SP WI-FI AND SMALLCELLS

Peter Gaspar Vertical Solutions Architect

Topics we will touch today

• SP WI-Fi Business Drivers

• Passpoint for automated logon

• Mobile Offload – Wholesale models

• Wi-Fi Calling

• Managed Wi-Fi and Location Based Services

• Licensed Smallcells

SP Wi-Fi Business Models and Value Creation

Retention & Loyalty Increase customer stickiness

by offering free mobile

Internet through public Wi-Fi

Save Money Make Money

Mobile Data Offload Optimize mobile data

network or deploy offload

services

Managed Services Increase B2B revenues

with managed wireless

services Location Analytics

Create new revenues through

location data analytics

Location-Based Advertising Generate new revenue streams

via mobile advertising

Public Wi-Fi Network Must Generate Perceived Value to succeed

How to create perceived value for the public Wi-Fi? Service providers are focusing on 3 key areas:

• Experience (high speed and automatic login)

• Cost

• Coverage

Source: ‘Understanding What Customers Want from Wi-Fi’ a Cisco IBSG Customer Research (Insights from United States and Latin America Study Results), May 2012

Most Important Wi-Fi Network Features

National / International Wi-Fi Roaming = Additional Revenues

Source: ‘Understanding What Customers Want from Wi-Fi’ a Cisco IBSG Customer Research (Insights from United States and Latin America Study Results), May 2012

86% of users will be willing to pay a low fixed monthly fee to get their Wi-Fi enabled devices connected nationally or internationally

Interest in National / International Wi-Fi Roaming

Mobile Advertising and Personalized Marketing to Generate New Revenues

Consumers are open for mobile advertising and personalized marketing in order to get free Wi-Fi. This creates a new revenue source for service providers

Source: ‘Understanding What Customers Want from Wi-Fi’ a Cisco IBSG Customer Research (Insights from Latin America Study Results), May 2012

Interest in Accepting Advertising for Free Public Wi-Fi Interest in Accepting Personalized Marketing for Free Public Wi-Fi

PASSPOINT FOR AUTOMATED LOGON

What’s Wrong With Legacy Wi-Fi Today? • Terminal powers up in urban setting and scan environment—finds ~100 Wi-Fi networks. How should it select the right network without excessive battery drain?

• Terminal doesn’t recognize SSID, so it doesn’t know whether it has the proper security credentials

• Terminal doesn’t know whether Wi-Fi network provides internet access, so it doesn’t know whether to attempt association

• Terminal associates to network, but user’s email doesn’t work (happens with Web-auth/WISPR when user doesn’t launch browser)

• Network selection is just too complicated for non-techie users – E.g., network name (SSID) does not match Venue Name

• So the user end up turning off Wi-Fi so that they can at least access through their 3G/4G…

Not exactly optimal Wi-Fi utilization!

Hotspot 2.0 Components Roam, Authenticate, Monetize

SEAMLESS

Simplifies network

discovery and selection for

seamless cellular data offload

SECURE

Extends existing SIM-

based authentication

techniques over

encrypted Wi-Fi

RELIABLE

Carrier-class solution

PROFITABLE

Enables location-based and value-added services

802.1x , EAP-SIM Auto SIM

credentials

Encrypted Wi-Fi Link

802.11i

1

802.11u

2 3 4

Mobile “concierge” service Mobile Service Advertisement

Protocol (MSAP)

Packet Flow (example)

Beacon with 802.11u Interworking IE

Probe Request

Probe Response

GAS Initial Request

GAS Initial Response

GAS Comeback Request

GAS Comeback Response

802.1X (EAPOL-Start)

802.1X (EAP-Identity Request)

802.1X (EAP-Identity Response)

802.1X (EAP-Auth. Exchange) RADIUS (EAP-Auth. Exchange)

RADIUS (Access-Accept) 802.1X (EAP-Success)

