Blog posts – Carrier Wi-Fi

World’s First Complete Carrier Wi-Fi Service Management SaaS

Why CPSs Need Cloud SaaS Service Management to Ensure Success in Enterprise Wi-Fi

/in /by
By: Jonas Lagerquist, Director Product Management at Enea

Nearly 18 billion Wi-Fi devices will be in use in 2022, with another 4.4 billion shipping over the course of the year, according to the Wi-Fi Alliance. The enormous installed base highlights why mobile operators, telcos, and other communications service providers (CSPs) need to double down on their support for Wi-Fi — and fast.

But that’s easier said than done. For starters, Wi-Fi technology is continually evolving to meet the needs of consumers and businesses, such as with Passpoint and OpenRoaming to simplify authenticating and connecting. Meanwhile, the marketplace is rapidly growing and diversifying as enterprises, smart cities, and other organizations increasingly use Wi-Fi for their IoT applications.

CSPs struggle to keep up with these new technologies and market opportunities. Often it’s because they’re saddled with a homegrown or legacy Wi-Fi service management system that’s incapable of changing with the times. For example, those systems may not support key processes such as SIM authentication and serving as a 3GPP AAA for Wi-Fi Calling. They may also be unable to support ad-hoc onboarding of Passpoint profiles or enable participation in the OpenRoaming consortium. As a result, those CSPs miss out on the revenue and market-differentiation opportunities that those processes enable.

SaaS Lowers Barriers to New Services and Market Opportunities

Enea Aptilo Wi-Fi SMP enriching existing legacy or home grown Wi-Fi service management systems

To help service providers overcome those and other challenges, Enea recently launched the Aptilo Wi-Fi Service Management Platform as a Service (SMP-S). It’s the industry’s first comprehensive software-as-a-service (SaaS) solution for launching and monetizing Wi-Fi services.

Hosted as a dedicated instance per customer at Amazon Web Services (AWS), SMP-S gives each CSP a self-contained, secure service that also can be deployed as a hybrid service to enhance their existing Wi-Fi service management software. This design provides a fast, cost-effective way to modernize their back-end because they simply add the functionality they need from SMP-S in the cloud on top of their existing infrastructure.

For years, over 100 CSPs worldwide have deployed Aptilo SMP Wi-Fi software on-premise to support service delivery, security, administration, monitoring, and other key processes. With SMP-S, they now can have all of those capabilities provided as a cloud-based service.

For example, SMP-S includes multi-tenancy business-to-business (B2B) support, which enables CSPs to sell managed Wi-Fi services to owners of venues such as malls, stadiums, airports, and multi-tenant office campuses. Those enterprise customers can choose from various login methods to onboard guests to their Wi-Fi service, including social media accounts, Office 365, surveys, and online payments.

SMP-S also provides CSPs with the tools that enable their enterprise customers to monetize Wi-Fi, such as with GDPR-compliant targeted advertising via banner ads, SMS, or email. The Enea Aptilo Venue Wi-Fi Manager (VWM) included with SMP-S lets CSPs manage their multi-tenant B2B guest Wi-Fi services and provide their business customers with tools for analytics, captive portals, and Wi-Fi marketing and end-user privacy.

Predictability, Scalability, and Security

As a service rather than on-premise software, SMP-S also frees CSPs to focus on their core business. For example, Enea staff manage the operation of the SMP platform — including a 24/7/365 SLA.

Financial predictability is another key benefit. CSPs know up front what to expect from each monthly invoice — no surprise costs. The pay-as-you-grow model also lets CSPs expand their Wi-Fi service footprint and add functions that complement their existing solution instead of doing a forklift upgrade.

Finally, SMP-S also allows CSPs to provide another layer of secure Wi-Fi SSID (802.1x) at every access point and then combine that with mobile core integration and SIM authentication. This enables CSPs to offload subscribers securely and seamlessly to Wi-Fi and boost indoor coverage while freeing up much-needed additional capacity.

Analysts are already lauding SMP-S as an industry-first solution. One example is Sue Rudd, Strategy Analytics Director of Networks and Service Platforms, who says: “Wi-Fi service management ‘in the cloud’ should immediately accelerate CSPs’ ability to launch new functionality and add services alongside existing systems to secure new revenues. Enea’s Wi-Fi service management offers multitenant B2B customer self-management while ensuring the correct handling of consent and use of personal data. These capabilities now make it far easier to monetize Wi-Fi and create valuable experiences for subscribers. Carrier Wi-Fi SaaS is a game-changer for CSPs and their business customers.”

