Service Provider WiFi and Small Cell Derick Linegar Technical Solutions Architect House Keeping Notes – Wednesday April 16, 2014 Thank you for attending Cisco Connect Toronto 2014, here are a few housekeeping notes to ensure we all enjoy the session today. Please ensure your cellphones are set on silent to ensure no one is disturbed during the session Please hold all questions until the end of these session to ensure all material is covered Let’s Have some fun: SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public 2 Service Provider WiFi and Small Cells Agenda SP-WiFi Solution Architecture Update Passpoint Certified WiFi Update Small Cell Overview Packet Core Integration options for SP-WiFi Practical Examples of SP-WiFi Integration Questions? SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public 3 SP-WiFi Solution Architecture Update Dealing with non uniform coverage Macrocell (3G/4G) QPSK QPSK 16QAM 16QAM 64QAM/ 64QAM/ MIMO MIMO Voice coverage with uniform bandwidth, but not always where people are Reduced data capacity edge of cell Sub-optimal delivery of high BW to POPs High CapEx/OpEx: $400K Poor spectral efficiency QPSK QPSK 16QAM 16QAM 64QAM/ 64QAM/ MIMO MIMO Wi-Fi/Femto/Pico Delivers targeted coverage and capacity Support high-capacity data Precision delivery of high BW to POPs Lower CapEx/OpEx Good spectral efficiency Macro cell SP WiFi & Small Cell Small cell Cisco and/or its affiliates. All rights reserved. High data users Cisco Public Cisco SP Wi-Fi Solution: Primer Access + Service and Policy + Packet Core Integration HLR Home Network AAA AU C Mobile Operator 3G/4G Core SIGTRAN/M3UA MAP NMS SS7 AAA MPC SUM PCRF Portal AAA Subscriber management RADIUS authentication Web Portal Network policy control Customer’s Wi-Fi APs PMIPv6 Internet Internet Wireless Controllers CAPWAP ISG/WAG DHCP Wireless LAN policy RF management Roaming SP WiFi & Small Cell 3G/4G Mobile Packet Core Session management Layer 4 redirection Transparent auto logon Cisco and/or its affiliates. All rights reserved. Intelligent Services Gateway NAT Firewall Usage statistics Policy enforcement Cisco Public 6 SP Wi-Fi Solution: Converged Architecture Metro Wi-Fi • • • • Cellular Data Alternative Metro Wi-Fi AP MSO/MNO Partnerships Portal DHCP AAA Walkby user management WLC WLC Architecture cadence across AP MSOs Access Network • Use cases: Policy HotspotCellular Integration – Web Authentication (Web-Login, One-Click) • 3G/4G Offload AP – Open Transparent Auto Logon (TAL) (MAC• GTP – 3G Integration GTP based) Aggregati Switch Hotspot /onSMB Gn’ • PMIP – 4G Integration AP Integration • • NGH (Roaming Partnerships) Small Cell Leading WAG Enablers • • Flexconnect Use cases:CP/DP split Optional • Location Analytics Public/Large NAT TAL methods • – Web-Authentication SMB/Hospitalityand vanity SSIDs• forResi/Comm Wi-Fi – PMIPv6 non-SIM based devices •Venue Location-based services AVC/DPI – EAP-SIM/AKA for SIM-based devices• • Use cases: • QoS – Per client/SSID/AP AP/CP – Open Web Auth and MAC TAL E – WISPr – Location-based Portals Wholesale – Passpoint Community WiFi SP WiFi & Small Cell • Use cases: – CMX – Wayfinding Provider – Whitelisting/Blacklisting MNO Home Network Policy HLR OCS PCRF Roaming Partner Core CGF Internet Services PGW/LMA Roaming Partner Core Internet Services GGSN Retailer Providers Home Network Core Internet Services – Parental Control Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Cisco SP Wi-Fi Solution Components Access + Service and Policy + Packet Core Integration Access Home Network AAA Core • • • • • HLR AU C • Client Scale 7K 64K Mobile Operator • AP scale 500 6000 3G/4G Core SS7 • PMIP MobileIPIntegration (MAG) Transfer PointMAP • New APs: indoors /outdoors AAA NMS • Client & AP SSO MPC SUM CP/DP split • Flexconnect 3G/4G Subscriber management PCRF Mobile Packet RADIUS authentication • vWLC Portal PMIPv6 Core Web Portal • 11ac and AAA 3G Plugin Network policy control • MAG on RG/OpenRGPolicy/AAA • BH SME/QNS NMS • QNS 5.3 QPS 6.0 • Appliance to Virtual • ASR 1K/5K & WLCInternet Integration • CPI 1.0 2.x Internet Wireless with QPS NAT ISG/WAG • New AP Support Intelligent Controllers Firewall • Scale, Performance & HA Services • Scale & Performance Gateway CAPWAP DHCP • CPAR use case support • Reporting & Mapping Session management Usage statistics enhancements Wireless LAN policy Layer 4 redirection Policy enforcement RF management • CPM & PPM ASR5K L2/L3 MAC 40K 2M ISG 32K 384K LBO+3G+4G iWAG ASR5K Packet Core: LMA, eWAG, DeWAG, SaMOG Scale & HA Customer’s Wi-Fi APs Roaming SP WiFi & Small Cell Transparent auto logon Cisco and/or its affiliates. All