fi
networks without any user interaction. An iPhone will for example automatically connect to a
Wi-Fi network once inside the carriers Wi-Fi coverage area and following authentication based
on information stored on his or her SIM. This does not otherwise restrict the use of any 3G or LTE
network because Wi-Fi and mobile transceivers operate independently on devices 1.
A number of carriers and vendors today offer seamless Wi-Fi services for SIM-enabled devices
using a device client in the form of a downloaded or preloaded application. An important aspect
of nearly all the seamless Wi-Fi solutions examined in this paper is that they do not require third-
party clients in devices2.
Solutions that require the user to take an active role in provisioning his or her cellular device for
a service have historically gained only a few subscribers despite the promise of convenience and
lower costs.
1 In the current version of iOS the smartphone or tablet will automatically prefer Wi-Fi to mobile broadband car-riers. Over the next couple of years seamless Wi-Fi solutions will evolve to allow the device and the network tointeractively control the preferred carrier depending on number of parameters. The evolution of seamless Wi-Fiis discussed later in this paper.
2 Clients may be a requirement e.g. for CDMA operators. Clients can be pre-provisioned in the factory for specicMNOs or provisioned over-the-air although this will introduce an additional administrative process for MNOs.
1
8/12/2019 Wi-Fi Offload HOW v2!03!13
4/25
4
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Even offers of Free Wi-Fi or Free VoIP suffer from this difculty. From experience it seems thatrelying on user self-provisioning reduces the addressable market to no more than a few percent.
Seamless Wi-Fi ofoad with EAP-SIM authentication carries with it the potential for global mass-
market adoption because smartphone users need to do precisely nothing to enable the service.
This is one of the reasons why many industry experts expect EAP-SIM to be a game-changing
enabler of new Wi-Fi business opportunities for service providers in the Wi-Fi space.
FROM SIM-BASED AUTHENTICATION TO FULL SERVICE CONTINUITYEAP-SIM authentication for Wi-Fi ofoad is the rst step on a dened path towards full service
continuity across Wi-Fi and mobile networks. A great deal of standardization and industry
consensus work is being carried out within the 3GPP and Wi-Fi communities in order that both
industries receive the full commercial benet of offering unied Wi-Fi / 3GPP broadband data
services.
The unication of Wi-Fi and 3GPP-based networks and services can be broken down into three
phases. This evolutionary path will almost certainly be realized over the coming years as it is
supported by all major vendors, standardization bodies, and industry organizations. MNOs will be
able to choose from a variety of options over the coming years as technologies mature.
The evolution of seamless Wi-Fi for mobile carriers
Figure 1: The evolution of seamless carrier-class Wi-Fi authentication and interworking. Todayssolutions are all currently available from Aptilo as are a selection of the integration options of Phase2 including GTP trafc routing.
8/12/2019 Wi-Fi Offload HOW v2!03!13
5/25
5
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
SEAMLESS WI-FI OFFLOAD TODAYThe 3GPP and Wi-Fi communities have been working together for years to agree on how mobile
and Wi-Fi should interwork. One of the most important items agreed upon is the acceptance of
EAP-SIM and EAP-AKA methods for authentication of SIM-enabled devices on Wi-Fi networks.
Seamless and automatic Wi-Fi authentication offers great convenience to the smartphone or
tablet user. It relies on a signaling exchange between the SIM-enabled device, the Wi-Fi network
(including the Wi-Fi service management platform), and the core network of the mobile operator.
EAP-SIM Wi-Fi authentication can be implemented between a Wi-Fi network and a mobile 3G /
LTE network as shown in the diagram below. All of the parts of the solution are currently available
and are fully tested allowing mobile carriers to implement the rst phase of seamless Wi-Fi today.
Figure 2: Seamless Wi-Fi ofoad using EAP-SIM (EAP-AKA) and local WLAN trafc breakout. Thedevice authenticates on the mobile network HLR (or HSS) through the Wi-Fi service managementplatform including a SIM authentication server.
The interaction-free authentication starts with an EAP-SIM or EAP-AKA message from the
smartphone or tablet. The Wi-Fi AP encapsulates the message using a secure 802.1X link and
RADIUS. A Wi-Fi access gateway (AG) and service management platform signals toward the HLR
(or HSS in the case of LTE) MNO core network using standard SS7 / MAP. The IP-based SIGTRAN
protocol can also be used for this signaling, which is especially useful in the case of hosted
authentication services.
Most vendors use a SIM authentication server to manage the authentication toward the HLRor HSS. Some vendors including Aptilo also have this function pre-integrated in the service
management platform. Once SIM-authentication is complete, the device is free to use the Wi-Fi
network for data services subject to service policies. Today, device trafc is usually passed to the
local Internet with local WLAN breakout, i.e. trafc is routed from the Wi-Fi access gateway to
the local Internet thus saving backhaul transmission resources.