To learn more about SMP-S, visit https://www.aptilo.com/cloud/enea-aptilo-wifi-smp-as-a-service.

Wi-Fi monetization

Operator Wi-Fi Monetization Strategies

/in /by

This is an excerpt from our white paper Wi-Fi in the 5G Era – Strategy Guide for Operators. The full white paper is available here if you like what you read. Don’t hesitate to contact us if you have any questions.

Download White Paper

Based on twenty years of Wi-Fi industry evolution, carrier Wi-Fi monetization strategies are both well-known and evolving continuously to match B2B and B2C needs.

In our previous blog posts, we have addressed how operators can monetize indirectly by making the most of their Wi-Fi assets and integrating Wi-Fi with their cellular 4G and 5G networks.

This blog post will dwell on how service providers can monetize Wi-Fi directly through B2B and home Wi-Fi services.

Enea, through the Aptilo Product Line, has been actively participating in this service evolution process from the start.

So how do you monetize Wi-Fi? The question has loomed large for years, particularly since, from a consumer point of view, Wi-Fi is typically offered as a free amenity. This does, however, not mean that service providers cannot monetize Wi-Fi services. Apple founder Steve Jobs once elegantly pointed out that “if you’re not paying for the product, you are the product.” And this is indeed true specifically for Wi-Fi.

The service provider will receive significant revenues from venues that want to provide carrier-grade Wi-Fi to guests or workers to stay competitive and relevant. Users receive the free service in return for their engagement with the brand and as a result of surrendering some personal details. The service providers may even agree to subsidize the B2B Wi-Fi service at particularly attractive venues to secure a valuable indoor Wi-Fi footprint for their subscribers’ use.

For years operator-managed Wi-Fi has been a specialized but growing telecom market segment. Most Wi-Fi monetization strategies and methods are not new. Still, in the coming years, we expect them to grow in value and importance as they are boosted, particularly by the mass-market arrival of new Wi-Fi technology.

This strategy is driven by the continuous increase in demand for quality Wi-Fi services by businesses everywhere. Hardly a public or private venue exists without the need for Wi-Fi. So business customers can now benefit by offering their visitors and staff top-quality carrier-grade Wi-Fi delivered by expert service providers.

OPERATOR MANAGED B2B GUEST WI-FI

B2B-Guest-WiFi-operated-by-service-provider

B2B Wi-Fi offers not only a significant revenue stream but also a needed service ‘stickiness’ that keeps businesses and consumers coming back. Enea believes B2B Wi-Fi is a business-critical contribution to an all-encompassing 5G strategy, including high-speed, low-latency indoor services delivered over Wi-Fi.

Businesses want to provide an easy-to-use, high-quality Wi-Fi service for their visitors. In many cases, venue owners see value in using Wi-Fi to engage with their guests and clients, for example, by asking clients to complete a short survey, create and verify accounts, or presenting them with Internet access sponsorship options, coupon offers, and so on.

In some cases, venues will still request payment for Wi-Fi services, often according to a ‘freemium’-type business model. In other instances, venues may accept guests accessing their network via Passpoint-based auto-connect Wi-Fi either for free or via a paid settlement agreement between operators.

It is a well-established fact that venue owners benefit from collecting and analyzing Wi-Fi data. They can use the data for targeted marketing of products and services. Care must be exercised to act only in accordance with GDPR or other relevant privacy regulations.

When operators provide such sophisticated Wi-Fi-based tools to businesses, they are typically also engaging their clients at the decision-making level, which is conducive to building stronger, higher-value, and more fruitful client relationships.

Operator-B2B-a-win-times-five

B2B Wi-Fi is a win x 5. The service provider’s B2B department gets a profitable service, business customers get analytics and a tool to engage their visitors, and visitors get a carrier class Wi-Fi service. If an additional SSID or Passpoint service is implemented for the operator’s subscribers, then the consumer department will receive the benefits of reduced churn and network operations will get much needed indoor coverage.

