Académique Documents
Professionnel Documents
Culture Documents
Srini Irigi
Solution Architect, Cisco Systems
February 25, 2013
Cisco Confidential
Cisco Confidential
Cisco Confidential
Growth in
Mobile Data:
26x over 5
years
Easy
Connec+vity
Seamless
Authen+ca+on
Session
con+nuity
Applica+on
transparency
180% increase in
signalling traffic
due to
smartphones
Lack of spectrum
and inability to
rapidly increase
# cell sites
Economics of
indoor offload and
small cell systems
A shift from
outdoor
consumption to
indoor
Deployment
Complexity
Consistent
User-
experience
Cisco Confidential
Cisco Confidential
Spectrum
(5MHz vs 10,20 MHz)
Multiple carriers
Efficiency
Footprint
(Bits/Hz,
backhaul BW)
3G to HSPA to
LTE
(#cells/m )
Small Cells
Macro
Cisco Confidential
New Revenues
Are customers willing to pay fixed fees to
get access to the public Wi-Fi network
everywhere?
How operators offer their Wi-Fi service to
non-customers as well as to customers not
eligible for free access?
Are there new services to be provided,
which can generate new revenues?
2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
WiFi
Example: iPhone
DETECT
CONNECT
ENGAGE
GUEST PRESENCE
GUEST ACCESS
GUEST EXPERIENCE
Mobile device
detection, registration
Seamless, secure
Wi-Fi onboarding
Location-based
content and services
10
HOSPITALITY
Connected Consumers
Connected Guests
TRANSPORTATION
Connected Travelers
Special promotions
11
Ubiquitous Access
Automatic service
advertisement
Automatic network
selection
Roaming
Inter-access mobility
Common Authentication
SIM credentials
Non-SIM credentials
Single AAA
infrastructure
Seamless Services
Unified Control
Monetization
opportunities
Consistent services
QoS
Session persistence
Quota management
Wholesale/Roaming
One Subscriber
Billing
12
12
Metro / Mesh
13
13
Key Requirements
Carrier Grade
Radio Performance
Mobility
Roaming
Standards Compliant
Integration
2012 Cisco and/or its affiliates. All rights reserved.
14
14
Cisco Confidential
15
HLR
MNO
Networks
AP1140/1260/3500/36
00
(auto/HREAP)
Gy
Separate Cores
Hotspot Core vs.
MPC
Indoor
Hotspot
AP1550
(Unified)
EAP-SIM
Authentication
Diameter vs. Radius
Policy
IP in the access will
persist: control and
data planes
PCRF
Gx
CGF
Ga
WLC cluster
Flex7500 (HREAP)
5508,6500/WiSM-2
GGSN/
PGW
Internet
Metro WiFi
AP1140/1260/3500
(auto/HREAP)