Pre-association protocol

using 802.11 public action frames

for GAS L2 transport ANQP provides NAI Realm, 3GPP

PLMN ID, etc. so mobile can select

roaming candidate network

Realm and EAP

Method learned from

GAS exchange

HS2.0/802.11u-

enabled

connection

manager

supplies

SSID to join

AAA Server AP/WLC

802.11u doesn’t change your typical WLAN

authentication procedure below this

dotted line

Used if response requires GAS

fragmentation

Authentication (null)

Authentication Response

Association Request (SSID)

Association Response (AID)

4-Way Handshake (PTK, GTK)

Number of queries and query content

is mobile implementation

dependent

• Immediate Account Provisioning (release 2) - The process of establishing a new user account at the point of access will be streamlined, eliminating user steps and driving a common provisioning methodology across vendors

• Off-the-shelf Passpoint device will be able to sign-up, register for service, and securely download certificates

• Online Sign-up using Web Browser, using HTTPS(OSU, Online Sign Up server)

• Service Remediation – Handling of expired subscription, expired password or certificates, require Remediation server, BSS Transition feature from AP

• Policy – Network Operator Selection priority

– Can be downloaded from Home operator via OMA-DM or SOAP/XML

– …or allow manual change by end-user

• HotSpot “Icon” per SP will be available to user to select

• Security enhancement (WPA2 Hole-196 mitigation)

NEW: Passpoint Release 2

Online Signup • Airport example – airport hotspots

offering connectivity via two SPs: SP1 and SP2

– NOTE: airport is an arbitrary example venue

• Users with credentials authenticate autonomously (release 1)

• Users without credentials may follow OSU procedure (release 2)

– Mobile discovers OSUs are available

– Choices are shown to user

– User chooses SP1 or SP2

– Mobile connects securely to selected OSU server (SP1 or SP2), with anonymous EAP

– Credentials are provisioned and communicated to AAA-server

– Subsequent access/authentication can be autonomous

AAA

AAA

Hotspot

AAAHTTPAAAAAA

AAAOSUS

LANSP Core

Network

Service Provider #1 Network

LANInternet

AAAAAA

AAAOSUS

Service Provider #2 Network

OSU_NAI

ACLs

AAAAAA

CA

CA

LANSP Core

Network

OSU CallFlow

• Release 1 – 100s of devices certified

• All new Cisco APs and WLCs are certified

• Release 2 – certification started in August 2014

• Smartphones with support: – iPhone 5 and newer

– Samsung Galaxy S3, S4, S5, Note and more

– LG Volt and more

– HTC M and more

• http://www.wi-fi.org/certified-products-advanced-search

Passpoint Status

MOBILE OFFLOAD

• Improve indoor data services

• Provide equivalent services to 3G/4G

• Integrate into mobile charging

• Fulfill legal obligations (data retention, lawful intercept etc.)

• Enable new revenue streams (Managed Wi-Fi, Location Services etc.)

Mobile Offload Requirements

Delivering Converged Control

Macro Coverage

Cell

Packet Core

Radio Network

Controller

Licensed Femto

Cell

Packet Core

Femto Controller

Wi-Fi Gateway

Trusted Unlicensed

SP Wi-Fi

Un-trusted Wi-Fi AP

ePDG TTG

I-WLAN IPSec Access

HS 2.0 Inter-Tech H/O

Packet Core

UE

Packet Core

Packet Core

Gx/Gy

LI

Wi-Fi Access to Mobile Core Protocols and Options

LTE Core

Home

Network

Core

AP

TWAG

WLC

AP

Aggregati

on Switch

AP

WLC

AP

Optional

NAT

Portal DHCP AAA

PGW/LMA

GGSN

3G Core

PCRF HLR OCS CGF

Internet Services

Internet Services

Internet Services

GTP

Gn’

AP/CP

E

Access Network

Policy

MNO Home Network Policy

Hotspot

Public/Large Venue

Community Wi-Fi

23

PMIP/GTP S2a

Wi-Fi Access to Mobile Core (Wholesale models SP2SP)