All of these things are not easy for business owners to accomplish on their own. In most cases, they are best provided by experts – meaning operators.

Suppose operator B2B Wi-Fi doubles as a service offered to consumers. In that case, both operators and consumers will benefit from the high-capacity deep indoor wireless coverage – provided that the Wi-Fi networks are built on Wi-Fi 6 and follow carrier-grade quality standards. The same applies to any businesses relying on indoor coverage.

Last but not least: Mobile operators can, in some cases, leverage the strong demand for Wi-Fi from businesses to introduce small cells or DAS systems into indoor locations owned by such businesses. In some instances, venue owners may more readily accept such installations when also provided with the quality Wi-Fi that their businesses and their guests need. In this way, the operator’s B2B Wi-Fi services can also become an indirect means of achieving better indoor cellular coverage.

OPERATOR HOME WI-FI

Residential Wi-Fi delivered by ISPs is right now one of the most significant growth opportunities not just in Wi-Fi but within all of the tech world. A big driver is the need for much better home connectivity to accommodate an avalanche of devices. More and more individuals are transforming their homes into work-from-home offices.

Most ISP-delivered home Wi-Fi services are today managed with simple WPA2 or WPA3 passkey access. However, in more sophisticated cases, smart home services are delivered to Wi-Fi devices at the endpoints. For example, a smart home Wi-Fi configuration app can provision not only Internet connectivity but many other services, such as parental controls, security monitoring, motion detection, and more.

In a few relatively new use cases, the classic world of residential Wi-Fi (as provided by ISPs) and public Wi-Fi (such as managed services enabled by Passpoint or SIM-based authentication) are to some extent merging.

These include, for example, Wi-Fi services offered at MDU (Multi-Dwelling Unit) housing complexes such as senior living facilities, long-stay resorts and condominiums, college campuses, and more.

Wi-Fi services for MDUs – because they are often deployed to cover a wide area similar to classic campus Wi-Fi – often require carrier-grade authentication and service management so guests and residents can enjoy high-quality, secure, and reliable Wi-Fi services anywhere on the property and on any connected device they choose.

We believe the service provider industry in the coming years will see new products or even new companies emerge to serve many such specialized MDU (or new emerging enterprise) segments. Many such new business opportunities will be driven by the hugely improved and more sophisticated Wi-Fi technology and services based on Wi-Fi 6 and Wi-Fi 6E.

 

 

 

World’s First Complete Carrier Wi-Fi Service Management SaaS

World’s First Complete Carrier Wi-Fi Service Management SaaS

/in /by

Today we launch the Enea Aptilo Wi-Fi Service Management Platform as a Service (SMP-S). This is the industry’s first complete Software-as-a-Service (SaaS) solution for Communication Service Providers (CSPs) to launch and monetize Wi-Fi services.

It is delivered as a dedicated instance per customer at Amazon Web Services (AWS). This enables service providers to have a self-contained secure service with the same flexibility to tailor-make functions as the Aptilo SMP Wi-Fi software provides for on-premise deployment. It is simply a fully-fledged Aptilo SMP delivered as a service rather than software.

Service providers with a homegrown or legacy Wi-Fi service management system can modernize their back-end by adding the functionality they need from Aptilo SMP-S in the cloud on top of what they already have.

SMP-S Page Press release
3GPP-Access Traffic Steering, Switching, and Splitting

ATSSS the Future of Wi-Fi and Cellular Convergence

/in /by

This is an excerpt from our white paper Wi-Fi in the 5G Era – Strategy Guide for Operators. The full white paper is available here if you like what you read. Don’t hesitate to contact us if you have any questions.

Download White Paper

The new Access Traffic Steering, Switching, and Splitting (ATSSS) function is the ‘Holy Grail’ of mobile data offloading, but its complexity and reliance on device support means it will likely take years to come to market.

5G introduces new network architectural concepts for Wi-Fi integration with the mobile core (non-3GPP access). In our previous two blog posts, we explored the opportunities for mobile operators today and what is new within 5G. This blog post will cover the new Access Traffic Steering, Switching & Splitting (ATSSS) function, the ‘Holy Grail’ of mobile data offloading.