rights reserved. Cisco Public 8 3GPP Policy Architecture for WiFi: ANDSF HSS OCS AAA PCRF Gy Gx S6b ANDSF S14 HTTPS ePDG PGW 3GPP release 8 introduced ANDSF in LTE reference architecture to convey policies to the device ANDSF concepts can be also applied to UMTS architecture SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public ANDSF Network Control Points – Policy Control Store and Apply Policies 3 HSS S11 S1 eUTRAN Client PCRF AAA MME S6b S1u G x Client policy decision based on sub type, device type, network capability, APN types, cost, SLA, Security, Charging, etc 1 S5 LTE SGW Client 2 ANDSF Network Policy Instructions Gxc SGi Client SWm WLAN WiFi SWn PGW Operator IP Service Domain ePDG Client functions are extended to support dynamic policies hence providing network control point SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public ANDSF Solution Approach Off-load UMTS/LTE traffic to WiFi provided that user experience on WiFi will be equivalent to microcellular Device client is critical in solving the problem – Client enables managed WiFi offload where SP controls criteria and conditions for traffic offload – Access type – Access and network conditions – Location – APN – Device – Roaming status – Time – Data usage – Application – Subscriber status/service – TFT (5 tuple filters) The client can also expose info required to collect analytics Network needs to provide necessary triggers to enable these policies SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public ANDSF List of Usecases 1. 2. 3. 4. 5. 6. 7. 8. Standard ANDSF and S14 interface Initial policy download including filtering based on location New SSID list based on location change Connection fallback on poor access conditions Control of WiFi access for roamers WiFi access for over the quota prepaid users Selective traffic routing Analytics SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Client Technology Roadmap Device Platforms Policy Enforcemen t Application Enablement • Traffic Routing Network Attachment and Mobility Authentication Connection Management Framework UMTS SP WiFi & Small Cell CDMA Cisco and/or its affiliates. All rights reserved. LTE WiMax Cisco Public WiFi Ethernet Passpoint Certified WiFi Update Imagine a World… You Enter a Venue… …and get onto the Wi-Fi network as simply, seamlessly, and securely as cellular no SSID, no username, no password, no Web Auth, etc. a new customer can immediately sign-up online at the venue You are Automatically Notified of Special Services pre-installed apps automatically launch upon notification (or can download new apps as needed from a local server) You have Instant Access to cool venue specific services and content Indoor Maps, Product Finder, Call for Help, Product Reviews, Loyalty info, etc. This is the Promise of Hotspot 2.0 SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Sample Scenario Regular Client Can you tell me your network info… …before I associate? Hotspot 2.0 Client Manual Setup Automatic Setup 1. Power-on or unlock the phone 2. Select Wi-Fi network (vulnerable to rogue AP) 3. Go to WebAuth 4. Browse webpage and enter right credential, usually ID/PWD 5. Choose roaming plan 6. Start Internet 1. Power-on or unlock the phone 2. Handset automatically validates network and initiates connection Yes! Here it is! Realm Name = operator.com Auth Type = EAP-SIM • Makes Wi-Fi easy-to-use and secure (like cellular) • 802.11u enabled network is compatible with non-11u devices! SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Wi-Fi CERTIFIED PasspointTM Program Scope Discovery Provide network information (including operator network information) before association to allow optimized selection Registration Create new account (if needed) RELEASE 2 Provisioning Provision credentials and subscription policy on the device (if needed) RELEASE 2 RELEASE 1 Secure Access Leverage WPA2 Enterprise for authentication and encryption provide notification of session expiration, renewal RELEASE 1 Technical elements of certification 802.11u elements WPA2 Enterprise Operator Policy – Wi-Fi Alliance Specification Online Signup – Wi-Fi Alliance Specification SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public PasspointTM Releases Release 1: Network Selection and Security (Launched June 26, 2012) – WPA2-Enterprise with agreed credentials/EAP methods – AP and mobile certified for IEEE 802.11u GAS and ANQP interoperability – Mobile certified for network selection algorithm for roaming, applying user preferences and preferred association to Home SP’s hotspot – AP certified for implementing peer-to-peer traffic inspection and