Wi Fi in The 5G Era Strategy Guide For Operators v1 04 21
Wi Fi in The 5G Era Strategy Guide For Operators v1 04 21
Wi Fi in The 5G Era Strategy Guide For Operators v1 04 21
CARRIER
WI-FI WHITE PAPER
APRIL
2021
WWW.APTILO.COM
2
CARRIER WI-FI
THE AUTHORS
Wi-Fi and 5G are perfectly complementary for delivery of mobility (5G) and high-capacity
indoor coverage (Wi-Fi) - which is why the time for operators to embrace Wi-Fi as a
strategic technology of choice is now.
But it can be a challenge to navigate in this rapidly changing landscape, both in terms of
technology and business strategies. It occurred to us that operators lack a strategy guide for
Wi-Fi in the 5G era. And so we decided to write one.
Claus Hetting
CEO & Chairman Wi-Fi NOW
This is the world’s first strategy guide for operators who know that they will be required to CEO HETTING Consulting
rethink and renew their Wi-Fi strategies to address the challenges of the next decade.
In this paper we dig into the business models and technical architectures that allow service
providers to extract maximum value from vastly improved new Wi-Fi technology. We also
zoom in on how new Wi-Fi technology will converge with 5G.
Navigation
The number of pages may appear daunting. But fear not - you can click on any section or on
the table of contents on the next page to navigate to the individual sections. You can also Jonas Björklund
CTO
speed up your reading by clicking on the summary symbols. And you can always get back to Aptilo Networks
the table of contents again by clicking on the Aptilo logo at the top of each page.
To get more information on a subject, you may also click on the following symbols:
WWW.APTILO.COM
Click on the headings, subheadings and summary symbols below to go to 3
CARRIER WI-FI
that section. Click on the logo in the upper left corner to go back to this page.
123456
Carrier Wi-Fi's
role in 5G
• The challenges of
profitable 5G
Wi-Fi Technology
Developments
• Wi-Fi 6
Wi-Fi Industry
Initiatives
• WBA OpenRoaming™
Carrier Wi-Fi
Strategies
• How to build a carrier
Wi-Fi footprint
Wi-Fi and 5G
Convergence
• Opportunities today
Enea Solutions
for Wi-Fi and 5G
• Aptilo Carrier Wi-Fi
• Hotspot 2.0/Passpoint • Google’s Orion Wi-Fi • 5G and Wi-Fi • Aptilo IoT Connectivity
• Break organizational • Wi-Fi monetization integration
• Captive Portal API • Telecom Infra Project • Enea 5G solutions
silos strategies • Opportunities for the
• Multipath TCP
• How Wi-Fi future with ATSSS
complements 5G
WWW.APTILO.COM
4
CARRIER WI-FI
WWW.APTILO.COM
5
CARRIER WI-FI
WWW.APTILO.COM
6
CARRIER WI-FI
WWW.APTILO.COM
7
CARRIER WI-FI
Add to this the technical challenges that The indoor coverage challenge already exists in the case of 4G. For example: 20% of
mobile operators face with 5G: Because most buildings in the US are struggling with proper indoor coverage. The problem is exacerbated
5G services operate at relatively high radio in the case of 5G because of the higher frequency bands involved. Initially 3.1-4.9 GHz is a
frequencies, getting indoor coverage right by commonly used frequency range but 5G will also employ the millimetre band above 30 GHz
beaming in radio signals from the outside is a and at such frequencies, line of sight is required for signal reception. Already at the 5G
significant challenge. In the near field of an frequency of 10 GHz the only indoor coverage option is to place your receiving device as
antenna (within 1-2 m) the so-called coupling close to an untreated pane of glass windowpane as possible. Energy-conserving glass used
loss reduces the signal by 75% (-6 dB) for in many new buildings or other forms of treated glass panes will effectively attenuate the
every doubling of the frequency. In addition signal making indoor coverage more or less impossible.
to simple path loss the signal will meet
obstacles on its way and must finally
penetrate the walls of the building itself.