ATSSS WILL PROVIDE SMARTER CONNECTIVITY

Will new and better technology and standards for automatic network selection and intelligent convergence between mobile and Wi-Fi services be developed for the mass market of the future? The short answer is probably yes. We will address one of them here, namely the newly released Access Traffic Steering, Switching & Splitting (ATSSS) introduced in 3GPP release 16.

But the answer is also that such technologies – including Passpoint with SIM authentication – already exist for the most part. These may not be ideal but are still extensively field-proven and work well enough to have already been implemented by dozens of major carriers.

Operators actively choosing Wi-Fi offload as a strategy and who want more granular control often include so-called connectivity manager clients (apps or hidden clients) on the device. Such solutions can be pretty sophisticated depending on to what extent the app, and hence the operator, can access and control the communication layer in the device’s operating system.

The capability of such apps or hidden clients must at least include solutions to the following current imperfections in switching between Wi-Fi and mobile network access:

  • Avoiding unintentional ‘walk-by’ switchover to public Wi-Fi, which could produce a poor user experience or even intermittent loss of connectivity.
  • Policies and thresholds should automatically reject or accept handoff to Wi-Fi and back to cell sites if either is congested.

THE THREE “S” IN ATSSS

Wouldn’t it be a significant step up in performance and quality of experience if a phone natively could aggregate the data streams from Wi-Fi and cellular into one stream and perhaps even intelligently steer and switch traffic between the two?

We think yes – and fortunately, the 3GPP seems to think so as well since they have introduced ATSSS as part of the 3GPP Release 16 standard for 5G.

Steering

Choosing the best available network based on speed, cost, and latency.

ATSSS Switching Switching

Moving seamlessly between 5G and Wi-Fi networks.

ATSSS Splitting Splitting

Splitting the traffic over 5G and Wi-Fi, the split can be set by policies.

ATSSS control both Wi-Fi and Cellular from Mobile Core

ATSSS uses the so-called Multipath TCP (MPTCP) technology, described in our white paper, to allow IP data traffic to flow simultaneously over Wi-Fi and 5G networks. The results are higher data rates, improved overall quality, and even gapless handovers between Wi-Fi and 5G.

Since very few applications and web servers support MPTCP, the ATSSS specifies an MTCP Proxy implemented in the 5G core User Plane Function (UPF). It also defines an ATSSS low layer functionality (ATSSS-LL) to support other protocols such as UDP.

The introduction of ATSSS is excellent news for advanced Wi-Fi service management platforms such as Aptilo SMP, as it makes policy management so much more complex.

ATSSS STEERING MODES

These functions, the three “S”, translate to four ATSSS standard steering modes that need to be supported in the device and in the Mobile Core (UPF).

ATSSS Active-Standby Active-standby

One access network – cellular or Wi-Fi – is the active (default) access network. The traffic is routed over this access network until it becomes unavailable, in which case traffic switches over to the other access network. When the active access network is available again, the traffic is switched back.

ATSSS Smallest Delay Smallest Delay

Traffic is sent over the access network with the smallest delay. The Performance Measurement Function (PMF) determines the latency of each network connection. The underlying multipath protocol can also provide measurements.

ATSSS Load Balancing Load Balancing

This specifies a fixed percentage for the fraction of the traffic that should connect over the 3GPP network with the rest of the traffic sent on the non-3GPP network. This mode only applies to the quality of service (QoS) flows with a non-guaranteed bit rate (non-GBR).

ATSSS Priority-based Priority-based

Traffic is transmitted over a specified high-priority access network (Wi-Fi or cellular). If this access network becomes congested, the traffic overflows onto the other access network. If the high-priority access network becomes unavailable, traffic switches to the other access network (as in Active Standby). The determination of congestion is implementation-specific.

Another factor that adds to the complexity of policy management is the large number of stakeholders. Real-world deployment of ATSSS will need to cater to:

  • Service provider policies
  • Policies set by the user
  • Device vendor policies
  • App provider policies
  • Enterprise IT policies

We think that ATSSS is a very promising standard. It is, to some extent, the ‘Holy Grail’ of mobile data offload, and with ATSSS, operators may finally find a good reason for backhauling Wi-Fi traffic to the mobile core. However, no 3GPP standard for Wi-Fi integration will ever be implemented in practice unless the device vendors want it.