filtering (for user protection via firewall) including … Blocking of local peer-to-peer traffic attempting to traverse AP (TDLS, DLS and Wi-Fi Direct) IPv4 Proxy ARP and IPv6 Proxy Neighbor Discovery Release 2: Online Signup and Policy Provisioning (anticipated in 2014) – Mobile certified for enhanced network selection using operator policy – Mobile certified for operator policy provisioning providing preferred and blacklisted hotspots – Mobile certified for in-venue, secure online signup and credential provisioning User can get a subscription in any Hotspot when needed Username/password and certificate provisioning Supports provisioning credentials & policy for an existing subscription to a new / un-provisioned mobile device Release 3: (program requirements under development) SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public WFA PasspointTM Certified Information Elements Beacons - Broadcasted Interworking Info. Venue Group, Venue Type HESSID Access Network Type Internet Service WebAuth Required Advertisement Protocol Info ANQP Roaming Consortium Info OIs Info BSS Load Element Other Network Features 802.11v BSS Transition Proxy ARP Multicast/Broadcast Filter Peer-to-Peer block SP WiFi & Small Cell ANQP info - Query based 802.11u Std Venue Name Roaming Consortium list Network Authentication Type NAI Realm list 3GPP Cellular Network Info. Domain Name list IP address type HotSpot 2.0 ANQP element HS Query list HS Capability list Operator Friendly name WAN Metrics Connection Capability Operating Class Indication NAI Home Realm Query Cisco and/or its affiliates. All rights reserved. Cisco Public Information Element Configuration Handset Policy WLC Attribute Access Point Attribute 802.11u IE Operator Policy (Subscription MO) Venue Info • Venue Name* • Venue Group • Venue Type • • • • • • • • Internet Access indicator Network Types Network Authentication Types (WebAuth) HESSID OUIs Realm list ( EAP-Type info ) Cellular Information list Domain list HotSpot 2.0 IE AP/WLC can sets all the IE parameters but handset connection policy may only use a subset of it SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. • • • • Operator Name* WAN Metrics Connection Capability Operating Class Cisco Public Packet Flow AP/WLC Wi-Fi Client Number of queries and query content is mobile implementation dependent Beacon with 802.11u Interworking IE Probe Request Probe Response Used if response requires GAS fragmentation GAS Initial Request GAS Initial Response GAS Comeback Request GAS Comeback Response HS2.0/802.11uenabled connection manager supplies SSID to join Authentication (null) Authentication Response Association Request (SSID) Association Response (AID) 802.1X (EAPOL-Start) 802.1X (EAP-Identity Request) 802.1X (EAP-Identity Response) 802.1X (EAP-Auth. Exchange) AAA Server Pre-association protocol using 802.11 public action frames for GAS L2 transport ANQP provides NAI Realm, 3GPP PLMN ID, etc. so mobile can select roaming candidate network 802.11u doesn’t change your typical WLAN authentication procedure below this dotted line RADIUS (EAP-Auth. Exchange) 802.1X (EAP-Success) RADIUS (Access-Accept) 4-Way Handshake (PTK, GTK) SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Realm and EAP Method learned from GAS exchange Samsung WLAN Join decision-making process SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Small Cell Review Access Transport Software SP Wi-Fi 3G Small Cell Converged Small Cells Mobile Backhaul Solution with ASR 901, 901S, 903 ASR9000, CRS-1/CRS-3 Quantum™ • Network Abstraction Suite • Policy Suite • Analytics Suite • RAN Optimization Suite • WAN Orchestration Suite Core ASR5000, ASR5500 With Enhanced Services Cisco Mobility Solutions Cost Effective Coverage & Capacity SP WiFi & Small Cell Persistent & Seamless Connectivity while Managing Traffic Growth Cisco and/or its affiliates. All rights reserved. Increase Service Creation Velocity & Deploy New Service Cisco Public AT&T 3G MicroCell • AT&T 3G MicroCell launched April 2010 http://www.wireless.att.com/learn/why/3gmicrocell/ • Largest 3G femtocell deployment worldwide • True zero-touch provisioning Over 90% of femto installations done without customer care intervention Fully automated provisioning and management control BEST COMMERCIAL FEMTO LAUNCH AT&T’s 3G MicroCell National Deployment “AT&T’s 3G MicroCell deployment with Cisco caught the judges’ eyes for two crucial reasons. First and foremost, it emphasized the importance of the customer at the heart of the femtocell experience, positioning technology very much as an enabler, rather than an end in itself. Secondly, the deployment is on a