One of the important benets of EAP-SIM authentication is that it complies with the known and
trusted 3GPP method of using authentication vectors. The method is known for its high level
of access security and has played an important role in the global success of GSM and 3G. Wi-Fi
network access with EAP-SIM is therefore as secure as todays mobile network access.
2
8/12/2019 Wi-Fi Offload HOW v2!03!13
6/25
6
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
TECHNICAL REQUIREMENTS FOR TODAYS SEAMLESS WI-FIThe evolution of Wi-Fi and mobile interworking in the coming years will allow for much
sophistication above and beyond the current approach. But already today many MNOs are
realizing that seamless Wi-Fi services are achievable through proven means with signicant
economic benets. The technical requirements for the rst phase of seamless Wi-Fi ofoad are
relatively light:
Smartphone and tablet devices need to support EAP-SIM authentication
Although EAP-SIM authentication is clientless in the sense that no app or other third-party
client is needed, devices still need to support EAP-SIM. Today most leading smartphone
operating systems support EAP-SIM including Apples iOS, Android 4.0 or above, Blackberry,
Nokia (Symbian) and Windows 8. With a typical replacement cycle for smartphones of two
years or less, the global installed base of EAP-SIM and EAP-AKA capable devices is expected
to grow quickly.
Wi-Fi Access Points need to support 802.1X
While EAP-SIM and EAP-AKA dene authentication messages, the 802.1X protocol
encapsulates messages for delivery. As a consequence Wi-Fi Access Points used for EAP-
SIM authentication need to support the 802.1x protocol. This is a light requirement because
current carrier-class Wi-Fi APs are 802.1X-compliant.
SIM authentication services in the Wi-Fi core network
Seamless Wi-Fi authentication needs support from the Wi-Fi core network in order to interwork
with the HLR or HSS to which the user is subscribed. To complete this part of the process a
EAP-SIM / AKA authentication service is needed for example in the form of the Aptilo SIM
Authentication Server (SAS). This server forms a part of the Wi-Fi core together with the
Wi-Fi service management platform. In Aptilos case the SIM authentication functionality isincluded as an option in the Aptilo Service Management Platform (SMP).
All of the above components are available today and the amount of investment and technical
deployment required is minimal compared to the cost and complexity of deploying for
example LTE or 3G-based solutions. This is one of many reasons why seamless Wi-Fi ofoad
is gaining momentum as a complement to building mobile broadband capacity with LTE or
3G small cells.
Non-SIM users can also be authenticated with EAP-TLS and EAP-TTLS although this is less
common today. These methods are mostly used for authentication of devices in enterprise
or mobile CDMA networks but can also be used for secure access of non-SIM-enabled Wi-Fi
subscribers through certication of devices (EAP-TLS) and authentication servers (EAP-TTLS).
The Aptilo solution offers the exibility of including EAP-TLS and EAP-TTLS in order thatMNOs may address the largest possible subscriber base3.
3 For more on authentication types and methods see chapter 6 of this paper.
8/12/2019 Wi-Fi Offload HOW v2!03!13
7/25
8/12/2019 Wi-Fi Offload HOW v2!03!13
8/25
8
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
HOW DOES CARRIER-CLASS WI-FI MEASURE UP TO 3G & LTE?Wi-Fi is a best effort and shared resource data service - as are 3G and LTE but there are distinct
differences. Comparing Wi-Fi to mobile broadband is a bit like comparing apples to oranges
because the two were designed and conceived differently although they often serve the identical
purpose of providing wireless broadband connectivity.
Wi-Fi is a capacity and not a coverage solution. The range of a Wi-Fi AP is 200 meters at best and
is in practice often less than 100 meters. The limited range is governed in part by the fact that
Wi-Fi APs by regulation only are allowed to operate at 100 mW of emitted power (in the EU) with
devices typically operating at 20 or 30 mW. On the other hand capacity constraints are precisely
what many MNOs are facing as a result of the surge in data consumption.
Todays carrier-class Wi-Fi solutions use state-of-the-art radio technology to provide an order of
magnitude better performance than the sluggish data rates often experienced by users on privatehome or ofce Wi-Fi networks. A number of advancements in Wi-Fi radio technology have taken
place over the past few years based on the IEEE 802.11n standard and many of them have been
achieved by Aptilo partners.
The table below indicates performance levels for Wi-Fi, 3G, and LTE. While peak rates are well
dened, the user rates in the table are based on typical average conditions. The user rate for
carrier-class Wi-Fi assumes dual-band 2.4 GHz and 5 GHz operation.
The rates will vary according to distances from the AP, device capabilities, and deployment
schemes. Carrier-class Wi-Fi using 802.11n typically performs better than 3G / HSPA+ and will
in some cases be comparable in performance to LTE. O2 of the U.K. has openly announced that
their outdoor and street-level carrier-class Wi-Fi service provides speeds up to ten times faster
than a normal mobile connection.4
Comparing Wi-Fi and 3G/LTE performance:
Figure 3: Typical carrier-class Wi-Fi networks using 802.11n offer better performance than 3G/HSPA+.In some cases 802.11n will perform at levels comparable to LTE depending on device capabilities andWi-Fi deployment schemes. The table above is indicative only as assumptions beyond the scope of thispaper have been applied in deriving the values. For more information on the assumptions contact Aptilo.