NO REASON TO WAIT FOR ATSSS

For ATSSS to reach the mass market, device support is crucial. An example of a related standard that never achieved any market penetration at all is 3GPP ANDSF, which was a useful concept but, in the end, was never implemented natively in any device.

It may take quite a few years more for ATSSS to come to market – or alternatively, proprietary forms of essentially the same function incorporated by Apple or others may, in the end, supersede the 3GPP’s attempts. The ATSSS concept has already been tested successfully by Korea Telecom using a proprietary solution.

In either case, there is a good likelihood that Wi-Fi and 5G data streams will find new ways of complementing each other – including using aggregation & gapless handovers – on the transport layer.

Meanwhile, all the benefits of known and field-proven systems for cellular and Wi-Fi convergent services remain available to any operator who wishes to apply vastly improved Wi-Fi technology as a part of their network strategy today. Passpoint and EAP-SIM-based solutions are readily available and can possibly be complemented with an app for more granular control. In other words: Even though a more systematic 3GPP-based approach to convergence may emerge in the coming years, there is no reason to wait. Excellent convergence solutions exist today.

 

5G Core Datacenter

Wi-Fi and Cellular Convergence – What’s New in 5G

/in /by

This is an excerpt from our white paper Wi-Fi in the 5G Era – Strategy Guide for Operators. The full white paper is available here if you like what you read. Don’t hesitate to contact us if you have any questions.

Download White Paper

Business and technical consolidation trends all point in the same direction: Mobile and fixed networks are coming together – for the benefit of everyone in the industry and consumers.

5G introduces new network architectural concepts for Wi-Fi integration with the mobile core (non-3GPP access). In our previous blog post, we explored the opportunities for mobile operators today and the basic concepts of trusted and untrusted Wi-Fi access. This post will dive into what is new within 5G, introduced in 3GPP releases 15 and 16. After this blog post, we will cover the new Access Traffic Steering, Switching & Splitting (ATSSS) function, the ‘Holy Grail’ of mobile data offloading. Spoiler alert; ATSSS complexity and reliance on device support mean it will likely take years to come to market.

TRUSTED AND UNTRUSTED WI-FI NETWORK INTEGRATION TO 5G CORE

Standardization and network technology history tell us that not all functions in a standard will be deployed in real networks. They will not be implemented by vendors and service providers unless there are sound commercial reasons.

The 3G and 4G versions of Wi-Fi data plane integration are excellent examples. Most mobile operators have focused on local break-out of Wi-Fi traffic from their secure Wi-Fi networks (802.1x).

With no operational rationale or commercial reasons to backhaul Wi-Fi traffic to the Mobile Core, operators have opted to use secure SIM-based authentication, sometimes combined with policy control from the Mobile Core. There is no reason to exert extra load on the Mobile Core when operators can apply all required policies for Wi-Fi locally.

Device manufacturers also control much of what is possible and implemented. It took almost ten years for device manufacturers to decide to implement the IPsec client needed for untrusted Wi-Fi access. In their view, it simply took that long for a good commercial reason to materialize. This reason came with Wi-Fi Calling, which was in their own and their customers’ best interest.

So, are operators likely to implement the 5G 3GPP standards for Wi-Fi access? We believe so, and there are a few reasons for that. But such implementations will take time. First – as already discussed in this paper – operators more than ever need to embrace Wi-Fi in the 5G era. Secondly, a new breed of carrier-grade Wi-Fi (Wi-Fi 6) is here. Thirdly, the new Access Traffic Steering, Switching & Splitting (ATSSS) 3GPPP standard will finally give operators a good reason to backhaul traffic to the Mobile Core. We will dive deeper into ATSSS in our next blog post.

It can be overwhelming and confusing with all these acronyms that come with new 3GPP releases. So for the benefit of those of you familiar with the acronyms for 3G and 4G, please refer to this ‘translation table. Note that these are just ‘functions’ and may be delivered as one combined solution, deployed as containerized functions, or the same virtual or physical gateway node.”

3GPP Acronyms 3G,4G,5G

Network Diagram for trusted and untrusted Wi-Fi access to 5G core

The simplified diagram shows Wi-Fi service integration with the new service-based 5G Core (5GC) introduced in 3GPP release 15 (untrusted) and 16 (trusted).