Roaming

Partner

Core

Home

Network

Core

AP

TWAG

WLC

AP

Aggregati

on Switch

AP

WLC

AP

Optional

NAT

Wholesale Provider or Home SP

Retailer

Providers

Portal DHCP AAA

PGW/LMA

GGSN

Roaming

Partner

Core

PCRF HLR OCS CGF

Internet Services

Internet Services

Internet Services

GTP

Gn’

AP/CP

E

Access Network

Policy

MNO Home Network Policy

Hotspot

Public/Large Venue

Community Wi-Fi

24

PMIP/GTP S2a

AAA

Untrusted Wi-Fi to Packet Core

LTE Core

AP

(e)PDG

WLC

AP

AP

AP

AAA

PGW/LMA

GGSN

3G Core

PCRF HLR OCS CGF

Internet Services

Internet Services GTP

Gn’

AP/CP

E

Internet

MNO Home Network Policy

3rd party Hotspot

Public/Large Venue

unmanaged

Private Wi-Fi

25

IPSec

• Requires Client support

• Used for VoWiFi today

• Support for IP handover from LTE to Wi-Fi IPSec

• 3rd party untrusted Wi-Fi access

WI-FI CALLING

Major Use cases/drivers • Complement Indoor Macro Radio VoLTE Coverage for residential and enterprise

• Voice on non-SIM device (like wifi iPad)

• Compete with OTT VoIP

Voice over Wi-Fi Architecture

• Based on VoLTE and untrusted non-3GPP access integration (ePDG)

• UE must support both – IPSec and VoLTE

• Operator must have working VoLTE infrastructure

• Wi-Fi to LTE and LTE to Wi-Fi handover supported

• 3G handover not supported • Only SIM devices supported today • No QoS implementation

Interne

t

PGW

AAA

DHCP

HSS/HLR

Wi-Fi access

ePDG

SWu

Untrusted network

(e.g. home/ent)

S2b

PMIPv6

GTPv2

SWm

SWn

IPSec eNodeB NodeB

MME/S

GW

3GPP access

S5/S8

MSC

Gi

RNC

IMS Core

SGSN

TAS CUCM

IMS/VoLTE

Moving to Standard’s Based Handover

• Seamless mobility between LTE and WiFi

– Node selection by the ePDG ensures same PGW is selected

– IP address(es) are preserved

– PCRF, OCS, OFCS are updated with new RAT type

– But NW looses location, time zone and QoS on Wi-Fi

NSWO + Wi-Fi Calling Client

eNB S1

IKEv2 allocated

2610:8dba:82e1:ffff::/64

NAS Allocated: 2610:8dba:82e1:ffff::/64

LTE Uu: NAS IMS-APN

Host: 10.10.1.1

ePDG

S2b

IMS APN P-GW

IMS APN UE Pool: 2610.8dba:82e1:ffff::/48

Swu IKEv2 IMS-APN

IPv6 IMS based Wi-Fi

Calling Service

S-GW

S5

Socket LTE

Wi-Fi Calling UE dependent handover 1

IMS APN

Socket

Virtu

al if

Cellular

Internet

Co

nn

ection

m

anager

PGW

MME

SGW eNodeB

EPDG

VOLTE

IMS APN

S5

S2b

IPSEC

Internet APN

Internet APN

LTE

IMS APN

Socket

Virtu

al if

Cellular

Internet

Wi-Fi

Co

nn

ection

m

anager

Untrusted Wi-Fi

PGW

MME

SGW eNodeB

EPDG

TAS

AP

S5

S2b

IPSEC

Socket

Internet APN

VOLTE

IMS APN

Wi-Fi Calling UE dependent handover 2

• Residential Wi-Fi

–Usually good quality and not congested

• Community & Coffee shop Wi-Fi

–Open does not mean immediately available

–Congestion could become a concern

• Enterprises

– 802.11n and now ac providing high capacity network

–However, many enterprises block IPSec

–Multiple AP’s make Wi-Fi to LTE mobility unpredictable

–Density of VoWiFi requires QoS optimization

Is VoWiFi equally applicable to all indoor deployments ?