4 The 600 MHz of unlicensed Wi-Fi band is typically not used in a single block but should be viewed as a poolof available frequencies from which Wi-Fi service providers select a number of sub-bands also known as Wi-Fichannels. In the 2.4 GHz band carrier-class Wi-Fi deployments typically use 3-4 channels of 20 MHz bandwidtheach. In the 5 GHz band most service providers today will use up to a maximum 9 channels of 20 MHz. Thesechannels are then arranged into a frequency reuse pattern. By selecting from a large pool of available channels,Wi-Fi service providers can keep interference low to achieve high service quality and throughput.
3
8/12/2019 Wi-Fi Offload HOW v2!03!13
9/25
9
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
BUILD OPTIONS FOR REALIZING SEAMLESS WI-FI SERVICESA number of build options exist for MNOs wanting to deploy seamless Wi-Fi services. In many
ways the inclusion of Wi-Fi into the mainstream of MNO technologies is a departure from the
tried-and-true site acquisition and deployment processes of MNOs that have been in existence
since the beginning of mobile.
Figure 4: Build options for monetizing
the MNO Wi-Fi ofoad opportunity.Any or all of the above can bepursued in parallel based on similartechnical approaches to EAP-SIMauthentication. All of the aboverequire exible service managementto accommodate a variety of servicesincluding ad-hoc users and MNOsubscribers.
MNOs are faced with a number of options: Building their own Wi-Fi networks to complement
3G / LTE networks, partnering with Wireless ISPs (or cable operators, hotel owners, etc.) or a
combination of the two. MNOs may also choose to partner with Wi-Fi hotspot aggregators such
as iPass or Boingo. Some MNOs own Wi-Fi hotspot networks that can be used to provide seamless
Wi-Fi ofoad and a number of MNOs are already doing this successfully.
A fourth option is for MNOs to acquire existing WISP businesses. Finally, MNOs can choose to
offer international SIM-enabled Wi-Fi roaming through partnerships with foreign WISPs. In all
cases EAP-SIM seamless Wi-Fi authentication will apply although the details of the Wi-Fi services,
Wi-Fi core network support, and mobile core interworking may differ widely.
4
8/12/2019 Wi-Fi Offload HOW v2!03!13
10/25
10
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Any seamless Wi-Fi solution requires not only compliance with 3GPP standards but also exibilityin service management including multiple means of authentication, policy control, and billing.
Wi-Fi networks are nearly always multi-purpose serving not only MNO subscribers but also ad-
hoc users and roaming users through other service providers on the same or on parallel physical
Wi-Fi networks.
Figure 5: Serving SIM-enabled
subscribers seamlessly acrossWi-Fi and 3GPP-based net-works and serving non-SIMdevices on a single combinedWi-Fi network.
WHERE TO BUILD MNO CARRIER-CLASS WI-FI NETWORKSSeamless Wi-Fi gives MNOs the opportunity to ofoad mobile trafc to their own Wi-Fi networks for
relief of trafc congestion and to offer high-quality Wi-Fi services to both SIM-enabled and non-SIM
subscribers. Wi-Fi ofoad also reduces the need for licensed spectrum. Many 3G / LTE radio equipment
vendors offer a Wi-Fi AP option for small cell base stations although Wi-Fi ofoad networks can be
built independently of 3G / LTE networks using standard indoor or outdoor Wi-Fi APs.
MNOs need to decide not only how but also where to deploy Wi-Fi. Some parts of the industry are
promoting seamless Wi-Fi as part of a hetnet solution for providing service to a few high-density
places of congregation, such as sports stadiums and transport hubs. Although such deployment
scenarios are attractive, Wi-Fi ofoad allows operators to benet from Wi-Fi in a more general sense.
8/12/2019 Wi-Fi Offload HOW v2!03!13
11/25
11
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Typical traffic distribution for mobile broadband
Figure 6: The typical distribution of trafc on a mobile broadband network. The few mobile sites carryinga large proportion of the total trafc can be ofoaded by up to 50% with seamless Wi-Fi ofoad.
The gure above shows the typical data trafc distribution experienced by many MNOs. The
distribution is highly uneven as most of the trafc comes from a few sites. The 80% / 20% rule
often applies and some distributions can be even more skewed. This applies not only to cities but
also to suburban and rural areas. Seamless Wi-Fi ofoad can be used effectively in any area where
mobile sites are heavily loaded.
CAPACITY GAINS AND SPECTRUM SAVINGS WITH WI-FI OFFLOADCarrier-class Wi-Fi has been designed to provide enormous amounts of capacity in small areas.