WWW.APTILO.COM
8
CARRIER WI-FI
WWW.APTILO.COM
CARRIER WI-FI
SUMMARY 10
WWW.APTILO.COM
11
CARRIER WI-FI
WWW.APTILO.COM
12
CARRIER WI-FI
Wi-Fi 6
During the past couple of years, the Wi-Fi This means that Wi-Fi performance - including
industry has been blessed with a series of capacities, data rates, latency, and more - as
extraordinary developments. Firstly, a well as Wi- i’s ubiquity and already broad
new and vastly improved Wi-Fi standard applicability are likely to expand by orders
(Wi-Fi 6) has been introduced into the of magnitude. Wi-Fi has in the course of
world. Secondly - and perhaps even the past twenty years grown to dominate
more importantly - a large or, depend- the indoor wireless space regardless of
ing on country, very large swath of whether you measure market presence
new spectrum has been allocated to by traffic volumes, numbers of devices, or
unlicensed use. Each on its own such number of coverage locations. XXXXXXXXX
developments would likely produce
surges in growth and innovation, as well The coming decade will see an unprecedent-
as torrents of new business opportunities. ed expansion of Wi- i’s dominant position as
But the timely confluence of the two leads well as a slew of new applications. Both will be
us to believe that the next few years will be driven by an abundance of new spectrum as well
characterized by an even more radical trans- as powerful - and highly affordable - new Wi-Fi
formation: Something akin to a paradigm shift in technology. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
connectivity.
A paradigm shift
in connectivity
WWW.APTILO.COM
13
CARRIER WI-FI
bps
Wi-Fi 6 is the newest generation of certified Wi-Fi™
atency ms
technology. Wi-Fi 6 is by a wide margin the most
Throughput
comprehensive and expansive reengineering of a Wi-Fi
standard ever. In fact, Wi-Fi 6 comprises so many new
features and performance boost that we have thus far G
only scraped the surface of what this new connectivity . G
WWW.APTILO.COM
14
CARRIER WI-FI
WWW.APTILO.COM
15
CARRIER WI-FI
It is also well documented that the rate of The rate of Wi-Fi 6 market penetration will be very fast, as evidenced by the curve above. By 2023 analysts expect the
market penetration and rollout of both devices vast majority of enterprise-grade access points to be Wi-Fi 6-capable.
and access points supporting the Wi-Fi 6 Source: 650 Group.
WWW.APTILO.COM
16
CARRIER WI-FI
WWW.APTILO.COM
17
CARRIER WI-FI
6 GHz Wi-Fi
by Country
One important aspect of Wi-Fi 6 in the 6 using wider channels and hence no real Used in 6 GHz band Used for
GHz band - dubbed Wi-Fi 6E by the Wi-Fi reason not to use them. As a result, Status as of
Alliance - is that only Wi-Fi 6E is certified average enterprise Wi-Fi data rates will be April 2021 500 MHz 1.2 GHz ILP VLP
to operate in the said spectrum and hence at least quadrupled. USA Full ●
no legacy Wi-Fi systems will be around to Brazil Full ● ●
generate interference within the new Wi-Fi 6E technology will in addition deliver
UK Lower ●
band. The quality of 6 GHz Wi-Fi services latencies as low as 2 milliseconds, which -
will therefore likely be close to that of as a starting point - will enable much more South Korea Full ●
cellular - except several multiples faster responsi e and ‘immersi e’ connecti ity Chile Full ●
than most current wide-area coverage 5G experiences, initially for gaming, fast video UAE Lower ●
data rates (with the exception of localized conferencing, AR/VR, and more and
Saudi Arabia Full ●
and outdoor mmWave-based 5G)1. eventually for innovative new wireless
enterprise applications. EU states Q2 2021 ● ●
The interference-free 160 MHz channels in ILP = Indoor Low Power
Wi-Fi 6E means that smartphones and In summary: Based on 480 MHz to 1200 VLP=Very Low Power
other mobile devices will be able to MHz of new unlicensed (free) spectrum,
operate at peak theoretical speeds of Wi-Fi 6E will, depending on country-
more than 2 Gbps or - says chipset maker specific regulations, deliver multi-gigabit
Broadcom - up to 1.4 Gbps at a distance of Wi-Fi speeds and capacities that by a wide
7 meters non-line-of-sight from a Wi-Fi 6E margin will outperform current cellular
access point. systems indoors. And now - for the first
time in Wi-Fi history - the application of
In new enterprise deployments the adage Wi-Fi 6 and 6E technology using OFDMA,
‘eighty is the new twenty’ will apply for means the quality of Wi-Fi services will be
Wi-Fi 6E: Standard 6 GHz Wi-Fi similar to that of cellular.