national scale, which given the US market’s size adds an additional layer of complexity”, agreed the judges. London, England - June 23, 2010 SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Source: O2 UK in Small Cells Summit, London June 2012 SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Source: O2 UK in Small Cells Summit, London June 2012 SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public 3G Comprehensive, Intelligent 3G/LTE/Wi-Fi Small Cells Minimize deployment OPEX with zero/low touch provisioning Best of breed SON solution ensuring Macro radio coexistence SP WiFi & Small Cell • Built on industry standards; 3GPP architectures • Innovative features and capabilities solving coverage & capacity challenges • Proven optimization & monetization models with robust Policy & Subscriber services • End-to-end, validated, carrier-grade network solutions (radio, access, backhaul, core, policy/charging) Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Prime Provisioning Management Small Cell Backhaul Cisco ASR 901S Cisco Universal Small Cells Small Cell Gateway Cisco USC 5310 for Aironet Cisco ASR 5000 Cisco Aironet Wi-Fi Indoor & Outdoor Wireless Controller Cisco 8510 Cisco Quantum SP WiFi & Small Cell 3G/4G Core Subscriber/MNO Gateway Cisco ASR 1000 SON Suite Cisco and/or its affiliates. All rights reserved. Policy Suite Cisco Public Internet Small Cell Solution Reference Solution Architecture Registration, Activation, Care: XML/HTTP AP RMS Client Mgmt over TLS TR-069 HTTP XMPP ACE 4710 (TR069, CMHS) USC Small Radio Stack Cell AAA / RADIUS Whitelists RMS DMZ SP OSS PMG RAN DCC UI Management System CMHS (RMS) CAR RAN BAC S1, Iuh Over IPSec Radio HW NTP DMZ DHCP ASR5000 IuCS H(e)NB HNB-GWGW SP MSC SP Firewall or 7600 Upload Server SeGW ASR5K CNR SGSN, GGSN IuPS SP SGSN or GGSN S1 EPC S1, Iuh Cloudbase Alarms & KPIs Alarms & KPIs BootstrapPKI NMS SP WiFi & Small Cell Prime Mobility Network and Element Management Prime Central Prime Performance RAN Optimization/SON Cisco and/or its affiliates. All rights reserved. Alarms & KPIs Alarms & KPIs Prime Network Cisco Public SP NMS Small Cell Typical Connectivity Operator ASR5K SGSN CN Network HNB-GW SeGW Subscriber IPSec Internet Tunnel TLS HNB Firewall Subscriber Network NTP L3 with IPSec Address MSC DMZ Network Management Network RMS Serving RMS Central Cisco RMS Upload CloudBase SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. NMS Cisco Public OSS Network OSS Cisco Universal Small Cell Series USC 7000 Series Concourse Venue “ Mobile Internet delivered in the modern urban landscape” “ High density, high intensity” USC 5000 Series Enterprise Hotspot “ All business is mobile today” “ Everyone consumes the mobile Internet here” USC 3000 Series Home Small Office/ Home Office (SoHo) “ Mobile as the center of your lifestyle” SP WiFi & Small Cell “ In touch with the world with my mobile business device” Cisco and/or its affiliates. All rights reserved. Cisco Public Available Today! Product Offer – 3G + Wi-Fi 16 User 3G Open Mode Module Capability 3G/HSPA + 802.11n RF <100mW Transmit Power (same as ETSI 802.11) Compatible with 3600i/3600e Wi-Fi Power provided by the Aironet through PoE+ (IEEE 802.3at) or external PSU. AIRONET 3600 3G HSPA+ 21Mbps/5.7Mbps <100mW/20dBm EiRP 16 Active Users Band II/V or I 802.11n 2.4/5GHz RF Power 100mW at Ant. Port Antenna 1x1 SISO 802.11n 4x4 3SS / Beamforming RF BW 5 MHz Base Platform USC Software Platform 3G Throughput 21/5.7 Mbps HSDPA+ (peak rate)* R99 WCDMA Voice Calls 3G Feature Set 16 Active users; 200 idle ;3GPP R99 & R8 HSDPA+ ; Iuh / TR-069, TR-196v1, Open Mode HSDPA+ 21Mbps / HSUPA 5.76Mbps (Peak Rates)* Mobility Available in 3GPP I (Rest of World) and Band II/V (USA/LATAM) 3G Active CS/PS and Idle Mode Reselection SON / HetNet 3G : Network Listen 802.11 : Clean Air Power Supply Provided by the Aironet Product Size / Weight 1.5L ; 1.4kg (complete unit) Deployment Desk/Wall/Ceiling * SCS 2.0 Supports 14 codes = ~15 Mbps Peak Rate SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Available Next Month! • Module holder only • Target FCS – May 2014 1x GbE RJ45 ports • Provides 2x10W via Cisco module connector • Module Configurations • 1x3G • 1xLTE (When available) • 2x3G (Planning) • 2xLTE (When available) • 1x3G + 1xLTE (When available) • Power PoE+ and/or 48V DC • Compatible with USC 5310 and USC 541x 22 x 22 x 6 cm; ~1kg SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Available December! • Partner to USC 5310 Module • Module supports (auto-selects) • Target FCS – December 2014 Standard Module Size; ~500g SP WiFi & Small Cell • • 1x1 SISO with 6W PSU (AP3600/AP3700) • 2x2 MIMO with 10W PSU (USC5030) LTE FDD • Upto 20 MHz iBW • 16 Active Users • 128 RRC Connected Users 100mW Output Power USC5416 Americas USC5416 Rest of World USC5416 Global USC5426 TD-LTE LTE Band 4 Band 3 Band 1/3/7 Band 38 NWL LTE NWL 3G NWL GSM Band 4/7/12/13 Band 2/5 GSM 850/1900 Band 1/3/7/20 Band 1/8 GSM 900/1800 Band 1/3/7/20 Band 1/8 GSM 900/1800 Band 1/3/7/20 Band 1 Cisco and/or its affiliates. All rights reserved. Cisco Public RMS provides a standard based, scalable solution for Cisco Universal Small Cell Solution • Lower time to deployment and OPEX • Provides a centralized management entity for the small cell network • Easy to use graphical applications in user interface • Based on Commercially available HW Registration, Activation, Care: XML/HTTP • Provides interfaces and integration API for OSS/BSS AP Mgmt over TLS RMS Client DMZ ACE 4710 (TR069, CMHS) Activation of Access Points USC Small Radio Stack Cell Configuration of Access Points Software upgrade of Access Points Status monitoring of Access Points AAA / RADIUS Whitelists RMS TR-069 HTTP XMPP PMG RAN DCC UI Management System (RMS) RAN BAC NTP DMZ S1 Iuh, over IPsec ASR5000 DHCP CAR HNB-GW Upload Server CNR SeGW ASR5K Collection of raw AP KPI data Access to AP alarm data Cloudbase Bootstrap - PKI Alarms & KPIs NMS Troubleshooting of Access Points RADIUS service for AP auth on HNB-GW and whitelist DHCP service for allocating IPSec addresses SP WiFi & Small Cell SP MSC IuPS SP SGSN or GGSN SGSN, GGSN S1 S1, Iuh, IuCS RAN CMHS SP Firewall or 7600 Radio HW SP OSS Cisco Confidential Cisco and/or its affiliates. All rights reserved. Alarms & KPIs EPC Alarms & KPIs Mobility Network andPrime Element Management Prime Prime Prime Central Performance Quantum RAN OptimizationNetwork (SON) Cisco Public Quantum RAN Mgmt/SON Alarms & KPIs SP NMS Cisco Small Cell AP-SON Capabilities Cisco AP-SON Capabilities Device Activation & Automatic Network Connectivity Network Listen Mode Automatic Carrier & PSC/PCI Selection Initial Power Settings Automatic Neighbour Relations Generation IP Timing/Macro Synchronisation SW Upgrade & Initialisation Configuration Profiles Backhaul DL/UL Bandwidth Determination Continuous Network Listen Optimisation of Carrier & PSC /PCI Selection Dynamic DL/UL Power Adaptation Automatic P-CPICH/Common Reference Signal Power Tuning UE Targeted DL/UL Power Overshoot Automatic Neighbour Relations Management Backhaul DL/UL Bandwidth Tracking Adaptive UL Traffic Shaping Self-Configuring Zero-Touch Activation Self-Optimising Cognitive RRM Algorithms Self-Healing Advanced System Monitoring SP WiFi & Small Cell HW & SW Fault Detection SW Process Restarts Chip Restarts Factory Recovery Adaptation of Power Settings & Neighbour Relations Determination of, & Fast Restart Following Backhaul Failures Load Control/Balancing in Response to Available Backhaul Bandwidth Cisco and/or its affiliates. All rights reserved. Cisco Public ActiveRadio® In Action Self-Configuration & Self-Optimisation 1 Power on Load correct software & basic connectivity parameters from CloudBase 2 (Optional) Location locking Initial environment scan & optional GPS location 3 (Optional) Local spectrum license Management boot inform & further provisioning Initialisation Server 4 Full environment scan & configuration Select frequency, PSC/PCI & initial power. Populate neighbour list & configure cell stickiness Management Server 5 System authorisation Report of final config & gateway authorisation 6 Enable radio & operational for calls 7 Auto power & rate adaptation 8 Using information gathered from UEs Management Server SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Continuous network listen Periodic interference level checks. Ongoing environment adaptation whilst in service Cloudbase® Activation - from factory to subscriber service Cisco Production Service Provider (1) Small Cell Produced Central Warehouse Manufacturing Centre Customer Call centre/ SP shop (4) Customer, retailer or Web interface orders service (5) Shipment Ordered (6) Subscription Details (2) Manufacturing Information (7) Small cell delivered (8) Customer connects and powers up unit (3) Small cell Records Cisco Production Systems SP WiFi & Small Cell (9) Unit Activation (10) RMS Provisioning Activation Server (11) Auto-configuration IT/OSS Cisco and/or its affiliates. All rights reserved. RMS (12) Service to Subscriber Cisco Public Packet Core Integration Options for SP-WiFi Building a User-centered Solution SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public SP Wi-Fi Experience - User Endpoint (UE) User Endpoint is a subscribers carrier