For indoor applications it is typical to deploy about 100 Wi-Fi APs for example in an airport
building of 100.000 m2. With 802.11n APs comfortably delivering 50 Mbps each the result
is 5 Gbps of capacity5. In the case of outdoor Wi-Fi the AP density is typically lower 6reaching
capacities of 1-2 Gbps per km2. Compare this to a single LTE macrosite capable of delivering
around 100-120 Mbps.
Seamless Wi-Fi solutions today typically ofoad 20-30% of mobile trafc to Wi-Fi with some
Aptilo c reporting up to 50% ofoad of individual sites. Because the relation between the licensed
spectrum need and the peak trafc load is linear, MNOs can today reduce their peak spectrum
needs by an equivalent 20-30% or more if mobile trafc can be ofoaded during the busy hour
in the right high-trafc areas.
A practical restriction today is that networks and devices offer little intelligence in controlling
where and when mobile trafc is ofoaded. The evolution of Wi-Fi ofoad includes the ANDSF
and Hotspot 2.0 functions and device intelligence features addressing this issue.
5 According to Ruckus Wireless, U.S.A.
6 See the Aptilo White Paper: Seamless Wi-Fi Ofoad for MNOs A real business opportunity today
8/12/2019 Wi-Fi Offload HOW v2!03!13
12/25
12
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
MNO CARRIER-CLASS WI-FI CHALLENGESCarrier-class Wi-Fi is an opportunity but also a challenge. Some of the most important issues are:
Lack of deployment opportunities
Many attractive indoor locations malls, hotels, airports, retail outlets, sports arenas etc. are
already being served by a number of WISPs and it may be difcult for MNOs to negotiate
access to such sites in order to install equipment. Access to outdoor installation sites on street
furniture such as lampposts and billboards is occasionally possible as local governments realize
the growing importance of Wi-Fi connectivity to everyone in the community. The mobile carrier
O2 of the U.K. (owned by Telefonica of Spain) in the summer of 2012 deployed a Wi-Fi network
on lamppost in the Central London area. O2 smartphone users are today using this Wi-Fi service.
Backhaul of traffic from Wi-Fi APs
Trafc from indoor Wi-Fi APs can be backhauled through LAN cabling and local switchesinside the buildings but identifying suitable backhaul solutions for a grid of densely deployed
outdoor Wi-Fi APs is more challenging. Current options include the use of unlicensed 5 GHz
mesh Wi-Fi networks for transmission and new forms of non-line-of-sight, point-to-multipoint
microwave systems.
Dealing with new venue types
MNOs with much experience in acquiring and operating base station sites may not fully realize
the organizational and sales skills needed to partner with Wi-Fi venue owners. The nature of
the Wi-Fi business is such that venue owners must have a vested interest in allowing MNOs to
access facilities. This is in sharp contrast to the case where MNOs have full authority over their
own base station sites. MNOs thus need to change mindsets from ownership to partnership.
Managing multiple authentication types, service packages, and payments
If MNOs choose to build hotspots in traditional Wi-Fi venues such as hotels, retail outlets,
transport hubs, etc. venue owners will typically require that Wi-Fi networks also serve clients
that are not SIM-enabled or existing subscribers of the MNO. Multiple means of authentication
and payment are needed. This accentuates the need for a Wi-Fi core network capable not only of
seamless Wi-Fi authentication but a range of both standard and new service provisioning options.
Part of the solution to dealing with new venue types lies in using the right Wi-Fi service
management platforms with features specically designed to meet a variety of consumer and
B2B needs. These include guest Internet services for the hospitality industry that integrate with
hotel billing systems, bring-your-own-device (BYOD) Wi-Fi access, customized portals, and
more. Aptilo has for years been serving the full range of venues from airports and hospitals
to retail chains and stadiums.
PARTNERING WITH WISPS OR CABLE OPERATORSPartnering with WISPs or cable operators with Wi-Fi networks may be the best option for MNOs
with limited access to the right indoor locations. Using the exibility of for example the Aptilo
Service Management Platform (SMP) a range of practical and eld-proven solutions is available.
A partnering strategy allows MNOs to obtain large seamless Wi-Fi coverage footprints without
making their own Wi-Fi investments except for Wi-Fi core and management systems. MNOs also
avoid having to refocus their businesses on the unfamiliar processes of building and managing
Wi-Fi radio infrastructure and can concentrate efforts on operating mobile infrastructure.
8/12/2019 Wi-Fi Offload HOW v2!03!13
13/25
13
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Not all WISP partners may fulll the technical requirement for EAP-SIM authentication, as olderWi-Fi access points may not be 802.1X-enabled. MNOs need to ensure that WISP partners comply
with such requirements or select partners that own and operate fully EAP-SIM-capable networks.
It is also important wherever possible for MNOs to select partners providing the right Wi-Fi service
quality using for example 802.11n-based systems as opposed to legacy APs.
Various WISP partners may request a multitude of service policies and roaming payment options
as individual WISP expectations and business models can vary widely. The MNO needs to have the
right business processes and service platforms in place to manage in the worst case dozens
of tariffs and policies across its partnering footprint. Aptilo has years of experience in conguring
Wi-Fi service platforms to manage such scenarios effectively.