deployments will use 80 MHz channels
instead of the usual 20 MHz channels
applied today. This is because permitted 1 Current 5G data rates are somewhat of a mixed bag of numbers depending on disparate
power levels (in the US) are defined in frequency allocations across countries and continents. In the US wide-area and lower band 5G
data rates typically range from 50-60 Mbps while millimeter wave 5G by Verizon delivers up to
such a way that there is no penalty for 500 Mbps but only over a very limited area (as reported by OpenSignal, June 2020). The millimeter
wave 5G signal will generally not penetrate to the indoors. In other countries – such as Korea –
up to 350 Mbps of 5G speed have been reported. Wi-Fi 6E peak data rates for smartphones are
expected to exceed 2 Gbps with typical speeds reaching more than 1 Gbps even under non-line-of-
sight conditions within the home. WWW.APTILO.COM
18
CARRIER WI-FI
WWW.APTILO.COM
19
CARRIER WI-FI
Wi i E G
Enterprise onsumer
hipments
Most analysts believe Wi-Fi 6 and Wi-Fi 6E technology will be ramped up quickly and indeed faster than previous
generations of Wi-Fi, specifically because work-from-home connectivity today is business critical for ISPs and
consumers. Such factors will continue to play important roles as drivers of renewed connectivity demand as will
the continued growth in number of devices in the home as well as data consumption.
The next phase in the ramp-up and deployment of new Wi-Fi technology will then be enterprise and carrier-grade
APs and supporting systems. This evolution will happen a little later but also in parallel with the mass-market
deployment of home Wi-Fi 6 and Wi-Fi 6E gateways and systems.
In general, the IEEE 802.11 standardization working group is now aiming for a Wi-Fi technology renewal cycle of
five years, which means full market penetration of Wi-Fi 6 and Wi-Fi 6E into the enterprise and service provider
Wi-Fi markets will sharply rise and come to completion around 2025-26.
WWW.APTILO.COM
20
CARRIER WI-FI
WWW.APTILO.COM
21
CARRIER WI-FI
WWW.APTILO.COM
22
CARRIER WI-FI
WWW.APTILO.COM
23
CARRIER WI-FI
Passpoint exists in three sequential releases: For the first time Passpoint allows operators
to offer B2B customers a tool to engage with
Passpoint Release 1 (R1): The first release visitors. They can do this through a Venue
was introduced in 2012 and all the protocols elease ENG GE ENT U URL, which displays information about the
and standards mentioned above, including Wi-Fi service and at the same time provides
802.11u and ANQP, were included with the offers and local promotions. The R3 version
ability to discover Passpoint enabled elease ON NE GNU O U also includes features for end-users to
networks and automatically connect . u with N approve terms and conditions as well as
to the optimal one. elease E O OT OT . charges for the Wi-Fi service.