SMB Managed
AP
Stadium / Large
Venue
2012 Cisco and/or its affiliates. All rights reserved.
OCS
AP3500/3600/3500p
6500/WiSM-2
or 5508 WLC
DHCP
WiFi/Hotspot
Networks
AAA
Portal
Mobile
BNG
WiFi Access Provider
Policy
16
16
Home
Network
AAA
Virtual
Cloud
3G/4G
Mobile Packet
Core
PMIPv6
Internet
Internet
Wireless
Controllers
MPC
SUM
PCR
Portal
AAA
Subscriber management
RADIUS authentication
Web portal
Network policy control
SS7
AAA
NMS
CAPWAP
AUC
Mobile Operator
3G/4G Core
Cloud Components
Customers
Wi-Fi APs
HLR
ISG
DHCP
Session management
Layer 4 redirection
Transparent auto logon
Intelligent
Services
Gateway
NAT,
Firewall
Usage statistics
Policy enforcement
17
17
AP
WLC/
MAG
L2
802.1Q
AP
IPSe
c
802.1Q
AP
Access
GTP
GTP
P-GW
Or GGSN
L3
L3
WAG
Internet
IPSec
UE
2012 Cisco and/or its affiliates. All rights reserved.
WLC
GTP
L3
LMA
MAG
AP
Subscriber
Policy Enforcement
L3
PMIPv6
Subscriber
Policy Enforcement
L3
PMIPv6
LMA
AP/
MAG
IPSG
WLC
Aggregation
Core
18
18
OCS
PCRF
CGF
AP
Portal
DHCP
AAA
WLC
WLC
Roaming
Partner
Core
AP
Hotspot
PGW/LMA
AP
GTP
Aggregation
Switch
AP
Optional
NAT
Public/Large
Venue
Roaming
Partner
Core
Gn
WAG
Internet Services
GGSN
Retailer
Providers
Home
Network
Core
AP/CPE
Internet Services
Internet Services
Wholesale Provider
Community
WiFi
2012 Cisco and/or its affiliates. All rights reserved.
19
19
Cisco Confidential
20
SUM
Subscriber management
Radius authentication
Web portals
Network Policy control
PCRF
Portal
AAA
NCS
MAP
AAA
AUC
HLR
SS7
ITP
QNS
Session management
L4 Redirection
Transparent Auto Logon
Usage stats
Policy enforcement
WLAN Policy
RF management
Roaming
CAPWAP
Internet
Internet
CAPWAP
CAPWAP
ITP
FWSM
WLAN
QNS
SUM
NCS
2012 Cisco and/or its affiliates. All rights reserved.
WLAN
Controller
DHCP
ISG
NAT
FWSM
Internet
Mobile Packet
Core
DMZ / 3rd
Party
DPI/NAT/FW Services
Policy
Portal Infra
Aggregation Layer
LI Service
NMS
DHCP
AAA
Billing
Tools
Simulators
Software
Development
Client Access
2012 Cisco and/or its affiliates. All rights reserved.
22
Data Center
Aicent
SynVerse
Internet / Intranet
PCRF
MPC
Portal Selec+on
NAT/FW
GGSN
(web login/1click)
AAA
DPI Infra
P-GW
LMA
IPSG
MAG
MAG
Charging
Online/Oine
NMS
EWAG
SecGW
ACE-Load Balancer
CNR(dhcp/dns)
BAC,NCS,MSE
SNMP,Syslogger
TFTP/NTP/VNC/WS
WLC
WLC
Simulators
ASR5K
IPSG/PGW
Free
Radius
Minid
-
PCRF
SGPRS
ACE-Load Balancer
WLC
AZR Infra
WLC
MAG
MAG
MAG
MAG
LI Infra
DOCSIS Infra
AP
AP
AP
AP
AP
RG
HS2.0
Tools
2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
23
Address
Allocation
Session
Management
Transport
Backhaul
Redundancy
Load balancing
AAA / RADIUS
DIAMETER
HLR / HSS
Integration / Roaming
Authentication point
EAP / Web Auth
Keep alive
Idle Timeout
Quota enforcement
Policy enforcement
Session differentiation
Session Initiation
CAPWAP
Fragmentation
PMIPv6 (MAG/ LMA)
L2TP (AZR) / GTP
Autonomous AP
MPC integration
HSRP/ GLBP
1:1 Redundancy
N:1 Redundancy
ACE based
Single SSID
Multiple SSID
Accounting
Billing & Policy
Web Portals
Mobility
When to redirect
L4 / HTTP 302
Who redirects
Redirection Portals
Web Authentication
Self service Portals
Whitelisting
Location based
Network
Management
Subscriber
Management
Security
Zero touch rollout
Legal Intercept
Parental Control
Analytics / planning
Asset tracking
Rogue APs
Provisioning
Pre-paid / Quotas
WiFi only users
Transparent logon
Service profiles
Self service portals
24
Considerations
When to assign?
Before authentication for Web-auth users
Post authentication for EAP / 802.1x
What to assign?
Location based address assignment with option 82
Subnet size?
Oversubscription ratio
Lease time
Broadcast domain size
25
25
Deployment considerations
Session creation (First Sign of Life - FSOL)
DHCP initiated (L2 connected)
Unclassified MAC (L2 Connected)
Unclassified IP (L3 routed)
Radius proxy (L3 routed)
RADIUS accounting start (L3 Routed)
Session termination options
Idle timeouts? Keep alives? How are you billing ?