INTERNATIONAL SEAMLESS WI-FI ROAMING
International seamless data roaming using EAP-SIM and Wi-Fi is perhaps one of the largestuntapped business opportunities in the mobile industry today. With mobile roaming tariffs at 1
EUR per megabyte (within the EU) only very few subscribers currently use mobile data roaming.
One reason for the high tariffs is that mobile roaming trafc is backhauled to the home network
of the MNO through costly international transmission links. Not only is Wi-Fi generally less CAPEX
-intensive, it also allows routing of trafc to the local Internet of the Wi-Fi roaming partner.
There are few technical and business differences between national seamless Wi-Fi ofoad and
international SIM-enabled Wi-Fi roaming although partnering with foreign WISPs requires careful
service management and policy coordination. Any Wi-Fi roaming business case also needs to
strike the right balance between sharing revenues with roaming partners and benetting from
better customer retention.
AT&T of the USA began offering SIM-based international roaming for smartphone clients in
November 2012 as one of only a few active cases. In the AT&T case the smartphone needs a
third-party client in the form of an app. This is not technically necessary if the Wi-Fi network of
the roaming partner supports 802.1X.
8/12/2019 Wi-Fi Offload HOW v2!03!13
14/25
14
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
MONETIZING NON-SIM WI-FI USERSThe greater installed base of Wi-Fi devices are not SIM-enabled and do not qualify for EAP-SIM
authentication. This segment includes large-screen devices such as laptops and tablets used by
both consumers and professionals. With a high-quality Wi-Fi network MNOs may benet from
offering ad-hoc or subscription-based Wi-Fi through a service management platform handling
both SIM and non-SIM services. Various managed services, wholesale and direct-to-consumer
business models are possible:
Managed carrier-class Wi-Fi services
Business and organizations need quality Wi-Fi connectivity. These may include hotels, retail
chains, and branch ofces of small or medium-sized businesses without the budget or
organization to deploy or maintain their own Wi-Fi systems. The managed services business
model can be extended to include any kind of public venue including hospitals and airports.
Wholesale of excess Wi-Fi capacity
With carrier-class Wi-Fi delivering several Gbps per km2, MNOs with their own Wi-Fi
networks will have capacity to spare. Wholesale customers may include other MNOs, WISPS,
enterprises, communities or any other business or organization in need of high-quality Wi-Fi
services. Multiple virtual Wi-Fi networks (virtual SSIDs) can be congured on the same Wi-Fi
infrastructure.
Ad-hoc Wi-Fi services direct to the consumer:
The market for ad-hoc Wi-Fi services can be a new source of revenue for MNOs. Multiple
authentication and payment schemes are possible including SIM-authentication, SMS loops,
credit card payment, prepaid vouchers, direct subscription services and more. Providing
carrier-class Wi-Fi services also to non-subscribers can be an effective new way for MNOs to
attract new mobile subscribers.
One service for all devices
Many MNO subscribers own multiple Wi-Fi capable devices including a laptop and a tablet. A
combined EAP-SIM authenticated Wi-Fi and mobile broadband service bundle for all devices
even for those without SIM cards will boost subscriber loyalty as well as data service
revenues.
New Wi-Fi business models
Wi-Fi services can be congured to support specic applications such as premium video
streaming or gaming based on subscriptions, prepaid vouchers, or ad-hoc. Free services can
be offered for example by asking the user to pick from a variety of commercial downloadable
apps or advertisements. Similar business models may be offered by for example retail-
shopping chains.
5
8/12/2019 Wi-Fi Offload HOW v2!03!13
15/25
15
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
6FLEXIBILITY: PROVISIONING A RANGE OF MOBILE / WI-FISERVICESThe worlds of Wi-Fi and mobile are merging but the evolution of seamless Wi-Fi will be gradual
and will require continued core network support on the Wi-Fi side. EAP-SIM is an indispensable
enabling technology for seamlessness but further to authentication, Wi-Fi services for MNO
subscribers also need to be authorized, accounted for, and service policies need to be enforced.
This is the combined role of the AAA and PCRF 7(PCEF8) functions in the Wi-Fi and 3G / LTE core
networks.
As seamless Wi-Fi services and policies vary according to carrier preferences the key feature of any
Wi-Fi core network and service management platform is adaptability of conguration and interfaces.
Examples of combined mobile and Wi-Fi data services may include the following use cases:
Mobile data (limited or unlimited) & unlimited Wi-Fi data bundle
The Wi-Fi service management platform authenticates the user through the SIM Authentication
Server toward the mobile network HLR and interfaces with the billing and CRM system of the
mobile network. MNOs can choose to apply service policies if smartphone trafc for example
is routed to the mobile core.