lready here since ll too many refer to this
as . or asspoint
Challenges still remain for onboarding of . x E Aptilo believes that Passpoint R3 may have
new devices. Users need to provision Pass- attempted to push the user engagement
point R1 credentials manually by down- used for secure communications between features one step too far. Deploying these
loading a special file that contains profile and the client and the provisioning servers. features through ANQP, locally in the access
credential information. Many service pro- points, will make it harder to maintain
viders use an app to make this process Passpoint R2 requires a separate SSID for central control especially in a multi-vendor
seamless for the user. More or less all mobile Online Sign-Up, either an open SSID or a so- deployment scenario. Because of the
phones and laptops supports Passpoint RI. called OSEN (OSU Server-only Authenticated challenges in management and lack of
This includes Apple iPhones, although Apple L2 Encryption Network). This version also device support there is a risk that R3 will
has never formally certified them. includes enhanced policy control for service never be implemented in carrier Wi-Fi
providers. Device support is very limited. networks.
Passpoint Release 2 (R2): Passpoint R3 also makes roaming much
Released in 2014 this version included the Passpoint Release 3 (R3): R3 was released quicker and easier as the client can indicate,
important Online Sign-Up (OSU) server in 2019 but has not yet been implemented to a Wi-Fi access point, its membership of a
allowing new users to create an account and in a single device (as of April 2021). This roaming consortium.
in a user-friendly way provision Passpoint version includes several new ANQP protocol Security is further improved in R3 with
credentials at the point of access. This elements and improvements in the interaction support up WPA3-Enterprise whereas R2
enables easy ad-hoc sign-up of new users, between operators and end-users. While and R1 only supports up to WPA2-
where they can select the service provider of previous versions have focused entirely on Enterprise. It is also possible to use the
choice if several options exist. To ensure that automatic connection and onboarding of same SSID for both the actual Wi-Fi service
the server is trusted, the client validates the the users, Passpoint R3 aims to enhance (WPA2/WPA3) and the online sign-up
OSU server certificate. Either SOAP-XML or captive portal functions, by leveraging (OSEN) functionality.
OMA-DM messages over HTTPS are then ANQP messaging.
WWW.APTILO.COM
24
CARRIER WI-FI
Conversely, it is probably true that devices In the next section we will discuss how
with R2 support that have not been Passpoint Passpoint R1 together with the new Captive
certified also exist, just as R1 is supported in Portal API may be the interim solution that in
iPhones without official certification. the end becomes the permanent pragmatic
solution for Passpoint enabled networks.
WWW.APTILO.COM
25
CARRIER WI-FI
WWW.APTILO.COM
26
CARRIER WI-FI
WWW.APTILO.COM
27
CARRIER WI-FI
It would make no sense to build special signup flows for the very
few, if any, devices that support an end-to-end Wi-Fi service based
on Passpoint R2/R3.
The user will then download and install the Passpoint profile in his
or her device with support from device specific instructions at the
portal. The next time the user connects he or she will automatically
connect through Passpoint on a secure SSID (802.1x). The Captive
Portal API can then be used for approval of terms and conditions
for new users or for existing users, if there is a need for an update.
The Venue Info URL can also optionally be used to display venue
specific information and promotions.
WWW.APTILO.COM
28
CARRIER WI-FI
WWW.APTILO.COM
29
CARRIER WI-FI
So-called Multipath TCP (MPTCP) Apple uses MPTCP to make sure certain
technology allows IP data traffic to flow apps - currently Siri, Maps, and Music - run
simultaneously over Wi-Fi and 5G as responsively as possible by applying
networks. The result are higher data rates, both Wi-Fi and mobile data services
much improved quality overall, and together and interchangeably. A couple of
gapless handovers between Wi-Fi and years ago Apple made their version of
cellular. MPTCP available for developers via an API
and thus far at least Amazon has chosen
However, MPTCP requires support both in pple’s T function for their lexa
the device and the application server or app.
web page it is connected to. This signifi-
cantly slows down the deployment of this There’s also now a standardi ed
technology. 3GPP function utilizing MPTCP
called ATSSS. Read more about
The only example of an existing this in our Cellular and Wi-Fi
commercial MPTCP implementation is Convergence chapter.
proprietary and resides within pple’s iO
and infrastructure.