The first thing to observe is that this architecture is Radio network (RAN) agnostic since both the Cellular and Wi-Fi access use the same interfaces (N1-N3).

N1 Control Plane Interface

The N1 is a control plane interface between the device (UE) and the Access and Mobility Function (AMF). It is primarily used to transfer information about the connection, mobility, and session from the UE to the AMF.

This interface is used both for Cellular and Wi-Fi (for 5G Capable Devices), and it is physically transported the same way to the AMF as shown by the N2 interface.

N2 Control Plane Interface

The N2 is the control plane interface between the access network and the 5G Core. It is primarily used for connection management, UE context and Protocol Data Unit (PDU) session management, and UE mobility management.

N3 Data Plane Interface

The N3 is the data plane interface between the access network and the User Plane Function (UPF) in the 5G Core. The UPF is the packet gateway transporting data to the internet.

How It Is All Connected

For Cellular networks, the N2 and N3 interfaces connect the base station (gNB) with the AMF and UPF. For Wi-Fi, they use the non-3GPP interworking and gateway functions (N3IWF, TNGF, TWIF) to connect with the AMF and UPF.

5G introduces a new principle for non-3GPP access: Simultaneous connections via cellular and Wi-Fi are now possible by using multiple non-access stratum (NAS) connections over the N1 interface. This is a prerequisite for the new ATSSS standard and the same authentication procedures, EAP-AKA’ and 5G-AKA, are used for both Cellular and Wi-Fi.

New EAP Protocol and Unusual Use of IPsec

A new protocol, EAP-5G, has been introduced to support NAS messages over Wi-Fi networks. The IKEv2 and EAP-5G protocols are used to establish an IPsec tunnel for signaling during the registration procedure between the device and the interworking and gateway functions. The EAP-5G protocol is then used to encapsulate NAS messages over the IKEv2 protocol.

Another interesting new principle is the use of IPsec also for trusted Wi-Fi networks. Why would you want to use an IPsec connection – albeit with null encryption to avoid double encryption – in a secure Wi-Fi network? It turns out that implementations in devices and gateways with dual support for both trusted and untrusted access will probably be easier to implement in this case. Add to this the benefits of a fixed anchor point in the Mobile Core to facilitate mobility and ATSSS.

Let’s now examine the new functions for non-3GPP access. Again, please note that these functions are not the same as physical gateways. In practice, these functions could all reside in the same gateway. One vendor could also provide the control plane (N1-N2), while another supplies the data plane (N3).

Non-3GPP Interworking Function (N3IWF)

The Non-3GPP Interworking Function (N3IWF) is the IPsec tunnel terminating node for 5G, similar to the ePDG for integration with the 4G Core. It is located in the Mobile Core and communicates with the Access and Mobility Function (AMF) control plane over the N1 and N2 interface. For the data plane, it communicates with the User Plane Function (UPF) over the N3 interface.

Trusted Non-3GPP Gateway Function (TNGF)

The trusted non-3GPP Gateway Function (TNGF) is for 5G the equivalent to the Wireless Access Gateway (WAG) used for trusted access to the 4G Core. The TNGF is located in a trusted environment, often the Wi-Fi network, and communicates with the Access and Mobility Function (AMF) control plane over the N1 and N2 interface. For the data plane, it communicates with the User Plane Function (UPF) over the N3 interface. As discussed, the device and the TGNF are connected using an IPsec tunnel with null encryption.

Trusted WLAN Interworking Function (TWIF)

The trusted WLAN Interworking Function (TWIF) is a new 5G function for interoperability with legacy devices. This is to resolve the contingency that some devices may support 5G SIM authentication but do not support 5G NAS signaling over trusted Wi-Fi access. These devices lack the support for the EAP-5G and IKEv2 protocols. 3GPP refers to such devices as non-5G-Capable over WLAN (N5CW). The TWIF contains the NAS protocol stack and exchanges NAS messages with the AMF on behalf of these types of devices.

The TWIF is located in a trusted environment, often the Wi-Fi Network, and communicates with the Access and Mobility Function (AMF) control plane over the N1 and N2 interface. For the data plane, it communicates with the User Plane Function (UPF) over the N3 interface. Just as in the case of TNGF, the device connects with the TWIF using an IPsec tunnel with NULL encryption.