Combined capped 3G & Wi-Fi data bundles
In extension of the solution above the Wi-Fi service management platform interfaces with the
PCRF of the 3G mobile core to enforce the cap on the combined 3G and Wi-Fi data volume. If
data caps are exceeded the user is redirected to a portal to conrm and authorize additional
charging.
Casual Wi-Fi with or without SIM
Subscribers with Wi-Fi capability but belonging to another MNO (or subscribers roaminginternationally) with or without SIM can be routed to a portal via the service management
platform for pay-as-you-go casual Wi-Fi services. This service can also be extended to include
EAP-SIM authentication toward the mobile HLR for casual SIM-enabled Wi-Fi.
Wi-Fi for 3G subscribers without a 3G data plan
Smartphone users without a 3G data plan may be offered ad-hoc, SIM-authenticated Wi-Fi
services on a daily or hourly basis using multiple payment options. The user is directed to
a portal for payment via the Wi-Fi service management platform or the payment can be
detracted from the users prepaid account via the MNOs billing system. This type of service
may give MNOs an opportunity to reach a new segment of users looking for more affordable
data services for example in emerging markets.
7
Policy and Charging Rules Function8 Policy and Charging Enforcement Function
8/12/2019 Wi-Fi Offload HOW v2!03!13
16/25
16
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Figure 7: Multiple authentication methods allow SIM-based and non-SIM devices to access carrier-class Wi-Finetworks through a exible service management platform. The SMS & MAC method uses an SMS message from
the users phone to authenticate the service after which the MAC address of the device is used for future logins.
THE NEED FOR MULTIPLE AUTHENTICATION METHODS
Regardless of whether an MNO deploys their own carrier-class Wi-Fi network or elects to partnerwith one or more WISPs, Wi-Fi services need to support a variety of user types, services, and
devices in order for the MNO to receive the full return on investments in Wi-Fi. MNOs also face a
variety of security concerns depending on the mix of authentication types.
The most secure (and 3GPP-approved) form of authentication is EAP-SIM and 802.1X while the
least secure employs usernames and passwords. A tradeoff exists between offering Wi-Fi services
to address the broadest user base and reaching the highest level of access security using 3GPP-
based methods. Individual MNOs will need to decide what may be the acceptable level of security.
8/12/2019 Wi-Fi Offload HOW v2!03!13
17/25
17
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Figure 8: The full matrix of authentication schemes supported by the Aptilo Service Management Platform. The
most secure authentication is EAP-SIM using 802.1X encryption while the least secure uses manual login witha user ID and password. Any combination of the methods can be applied for any given Wi-Fi service provider.
There are many examples of the need for multiple methods and as MNOs develop new business
models for combined Wi-Fi and 3G / LTE services more will emerge. Here are a few examplesrequiring the specialized support of the service management platform as well as mobile core and
billing systems:
EAP-SIM authentication with bill-shock prevention:
When Wi-Fi services are capped (either in combination with 3G data quotas or independently)
users need to be advised of and acknowledge the additional charge once the cap has been
reached to prevent bill shock. The user is directed to a captive portal to conrm or reject the
additional charge. Aptilo has already implemented such a scheme for a large MNO customer
in Latin America.
SMS-based authentication for devices not supporting EAP-SIM
Users with devices not supporting EAP-SIM (such as legacy smartphones) can be authenticated
for Wi-Fi based on their mobile subscription by sending a one-time password to the device viaSMS. The identity of the user can be veried by lookup in the HLR or HSS of the MNO. It is
also possible to use a client on the device to automatically connect using the SMS-transmitted
password.
WISPr 1.0-based authentication for non-SIM devices
Some hotspot aggregators such as iPass and Boingo use WISPr-compatible clients in the
devices to automatically authenticate the Wi-Fi user via home or visited AAA.
8/12/2019 Wi-Fi Offload HOW v2!03!13
18/25
8/12/2019 Wi-Fi Offload HOW v2!03!13
19/25
19
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
PHASE 2: INTERWORKING WITH 3G / LTE CORE NETWORKSPhase 2 in the evolution of seamless Wi-Fi ofoad is about giving MNOs more sophisticated
means of controlling the ow of Wi-Fi trafc and enforcing their own policies from inside the
mobile core. An important part of this is the routing of Wi-Fi trafc from smartphones to the
mobile core instead of only allowing local WLAN breakout of Wi-Fi trafc. A number of options
exist for realizing the features of Phase 2.
The gure below gives an overview of the many Wi-Fi / 3GPP integration options ranging from
simple EAP-SIM authentication and local WLAN breakout to full service integration and trafc
routing to the mobile core. Many alternatives are possible and Aptilo supports them all. Individual
MNOs will need to decide what approach or combination of methods serves their specic business
needs in the best manner.