experience Coverage, Performance, Ease of use Seamless Authentication Network Roaming Session Roaming Policy Roaming Authentication Options EAP-SIM EAP-AKA WISPr Web Logon MAC TAL Standards ANDSF HS 2.0 Goals: • Seamless Roaming across many providers networks (HS 2.0) • Zero Configuration (ANDSF) • Zero footprint (Client Less) • Support no-UE devices SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public WiFi Passpoint vs. ANDSF WiFi Passpoint Using What How By ANDSF 3G WiFi WiFi Operator Roaming(11u) Network Quality & Info(HS20) WiFi enhancement Security enhancement Operator Roaming Network Quality & Info WiFi enhancement .11u Probe Scanning ANQP Combine 802.1x supplicant 3G-to-WiFi Offload based on Location (GPS Co-ordination) 802.11 SSID (BSSID,ESSID,HESSID) WiFi Alliance, Passpoint Certification 3GPP Passpoint Certification SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco SP Wi-Fi Services & Policy Enforcement Wireless Access Gateway (WAG) Routers Authorize Identify ASR5K LLQ CBW FQ Scheduler ASR9K QoS Policing ASR1K Forwarding SP WiFi & Small Cell Accounting Cisco and/or its affiliates. All rights reserved. Carrier-Grade Cisco Public Cisco SP WiFi xWAG – Family of Products Service Edge Access Mobile Core PMIPv6 IPSec AP .1Q AP GTP MAG WAG GTP L2 WLC/ MAG AP GTP L3 L3 PMIPv6 Subscriber Policy Enforcement LMA AP WLC WLC iWAG L3 IPSec UE Internet SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public L3 PMIPv6 Subscriber Policy Enforcement AP/ MAG LMA WLC Mobile Packet Core Integration: WiFi into 3G Packet Core All Client-less and Client-based configurations supported Multiple Applications Simultaneously Running on Session-Centric AAA OperatingWLAN System Devices Trusted Wi-Fi Clientless – IPSG (IP) 3GP P AAA Converged, Per subscriber Policy, Charging and Billing Systems IP Core Un Tunneled User Data (IP) IPSG VPN Per User PMIPv6 Tunnel Clientless MAG (PMIPv6) MAG Clientless (GTPv1) eWAG eWAG Clientless 3GPP2 Per User GTP Tunnel P-GW GGSN Per User PMIPv6 Tunnel HSGW Clientless Per User GTP Tunnel 3GPP SGSN 3G Cellular Secure Client based iWLAN TTG Untrusted Wi-Fi SP WiFi & Small Cell GTP (Gn) Per User IPSec Tunnel Cisco and/or its affiliates. All rights reserved. Mobile Packet Core Cisco Public Mobile Packet Core Integration: WiFi into 4G Core All Client & Client-less options supported WiFi AAA/BackEnd Devices Secure Client based iWLAN S2c – DSMIP6 Client Untrusted WiFi Mobile AAA Policy/BIlling IP Core IPSec (SWu) S2b Client ePDG S2c - DSMIPv6 PGW Trusted WiFi Client S2c - DSMIP S2c - DSMIPv6 S2a PMIPv6 Clientless 3GPP MAG S1 S2a - PMIP SGW 4G Cellular SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Mobile Packet Core Cisco Public Cisco SP Wi-Fi Solution Standards MAP Protocol Air Interface 3GPP TS 29.002 Mobile Application Part (MAP) Specification AAA Functions IEEE 802.11a IEEE 802.11b IEEE 802.11g IEEE 802.11d IEEE WMM/802.11e IEEE 802.11h IEEE 802.11n IEEE 802.1X RFC 2716 PPP EAP-TLS RFC 2865 RADIUS Authentication RFC 2866 RADIUS Accounting RFC 2869 RADIUS Extensions RFC 3579 RADIUS Support for EAP RFC 3580 IEEE 802.1X RADIUS Guidelines RFC 3748 Extensible Authentication Protocol MAP CAR AAA TCAP SCCP M3UA HLR SCTP Control & Provisioning AP IPv4 Radius L1 / L2 RFC 5415 CAPWAP Protocol Specification RFC 5416 CAPWAP Binding for 802.11 UDP ASR5K PGW / LMA IPv4 Clientless AP WLC L1 / L2 Internet DHCP BOOTP DATA ASR1K MAG ISG iWAG DATA UDP Encryption WEP and TKIP-MIC: RC4 40, 104 and 128 bits AES: CBC, CCM, CCMP DES: DES-CBC, 3DES SSL and TLS: RC4 128-bit and RSA 1024- and 2048-bit DTLS: AES-CBC IPSec: DES-CBC, 3DES, AES-CBC Security Standards IEEE 802.11i (WPA2, RSN) RFC 1321 MD5 Message-Digest Algorithm RFC 1851 The ESP Triple DES Transform RFC 2104 HMAC: Keyed Hashing for Message Authentication RFC 2246 TLS Protocol Version 1.0 RFC 2401 Security Architecture for the Internet Protocol RFC 2406 IPSec RFC 3602 The AES-CBC Cipher Algorithm and Its Use with IPSec RFC 3686 Using AES Counter Mode with IPSec ESP RFC 4347 Datagram Transport Layer Security RFC 4346 TLS Protocol Version 1.1 SP WiFi & Small Cell PMIPv6 IPv4 over IPv6 ARP IPv4 IPv4 IPv6 IPv6 L1 / L2 L1 / L2 L1 / L2 L1 / L2 L1 / L2 User Plane Control Plane User Plane Control Plane Gx RFC 1542 BOOTP RFC 2131 DHCP RFC 826 ARP Rf Gy PCRF Trigger Gy OCS S2a Interface 3GPP TS 23.402 Architecture Enhancements for Non-3GPP Accesses Policing & Charging Mobility Support RFC 3775 Mobility Support in IPv6 RFC 5213 Proxy Mobile IPv6 RFC 5844 IPv4 Support for Proxy Mobile IPv6 RFC 5846 Binding Revocation for IPv6 Mobility Cisco and/or its affiliates. All rights reserved. 