DHCP lease expiry
Authentication timeout
26
26
Service considerations
Service Differentiation
Policy push
Service Control and Policy
DPI
Targeted Push Advertising
Intelligent, Location-aware
Branding
Free services
Open garden
Whitelisting
27
27
28
28
29
29
WLC
MAG
Local
Mobility
WiFi Mobility
3
LMA
WLC
Domain
Mobility
Internet
IPv6
Location
Mobility
WLC
6
Local
Mobility
MAG
7
WLC
802.11(x)
2012 Cisco and/or its affiliates. All rights reserved.
CAPWAP
L2
PMIPv6
30
Cisco Confidential
31
AP
UE
IPSec
WLC
.1Q
L3
L3/L3VPN
Internet
A
P
.1Q
A
Z
R
IPS
ec
Hotspot
Deployment
A
P
Internet
U
E
GTP
MAG
L3
Subscriber
Policy Enforcement
L3
.1Q
GTP
A
P
GTP
IPSG
5K
L3
L3
LMA
GTP
A
P
W
L PMIPv6
C/
M
A
G
PMIP
v6
L2
Subscriber
GTP
GTP MAG
ISG
1K
A
P
Subscriber
Policy Enforcement
A
P
UE
Metro-WiFi
Deployment
L3
MAG
GTP
GTP
L3
ISG
1K
WLC
/
MAG
PMIPv6
IPSe
c
A
P
A
P
L3
IPSec
L2
WLC/
MAG
Subscriber
Policy Enforcement
LMA
PMIPv6
L3
LMA
PMIPv6
PMIPv6
AP/
MAG
Policy
A
P
Enforcement
L3
LMA
PMIPv6
Subscriber
Policy Enforcement
L3
AP/
MA
G
IPSec
PMIPv
6
A
P
Subscriber
Policy Enforcement
LMA
PMIPv6
A
P
W
L
C
WLC
GTP
A
P/
M
A
G
W
L
C
L3
WLC
L3
Internet
IPSec
MPC Integration
Cisco Confidential
32
Market Segments
Metro-WiFi Deployment
(Layer2)
Open Authentication
Web Authentication (Web-Login)
Web Authentication (One-Click)
Voucher-based Authentication
Pre-paid (Time/Quota)
EAP-PEAP
EAP-SIM
Hotspot 2.0
Open Transparent Auto Logon (TAL) (MAC-based)
HotSpot Deployment
(Layer3)
MPC Integration
Deployment
33
Why is it needed?
Web portal based access continues to be demanded by MNOs and WiFi Access providers
Many mobile devices do not have SIM cards or SIM-based clients apps
WiFi iPAD and iPod touch are two major examples
Will every WiFi connected device get a SIM? When?
BYOD will be a major use case for WiFi access going forward
Exploit visiting non-subscribers a good churn opportunity for you
Need a portal login and splash page to offer your service
34
34
AP
AAA
WLC
DHCP
ISG
Portal
Internet
Association (1)
Association (2)
DHCP Discover (3)
Unauthenticated
Session
User Profile
cached
DNS Query (8)
Authenticated
Session
35
35
STP
CiscoAR
AAA
Radius.Req
Radius.Accept
Radius.Req
Radius.Accept
AP
MAP
MAP
WLC
User Record
Cached
802.1X
HLR
ITP
802.1X
EAP Negotiation
Policy &
Charging
ASR5K
IPSG
L3 IP
PoA
Gx/Gy: CCR
DHCP Relay
Gx/Gy: CCA
Proxy adds
User Info
IP Traffic
Radius.Acc. Req.