Wi-Fi Core
Mobile Core
Internet
MobileRAN
Wi-FiRAN
Wi-Fi Offload
Local break-out of Wi-Fi
(Mobile RAN + Core offload)
BackhaulingWi-Fi toMobile Core(RAN offload)
DPI
HLR
HSS
SMS-C
WAG
TWAG
SGSN
S-GW
TTG
ePDG
or 3rdpartyaccess GW
AccessController
TM
APController
CRM
BillingPrepaid
PCRF
GGSN
P-GW
Existing OSS /BSS
Policy&
Charging
EAP-SIM/AKA
Databaselookups
XML / SOAP,LDAP, RADIUS
Wm/STa/Gxa
SWa/Wa
Policy-based routing to DPI
Wm/SWm S6b
Wx/SWx
Gx
SWo SWfCDR
D/Gr
One-time-password
Gx/Gy/Gz
IPSec to Device
GTP/PMIP/MIP
GTP/PMIP
RADIUS / http
Aptilo Wi-FiOffloadSolution
EAP-SIM/AKA
Policy & ChargingIntegration
Carrier-Class Wi-FiService Management
Service ManagementPlatformTM
SIM Authentication ServerTM
7
8/12/2019 Wi-Fi Offload HOW v2!03!13
20/25
20
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
DIRECTING SMARTPHONE WI-FI TRAFFIC TO THE MOBILE CORE EDGE (DPI)Instead of directing the trafc from EAP-SIM-enabled devices and other services indiscriminately
to the local Internet using local WLAN breakout the MNO can retain a rst degree of control over
smartphone trafc inside the 3GPP core by routing trafc to the edge of the core, i.e. to a DPI
(Deep Packet Inspection) node.
This scheme allows for non-SIM trafc to travel the usual route via local WLAN breakout while the
DPI node takes care of policy enforcement for SIM-based trafc. As most MNOs use DPI nodes to
control trafc this option may be attractive to many. There are multiple MNO benets of using
this approach in for example a second phase of seamless Wi-Fi integration:
Non-SIM devices can be served for additional revenue but their trafc is routed outside
the mobile core for security and backhaul transmission efciency. The access gateway or
Aptilo Access Controller directs non-SIM trafc to the local Internet based on policiescongured in the Wi-Fi service management platform.
SIM-enabled smartphone trafc is routed back to an existing DPI platform at the mobile
core edge. The DPI node extracts policy information from the Wi-Fi service management
systems PCRF-function and enforces service policies (acting as a 3GPP PCEF) on smartphone
Wi-Fi trafc before routing the trafc to the Internet.
DPI nodes function independently of their associated network and can also be used as a
seamless Wi-Fi trafc policy control mechanism outside of the mobile network core. This
gives MNOs more options for optimizing trafc ows and minimizing transmission costs.
BEST OF BOTH WORLDS:TRUSTED ACCESS USING YOUR WI-FI ACCESS GW AS A VIRTUAL SGSN / S-GW
GGSN
P-GW
WAG
TWAG Internet
Wi-Fi
Tunnel
GTP/MIP/PMIPAP
In 2G and 3G mobile broadband the radio access network connects to an SGSN network node
before entering the mobile core GGSN. A Wi-Fi network can emulate this architecture by making
Wi-Fi an integrated sub-network of the mobile core. As in the case above non-SIM Wi-Fi trafc
breaks out locally, while the EAP-SIM-authenticated Wi-Fi trafc is tunneled (with GTP or PMIP) tothe MNOs GGSN using a Wireless Access Gateway (WAG) emulating an SGSN.
MNOs may be attracted to this option because it uses 3GPP specications for interworking with
Wi-Fi including in the Aptilo case a 3GPP-compliant AAA platform as a part of the service
management platform or as a stand-alone server. This method also uses policy control functions
(PCEF) already congured in the mobile core so that ideally less system integration is required.
This option also supports all well-known management functions for general Wi-Fi services
including open SSID for non-SIM-based Wi-Fi users for example with Web-based login. In many
ways this solution represents a best of both worlds approach to combined Wi-Fi & 3G services.
8/12/2019 Wi-Fi Offload HOW v2!03!13
21/25
8/12/2019 Wi-Fi Offload HOW v2!03!13
22/25
22
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
PHASE 3: INTELLIGENT NETWORK SELECTION & SERVICETRANSPARENCYThe target for the third phase of seamless Wi-Fi is full service continuity and device mobility across
Wi-Fi and 3G / LTE networks. This involves not only the mobile and Wi-Fi network cores but also
their interaction with the mobile device. As a result the 3GPP has dened a number of standards
that are expected to enable intelligent ofoading through interaction between the network and
the device. Some of the functionalities below are expected to become commercially available
during 2013-2015, but it will take some time before they are widely deployed.
ANDSF: INTELLIGENT NETWORK SELECTION ACROSS 3GPP AND WI-FITodays device operating systems (such as iOS and Android) automatically prefer Wi-Fi services to
mobile broadband for example via EAP-SIM authentication. Applications on mobile devices use
data buffering to preserve a form of mobility and are often robust in assigning new IP addresses
and continuing to run. In this way the experience of seamlessness is to some degree preserved.
But application-based switching of this kind is not ideal for MNOs wanting to control trafc ows.