3GPP TS 23.203 Policy and Charging Control Architecture 3GPP TS 29.212 Policy and Charging Control over Gx Reference Point 3GPP TS 32.240 Charging Architecture and Principles RFC 4006 Diameter Credit-Control Application Cisco Public Offline Billing Portal L3 PMIPv6 PMIPv6 AP WLC AP LM A WA AP 802.1Q L2 L3 AP WLC IPSe c 802.1Q Cisco MAG PMIPv6 WAG L3 iWAG UE IPSec Internet 3rd Party Access SP WiFi & Small Cell L3 GT P L3 MAG GT P L3 DNS DHCP Subscriber Policy Enforcement AP= Access Point MAG=Mobility Access Gateway WLC= Wireless LAN controller LMA= Local Mobility Anchor GTP= GPRS Tunneling Protocol IPSG= IP Services Gateway EWAG= Enhanced Wireless Access Gateway PMIP= Proxy Mobile IP (v6) UE= User Entity (mobile terminal) WA= Web based Authentication AP/ MAG AAA Subscriber Policy Enforcement WLC LMA eWAG Cisco SP WiFi Functional Building Blocks Aggregation Cisco and/or its affiliates. All rights reserved. Core Cisco Public 49 Use-Case 1: S2a access for 4G PMIPv6 PMIPv6 AP WLC PMIPv6 R7.4 AP LM A GTP WA 802.1Q L2 L3 AP WLC IPSe c 802.1Q Cisco ASR5K MAG AP L3 L3 WAG UE IPSec Internet 3rd Party Access SP WiFi & Small Cell R14.0 GT P L3 MAG GT P L3 L3 LMA AP/ MAG Portal Subscriber Policy Enforcement • Cisco SP-WiFi Whole-Offer Solution: Model 2.x • Uses S2a Interface on ASR5K • Provides Signalling & Dataplane • L2 and L3 mobility for inter & intra WLC groups • Policy & Charging via Gx/Gy interface Replicated via IP Diffserv • Dynamic LMA selection via AAA intelligence • WiFi treated as a 4G-like RAT DNS DHC P AAA eWAG WLC Subscriber Policy Enforcement MAG on WLC, LMA on ASR5K: architecture for S2a Aggregation Cisco and/or its affiliates. All rights reserved. Core Cisco Public 50 Use-Case 1.5: S2a access for 4G L3 Flexconnect PMIPv6 PMIPv6 AP WLC MAG GTP PMIPv6 AP LMA R7.4 AP Portal GTP WA 802.1Q L2 ASR5K L3 DNS DHCP LMA eWAG AAA MAG • Utilize Cisco vWLC and/or Flexconnect WLC • Cloud-like deployment of WLC for RRM and management • Local Break Out for AP • AP will have MAG (R7.5 +) • Centralized WebAuth AP/ MAG WLC Subscriber Policy Enforcement R7.5 Subscriber Policy Enforcement MAG on AP, LMA on ASR5K: architecture for S2a R14.0 L3 GTP L3 AP WLC 802.1Q Cisco L3 L3 IPSe c WAG UE IPSec Internet 3rd Party Access SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Aggregation Core Cisco Public 51 Use-Case 1.7: WebAuth + S2a access for 4G L3 Flexconnect PMIPv6 PMIPv6 AP WLC GTP PMIPv6 AP LMA R7.4 AP GTP WA 802.1Q L2 R14.0 ASR5K MAG MAG L3 Portal Subscriber Policy Enforcement • WebAuth Service on WLC (internal, custom, external) • Authenticated users are placed in MAG or VLAN for Local Break Out • External AAA/Portal with Radius CoA needed AP/ MAG DNS DHCP AAA LMA eWAG WLC Subscriber Policy Enforcement MAG & WebAuth on WLC, LMA on ASR5K: architecture for S2a L3 GTP L3 AP WLC 802.1Q Cisco L3 L3 IPSec WAG UE IPSec Internet 3rd Party Access SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Aggregation Core Cisco Public 52 Use-Case 2.1: eWAG for 3rd Party WiFi WLC PMIPv6 AP R7.4 GT P LM A GTP WA 802.1Q L2 L3 WLC 802.1Q IPSe c Cisco ASR5K MAG MAG AP R14.0 L3 GT P L3 WAG UE IPSec Internet 3rd Party Access SP WiFi & Small Cell eWAG PMIPv6 L3 PMIPv6 AP AP L3 Flexconnect L3 party AP/Controller presents subscriber after authentication as L3 traffic • AAA or DHCP triggred eWAG session creation • Local Break Out supported AP/ MAG Portal Subscriber Policy Enforcement • 3rd DNS DHC P AAA LMA WLC Subscriber Policy Enforcement IP Native on 3rd Party WLC, eWAG on ASR5K Cisco and/or its affiliates. All rights reserved. Aggregation Core Cisco Public 53 Use-Case 2.2: sGRE, GTP for 3rd Party WiFi Portal L3 PMIPv6 AP PMIPv6 WLC GTP LMA AP GTP WA 802.1Q sGRE L2 sGRE IPSec AP WLC ASR5K MAG AP R7.4 R14.0 PMIPv6 L3 GTP (v1 or v2) GTP L3 L3 L3 MAG Cisco ASR1K UE IPSec Internet 3rd Party SP WiFi & Small Cell LMA Flexconnect L3 DNS DHCP Subscriber Policy Enforcement • Aruba/ALU solution for use of sGRE as tunneled traffic • Use ASR1K as sGRE to GTP WAG (scaling) • Use ASR1K for WebAuth & Local Break Out • Proxy subscribers to ASR5K using GTPv1 • Diffserv QoS to sGRE re-marking (needs to be explored) • Q’s around L2 and L3 mobility requirements AP/ MAG AAA eWAG WLC Subscriber Policy Enforcement sGRE 3rd Party WLC, ASR1K, GTPv1 on ASR5K Access Cisco and/or its affiliates. All rights reserved. Aggregation Cisco Public Core 54 Use-Case 2.3: GTP for 3rd Party WiFi L3 Flexconnect PMIPv6 AP PMIPv6 WLC PMIPv6 AP LMA R7.4 AP AP GTP WA L2 sGR E L3 802.1Q WLC sGRE Agg GTPv1 IPSe c Cisco MAG MAG GTP ASR5K R14.0 L3 GTP L3 WAG UE IPSec Internet 3rd Party Access SP WiFi & Small Cell L3 Portal L3 AP/ MAG DNS DHCP Subscriber Policy