WWW.APTILO.COM
CARRIER WI-FI
SUMMARY 30
Game-Changing Wi-Fi
Technology Developments
Wi-Fi 6 – A paradigm shift in connectivity
- Wi-Fi 6 features orthogonal frequency division multiple access (OFDMA), which includes cellular-style scheduling.
- OFDMA brings deterministic performance to Wi-Fi for the first time, especially in dense areas with many users.
- Up to 4x faster upload, 6x faster download, 4x better coverage and 6x longer battery life.
- The rate of Wi-Fi 6 market penetration will be very fast, by 2023 most enterprise-grade access points will be Wi-Fi 6-capable.
WWW.APTILO.COM
31
CARRIER WI-FI
WWW.APTILO.COM
32
CARRIER WI-FI
WWW.APTILO.COM
33
CARRIER WI-FI
WWW.APTILO.COM
34
CARRIER WI-FI
WWW.APTILO.COM
35
CARRIER WI-FI
WWW.APTILO.COM
CARRIER WI-FI
SUMMARY 36
WWW.APTILO.COM
37
CARRIER WI-FI
WWW.APTILO.COM
38
CARRIER WI-FI
WWW.APTILO.COM
39
CARRIER WI-FI
This is a fully operator-owned and Telkom Indonesia has been using Aptilo
managed Wi-Fi network. In this case the service management solutions for six years
operator owns and manages everything and counting. Good examples of effective
including on-premise Wi-Fi infrastructure, operator managed B2B Wi-Fi service
services, on-boarding, operations, etc. As offerings include the small business Wi-Fi
an example, Aptilo recently provided the services of Aptilo clients NOS Portugal and
Kingdom of ahrain’s atelco with a Swisscom.
service management platform, the Aptilo
SMP, for Batelco themselves to deliver top- For the most part, managed B2B services
quality managed venue Wi-Fi services (B2B provide excellent, high margin revenues.
and B2B2C) to their clients.
Service Wi-Fi
An example of a B2C network of this type Mgmt Hardware
is that of Telkom Indonesia, a giant telco
operating some 400,000 Wi-Fi access
points (including homespots) serving more
than 70 million users (this figure includes
businesses). OPERATOR
WWW.APTILO.COM
40
CARRIER WI-FI
The approach is required when operators want to extend their coverage footprint
and business scope simply because most venues already own and operate their
own Wi-Fi networks.
Conversely, in some cases Aptilo clients have acquired the Wi-Fi network
equipment belonging to certain important customers and locations so as to
convert the service to a fully operator managed B2B Wi-Fi.
Service Wi-Fi
Mgmt Hardware
WWW.APTILO.COM
41
CARRIER WI-FI
OPERATOR
WWW.APTILO.COM
42
CARRIER WI-FI
Service Wi-Fi
Mgmt Hardware
OPERATOR NETWORK
WWW.APTILO.COM
43
CARRIER WI-FI
WWW.APTILO.COM
44
CARRIER WI-FI
WWW.APTILO.COM
45
CARRIER WI-FI
WWW.APTILO.COM
46
CARRIER WI-FI
WWW.APTILO.COM
47
CARRIER WI-FI
Wi-Fi-based IoT
The opportunity for operators to
deliver connectivity services for
IoT devices has long been touted
as one of the most important o not include computers, laptops, xed pho cellphones or tablets.
ounted are ac e nodes/de ices or gateways concentra ng the end
growth segments in telecom. And sensors, not e ery sensor/actuator. and N not counted.
the number of wireless IoT devices
in need of connectivity is indeed
growing at an impressive rate. As
shown in the figure, IoT Analytics
forecasts a growth of the installed
base from 10.0 billion in 2019 to
30.9 billion in 2025. Ericsson’s
slightly more conservative estimate
predicts a growth from 12.6 billion
units in 2020 to a whopping 26.9
billion in 2026.