MANAGED WI-FI AND LBS

Create Connected Experiences with Cisco’s CMX

Guest Presence

• Presence detection

• Auto-launch apps

Detect

Guest Access

• Easy Wi-Fi login, custom or social

• Zone-based, custom splash pages

Connect

Guest Experience

• Location-based push notifications

• App-based mobile engagement

Engage

Analytics

How CMX Works Built on Cisco Unified Access

An

aly

tics

Data

Controller (Virtual/Physical)

MSE (Virtual/Physical)

Analytics UI

Location Data

Device-based Discovery

Application Data

Mobile Application Server

Depending on Application Layer

Access Points

A Whole New World

After

Business Platform

Automated, Real-Time

Mobile Devices, Digital, Context-Aware

The Network is a Strategic Asset, IT has an Important Role to Play

Before

NETWORK ROLE

BUSINESS INTELLIGENCE

CUSTOMER ENGAGEMENT

Utility

Manual, Periodic

Face-to-Face, Print, Media Advertising

• Offered by Service Providers

• Cloud based

• Customizable portals, SSID’s and customer experiences

• Centralized asset management and visibility

• Targeted towards verticals such as Hospitality, Education, Government

• Subscribers centrally authenticated, but locally switched

• Web-portal based authentication (Username/password/vouchers)

• Rapid template based deployment

• Location specific analytics

What is managed Wi-Fi service (SP2B)

What is in it?

For SP:

• Rapid expansion of Wi-Fi presence

• Could based management / authentication

• License based solution (No hardware dependencies)

• All subscriber traffic is locally switched after authentication

• Additional revenue opportunity with customization

• Quick turn around (deployment templates)

• Reduced TCO

• Roaming (Social media logins / iPass etc)

• Integration with MNO’s (EAP-SIM / AKA)

For Customer:

• Outsource “Wi-Fi” services / support to a service provider

• Retain the ability to customize your subscriber experience

• Centralized management of all Wi-Fi assets

• Centralized visibility

• Location specific analytics

• No client dependencies

• Consistent subscriber experience

Architecture overview - Virtualization

Internet

Property-1

Portal

PI AAA

802.11 a/b/g/n

vWLC

802.11 a/b/g/n

Service Instance - 1

Service Instance - 2

vWLC

Web-authentication Transparent Auto Logon Accounting start / stop Customized portals Asset management Analytics Managed Services dashboard

WLAN Policy RRM Wi-Fi Mobility Rouge AP detection Client Link Band Select Wi-Fi security Flexconnect Cleanair DHCP WLAN / VLAN mapping DNS Portal redirection Session management Policy enforcement

Property-2 MSE

Services Combined

Internet

Property-1

Portal

PI AAA

802.11 a/b/g/n

vWLC

802.11 a/b/g/n

Service Instance - 1

Property-2 MSE

Private SSID Public SSID Offload SSID

Packet Core

Private LAN

PMIPv6

WebAuth

• All the benefits of Cisco AP’s (Clean Air, Band Select, HS2.0, mobility groups)

• Completely customizable SSID’s (Mix of Local / Centrally switched)

• Integration with existing Wi-Fi core networks (Billing, Policy, 4G/LTE, 3G)

• Managed and controlled by SP in the cloud – not outsourced to third party

• Carrier class including High Availability and LI (Lawful Intercept)

• Large scale automated AP on boarding

• Large scale, on-demand, rapid deployment

• CMX and location based services for customers

What’s different from other cloud based Wi-Fi?