If MNOs are to benet fully from Wi-Fi ofoad, network selection needs to be controlled
intelligently. ANDSF Access Network Discovery and Selection Function dened in 3GPP
Releases 8, 10 and 12 allows devices to know when, where and how to select a suitable Wi-Fi
network connection.
In practice ANDSF relies on interaction between the PCRF (policy control) server in the 3G /
LTE core and an ANDSF client in the device. The further development of the ANDSF standard
will mean that policies can for example allow the device to select a specic Wi-Fi network for
preferred access based on time-of-day, location, subscriber type, application, and device type.
Network selection based on radio network quality and backhaul bandwidth availability is left up to
individual device vendors to implement, i.e. they are beyond the scope of the 3GPP specications
today. But they are still very much needed. Some vendors report that they already offer such
solutions based on device measurements, although it remains to be seen if this will become part
of a future ANDSF framework.
3GPP INITIATIVES TOWARDS A TRUE HETEROGENOUS RADIO NETWORKA number of other 3GPP-dened functions are expected to further enhance the seamless Wi-
Fi user experience as well as network efciency: DSMIP (Dual Stack Mobile IP of 3GPP Release
8) preserves the IP address of the device when the network changes so that applications can
continue to run without executing their own switching routines, while IP Flow Mobility (3GPP
Release 10) allows IP trafc ows to split between Wi-Fi and 3GPP networks based on for example
application-specic criteria.
8
8/12/2019 Wi-Fi Offload HOW v2!03!13
23/25
23
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
A BUSINESS-CRITICAL FUNCTION: SERVICE MANAGEMENTPLATFORM FLEXIBILITYRegardless of the chosen build strategy and combination of business models, MNOs offering
Wi-Fi services will be required to manage and operate a number of service types across multiple
core networks enforcing multiple policy controls while using multiple means of authentication.
At the same time exible service management platforms need to interact with billing and other
support systems.
This complexity requires an approach that advances well beyond the methods and functionality
dened in the 3GPP standards for interworking. In addition to the 3GPP standards which are
fully supported by Aptilo MNOs with carrier-class Wi-Fi services will need service platforms that
support the multi-dimensional business models and service scenarios of this new reality.
9
Small Cell Wi-Fi
Public Wi-Fi
Office Wi-Fi
Home Wi-Fi
Partner NetworkRoaming
Wi-FiGateway
LocalBreak-out
EAP-SIM/AKA
3GPP Wi-Fi Access
non-SIM
AccessPoint
Backhaul to mobile core through tunnels
Wi-Fi UserExperience
OSS / BSSIntegration
Wi-Fi ServiceControl
Mobile CoreIntegration
Policy&
Charging
8/12/2019 Wi-Fi Offload HOW v2!03!13
24/25
24
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
THE APTILO SERVICEGLUETM
CONCEPTTo meet any service logic requirement Aptilo has developed the Aptilo ServiceGlueTMfunctionality
as an integral part of the Aptilo Service Management Platform. This is a logical framework for
linking the Wi-Fi, 3G, and LTE access and gateway network on one side to any Mobile Core and
OSS / BSS functions and databases on the other side. The Aptilo ServiceGlue can be congured to
deliver the precise service logic required by individual MNOs or WISPS across multiple networks.
Lookups ¶metermapping
Configurable Functions
Aptilo ServiceGlue
SOSS
BSSBSS
SOAP/XMLLDAPRADIUSDiameter
IDI
Diameter, RADIUS, BGP Diameter, RADIUS
ActionAction
RequestRequest
ActionAction
ActionAction
RequestRequest
RequestRequestActionAction
oLookup
oLookup
Action/PostAction/Post
LoLookup
100
101 102
103 104
PCRF
HLR/HSS
Gateway
105
Aptilo ServiceGlue offers exibility of service control beyond the capabilities of any ready-made
service management platforms and it is especially valuable in the case of Wi-Fi ofoad: MNOs can
look up policies from several mobile core sources and map these to corresponding functions in
the Wi-Fi core network including vendor specic attributes (VSA).
CLOUD-BASED EAP-SIM AUTHENTICATION AND SERVICE MANAGEMENTCloud-based or hosted service management solutions may be an attractive option for MNOs on
the fast track to Wi-Fi ofoad or for quick seamless Wi-Fi proof-of-concept testing. Some MNOs
may even prefer to outsource operations indenitely to obtain a better operational efciency.
The cloud-based alternative can be particularly attractive for MNOs that are not building their
own Wi-Fi footprint.
To this end Aptilo offers a fully managed cloud-based service, operating the Aptilo Service
Management Platform from one of Aptilos Network Operation Centers (NOC) or from the MNOs
NOC. The service ensures a very high availability and all the features and functionality of the
Service Management Platform including EAP-SIM seamless authentication. Many conguration
options are possible including remote or local access controllers for local WLAN breakout as well
as interfacing to third-party access gateways.
8/12/2019 Wi-Fi Offload HOW v2!03!13
25/25