Enforcement • Aruba/ALU solution for use of sGRE as tunneled traffic • Use GTPv1 directly into ASR5K: sGRE anchor is the 7750 • Diffserv QoS to sGRE re-marking (needs to be explored) • Q’s around L2 and L3 mobility requirements AAA LMA eWAG WLC Subscriber Policy Enforcement GTP via 3rd Party ePDN, ASR1K, GTPv1 on ASR5K Cisco and/or its affiliates. All rights reserved. Aggregation Core Cisco Public 55 Use-Case 2.4: SaMOG, Inter-Carrier Roaming PMIPv6 AP PMIPv6 WLC GTP LMA AP AP GTP WA 802.1Q sGRE TWA P IPSe c WLC Cisco UE IPSec SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. ASR5K MAG AP R7.4 R14.0 PMIPv6 GTP L3 R16.0 L3 ASR5K SaMOG Internet 3rd Party Access L3 GTPv2 L3 MAG L3 Flexconnect LMA AP/ MAG Portal Subscriber Policy Enforcement • Aruba/ALU solution for use of sGRE as tunneled traffic • Use ASR5K as sGRE to EPC Core (SaMOG) • Use ASR5K TWAP for Authentication and Trusted WLAN Access Gateway (TWAG) for data path integration. • Proxy subscribers to ASR5K using GTPv2 (home and visited) • Diffserv QoS to sGRE re-marking (needs to be explored) DNS DHCP AAA eWAG WLC Subscriber Policy Enforcement PMIPv6 & 3rd Party WLC via sGRE, SaMOG on ASR5K towards Home/Visited Aggregation Core Cisco Public 56 ASR5K SaMOG based SP Wi-Fi EPC Integration AuC CAPWAP CNTRL. & Data plane tunnels PMIPv6 used to establish Dynamic L3GRE tunnels HSS EAP messages over RADIUS from WLC to TWAP SWx AP-1 WLC-1 MAG-1 UE Authorization Profile download AKA,AKA’ Credentials 3GPP AAA Server (CPAR) EAP messages over DIAMETER RADIUS QPS /or SIM Gy (Online) OCS S6b PMIPv6 ASR 5K TWAP TWAG PDN Gateway Rf (Offline) CDF RADIUS PMIPv6 UE data traffic tunneled over GTP AP-N’ SP WiFi & Small Cell S2a (GTPv2) Cisco and/or its affiliates. All rights reserved. Update the PGW address for the UE session External IPv4 Networks Cisco Public Gz (Offline) WLC-N MAG-N STa Gz (Offline) AP-1’ L2/L3 Infra LMA DHCP AP-N CGF Practical Examples of SP-WiFi as an Essential Complement to Mobile Services Wi-Fi as a hotspot technology: a wireline service 2009 Wi-Fi as a mobile offload technology: a cellular network optimization tool 2010 2011 2012 Wi-Fi as a platform for: • Service innovation • Revenue growth • Experience transformation SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Example: Super Bowl XLVI Connected Stadium • Fan facing Wi-Fi access for Super Bowl activities • Carrier-neutral Wi-Fi access – free to all fans • Provided by Verizon wireless • Objective: increased fan experience and 3G offload • High speed data as well as Voice & SMS worked well • 604 in-stadium Access Points Downstream Total attendance: Unique Associations: Simultaneous access: Peak: 75 68,658 12,946 (19%) 8,260 (12%) Mbps Total: 225.3 GB Upstream Peak: 42 Mbps Total: 144.6 GB SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Use Case: Super Bowl XLVII Connected Stadium • Fan facing Wi-Fi access for Super Bowl activities • Carrier-neutral Wi-Fi access – free to all fans • Provided by Verizon wireless • Objective: increased fan experience and 3G/LTE offload • High speed data as well as Voice & SMS worked well • 1229 in-stadium Access Points Downstream Total attendance: Unique Associations: Simultaneous access: Peak: 185 71,024 9,556 (13%) 5,569 (8%) Mbps Total: 442 GB Upstream Peak: 400 Mbps Total: 683 GB SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public WiFi Network Observations Cisco worked with a Canadian Telecom Service Provider to install and operate a WiFi network for the Montreal F1 event – The network covered 2 bleachers, 2 VIP areas; roughly 50 K Square feet – 50 APs (3600 and 1552 from Cisco) – Fiber backhaul – 200Mbps Network statistics over 3 days: – – – – – Just under 3,300 users at peak (race day) Peak Upstream Bandwidth = 52Mbps (race day) Peak Downstream Bandwidth = 28 Mbps (race day) Total traffic over three days 144Gb Average users at the same time = 2,200 SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public Questions? 63 Check out our SP-WiFi and Small Cell Solution setup at our World of Solutions Showcase Thank you Complete Your Paper Session Evaluation – Wednesday April 16 Give us your feedback and you could win 1 of 2 fabulous prizes in a random draw. Complete and return your paper evaluation form to the Room Attendant at the end of the session. Winners will be announced today at the end of the session. You must be present to win! Please visit the Concierge desk to pick up your prize redemption slip. Visit them at BOOTH# 407 SP WiFi & Small Cell Cisco and/or its affiliates. All rights reserved. Cisco Public
* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project
advertisement
© 2021