Cisco Meraki SP2B Alternative

Cloud-Hosted Management Scalable, elastic,

on-demand infrastructure

MSP Dashboard Centralized management with

MSP-specific tools

Access hardware Wired, wireless, security

Customer Site

Customer Site

Customer Site

Services Summary

HotSpot Service (SP2C)

Wholesale for ISP (SP2SP) or Offload for MNO

Managed Wi-Fi (SP2B)

(v)WLC

WA

G AP

GGSN

Portal

NMS

AAA

MSE

AAA /HLR

LBS

APP

Social Login

Breakout

Breakout

Local LAN

PCC/LI

Hotspot/Venue Wi-Fi SP MNO

LICENSED SMALLCELLS

64QAM/

MIMO

16QAM

QPSK

64QAM/

MIMO

16QAM

QPSK

64QAM/

MIMO

16QAM

QPSK

64QAM/

MIMO

16QAM

QPSK

1 km

Macrocell (3G/4G) Voice coverage with

uniform bandwidth, but not always where people are

Limited data capacity

Sub-optimal delivery of high BW to POPs

High CapEx/OpEx: $400K

Poor spectral efficiency

New sites: Zoning issues

Femto Delivers targeted coverage

and capacity

Support high-capacity data

Precision delivery of high BW to POPs

Lower CapEx/OpEx

Good spectral efficiency

Low environmental impact

What Small Cells Can Deliver . . .

Source: O2 UK in Small Cells Summit, London June 2012

Source: O2 UK in Small Cells Summit, London June 2012

Cisco USC 5000 Series for

Aironet 3600/3700

Wi-Fi Integration

Cisco USC 8000 Series

Large Enterprise

Cisco USC 5000 and 7000

Series

Small/Medium Business

Cisco SON

Cisco USC RAN Management System

Cisco 8000 Series USC Controller

Cisco 8500 Series Wireless Controller

Small Cell Gateway Evolved Packet Core

Cisco ASR 5500 Series

Internet

Cisco Licensed Small Cells

Cisco USC 3000 Series

Residential

Autonomous coordination to form seamless grid of capacity and coverage complementary to macro layer

ActiveSON® automatic grid system

Small cell devices 3G/LTE/WiFi

Continuous adaptive behaviour ActiveRadio® dynamic self- organisation

Build | Activate | Download | Augment | Recover | Re-parent CloudBase® lifecycle management system

Meeting the Small Cell challenge

3G HSPA+ - 21Mbps/5.7Mbps

<100mW/20dBm EiRP 16 Active Users

• 16 User 3G Open Mode Module

• <100mW Transmit Power (same as ETSI 802.11)

• Compatible with 3600i/3600e Wi-Fi

• Power provided by the Aironet through PoE+ (IEEE 802.3at) or external PSU.

• R99 WCDMA Voice Calls

• HSDPA+ 21Mbps / HSUPA 5.76Mbps (Peak Rates)*

• Available in 3GPP I (Rest of World) and Band II/V (USA/LATAM)

USC 5310 - 3G Module for Aironet AP3600 Series

Product Offer – 3G + Wi-Fi

Capability 3G/HSPA + 802.11n

RF Band II/V or I 802.11n 2.4/5GHz

RF Power 100mW at Ant. Port

Antenna 1x1 SISO 802.11n 4x4 3SS / Beamforming

RF BW 5 MHz

Base Platform USC Software Platform

3G Throughput 21/5.7 Mbps HSDPA+ (peak rate)*

3G Feature Set 16 Active users; 200 idle ;3GPP R99 & R8 HSDPA+ ; Iuh / TR-069, TR-196v1, Open Mode

Mobility 3G Active CS/PS and Idle Mode Reselection

SON / HetNet 3G : Network Listen 802.11 : Clean Air

Power Supply Provided by the Aironet Product

Size / Weight 1.5L ; 1.4kg (complete unit)

Deployment Desk/Wall/Ceiling

AIRONET 3600

What’s next in SP Wi-Fi and SmallCells…

• Access Network Detection and Selection (ANDSF)

• Wi-Fi Location with Bluetooth Low-Energy (iBeacon)

• SmallCells SON

• Analytics and Dynamic Policies

• Virtualization of Core

Summary

• SP WI-Fi matured, ready for Passpoint implementation

• Business potential in SP2B, SP2SP and Roaming

• Wi-Fi Calling taking first steps to maturity

• Virtualization as enabler for Managed Wi-Fi with location based services

• Licensed SmallCells – simple deployment on top of Wi-Fi

• Cisco solution and products lead the market

Thank you!