Radius.Acc. Resp
Build
State for
User
Internet
36
36
STP
CiscoAR
AAA
Radius.Req
Radius.Accept
Radius.Req
Radius.Accept
AP
MAP
MAP
WLC
User Record
Cached
802.1X
HLR
ITP
802.1X
EAP Negotiation
L3 IP
PoA
ASR5K
EWAG
GGSN
GTP: CPC
DHCP Relay
Proxy adds
User Info
Radius.Acc Req
Radius.Acc Res
Build
NAT for
User
IP1:IP2
IP Traffic
GTP
Internet
37
37
STP
CiscoAR
AAA
MAP
MAP
WLC
802.1X
EAP Negotiation
User Record
Cached
802.1X
HLR
Radius.Req
Radius.Accep
Radius.Req
Radius.Accep
AP
ITP
ASR5K
PGW / LMA
ASR1K
MAG
Policy &
Charging
DHCP Relay
PMIPv6 Trigger
Radius.Req
Radius.Accep
User Authorized
LMA/NAI
Downloaded
PBU
Gx/Gy: CCR
Gx/Gy: CCA
Binding on
LMA for
Client
PBA: IP1
DHCP Offer (IP Address IP1, Mask, GW, DNS)
DHCP Request / Ack IP1
Internet
IP Traffic
PMIPv6
38
38
VLAN based
Library
Web Portal
(Library)
VLAN 10
VLAN 20
ISG
WLC
SSID:XYZ
Web Portal
(Stadium)
VLAN 30
VLAN 40
Stadium
AP-Groups
(500)
VLAN-Groups
(512)
Portals
39
39
5
3
Associates to WiFi SSID
Gets an IP address
1
ACCT
Server
WLC
Sends ACCT
start that includes
Client IP/MAC and
AP-NAME
DHCP
Server
ISG
Subscriber redirected
to web portal
WEB
Portal
C-76
Internet
40
Cisco Confidential
41
Downstream
Total attendance:
Unique Associations:
Simultaneous access:
Peak: 75
68,658
12,946 (19%)
8,260 (12%)
Mbps
Total: 225.3 GB
Upstream
Peak: 42
2012 Cisco and/or its affiliates. All rights reserved.
Mbps
Total: 144.6 GB
42
3G
Business Intelligence
Local Services
Download Fernbank App
Hi, I am Jack.
You are now in Jessica!
the GreatYou
Room.
Congratulations
Hear
IllPuzzle
bethat
yourRoar?
tour guideare
IMAX Schedule
See
how
the
Giganotosaurus
nowDOWNLOAD
a
50%
COMPLETE
today.
lived millions of
Junior
Exhibits Paleontologist!
years ago!
JESSICA_
Which
animal
lived in the mighty
About
RedFernbank
Oak? Museum
Here are some
Maps
recommendations
from our
A.
Gift
Shop!
Facilities
Seamless
Handoff from 3G/4G to Wi-Fi
Context-Based
Promotions
Network
Services
Discoverybased
on theon
Turn
by Turn
navigation
Information
Using
AT&T
WISPr
Client or HotSpot 2.0
Personalized
Application
Local
Services
Downloaded
Application
Tour
Discovery
Guide
Device
based on
Visitor
Location
Location
Analytics
Social Networking
B.
Get 10% OFF
with
your
QR
Code
View Note Card
C.
Continue
ShareFollow
Please
Results
Route to find NatureQuest
ROAR
2012 Cisco and/or its affiliates. All rights reserved.
43
Location Intelligence
Path Analysis
Time of Day
Dwell Times
44
Security Personnel
Check-In Personnel
Customs Personnel
Traffic Flow
Advertising Placement
45
46
Cablevision Setup
Scales for device
Animation effects
Average serve rate of 1-3 impressions per day per surfing device.
weekends.
Supports transparency
47
Project Details
Worlds largest leading in-flight Service Operating on
48
Cisco Confidential
49
SP WiFi access is a business reality today for MNOs and Hotspot providers alike
Mobile Packet Core integration is a multifaceted problem
attention needed to multiple factors
WiFi access and aggregation uses IP control plane mechanisms.
WiFi Access Gateways need proper interworking support
Wholesale access and roaming is a key consideration
WiFi Access Gateway need to support multiple roaming partners; 3G, 4G core interfaces
Rich service management needed for subscriber differentiation and monetization
There is no single solution for all access types, but all types of access should be supported
Cisco Confidential
50
50
Thank you.