WWW.APTILO.COM
48
CARRIER WI-FI
WWW.APTILO.COM
CARRIER WI-FI
SUMMARY 49
Carrier Wi-Fi
Business-to-business (B2B) Wi-Fi is the foundation for building an indoor Wi-Fi footprint
- Community Wi-Fi and roaming agreements / third-party networks are other options.
- We advise operators to add a secure Passpoint-enabled connectivity across all these networks for subscribers.
By far the largest proportion of IoT devices use short range technologies such as Wi-Fi
- Approximately 7.5 billion out of a total of 11.7 billion IoT units as of 2020 are short-range and non-cellular.
WWW.APTILO.COM
50
CARRIER WI-FI
WWW.APTILO.COM
51
CARRIER WI-FI
WWW.APTILO.COM
52
CARRIER WI-FI
WWW.APTILO.COM
53
CARRIER WI-FI
WWW.APTILO.COM
54
CARRIER WI-FI
Untrusted non-3GPP (Wi-Fi) access was the device side because it requires an (EAP- / K / K ’ or G-AKA). This
first introduced in the Wi-Fi specification in IPsec client to be reside on the device. The provides the same level of authentication
3GPP Release 6 (2005). At that time Wi-Fi device is connected through a secure IPsec security as in the cellular network. It may
access points featuring advanced security tunnel directly to an IPsec Terminating also be a requirement to interface towards
features were rare. Hence Wi-Fi was Gateway in the Mobile Core, which in turn mobile core network policy functions. In
considered open and unsecure by default. is connected through an encrypted tunnel addition to authentication of the device,
Untrusted access includes any type of Wi- to the Packet Gateway. The Packet the SIM authentication process produces
Fi access that the operator has no control Gateway is used for both cellular and Wi-Fi cryptographic keys. These keys are used for
o er such as public hotspots, subscribers’ traffic. IPsec tunnel establishment and for
home Wi-Fi, and corporate Wi-Fi. It also encryption in the secure Wi-Fi
includes any Wi-Fi that does not provide This integration on the core network side network (802.1x).
sufficient security mechanisms such as also means that Wi-Fi service management
authentication and radio link encryption. platforms, such as the Aptilo Service
Management Platform™ (SMP), must
The untrusted model requires no changes interface with mobile core network
to the Wi-Fi network but has an impact on HLR/HSS/AMF for SIM Authentication
WWW.APTILO.COM
55
CARRIER WI-FI
WWW.APTILO.COM
56
CARRIER WI-FI
WWW.APTILO.COM
57
CARRIER WI-FI
This interface is used both for Cellular The N3 is the data plane interface 5G introduces a new principle for non-
and Wi-Fi (for 5G Capable Devices) and it between the access network and the 3GPP access: Simultaneous connections
is physically transported the same way to User Plane Function (UPF) in the 5G via cellular and Wi-Fi are now possible
the AMF as shown by the N2 interface. Core. The UPF is the packet gateway by using multiple non-access stratum
transporting data to the internet. (NAS) connections over the N1 interface.
The N2 is the control plane interface This is a prerequisite for the new ATSSS
between the access network and the 5G For Cellular, N2 and N3 connect the base standard and the same authentication
Core. It is primarily used for connection station (gNB) with the AMF. For Wi-Fi, procedures, EAP- K ’ and G-AKA, are
management, UE context and Protocol they connect the non-3GPP interworking used for both Cellular and Wi-Fi.
Data Unit (PDU) session management, and gateway functions (N3IWF, TNGF,
and UE mobility management. TWIF) with the AMF.
WWW.APTILO.COM
58
CARRIER WI-FI
A new protocol, EAP-5G has been The control plane (N1-N2) could also be The trusted WLAN Interworking Function
introduced in order to support NAS provided by one vendor while the data (TWIF) is a new 5G function for
messages over Wi-Fi networks. The IKEv2 plane (N3) is provided by another. interoperability with legacy devices.
and EAP-5G protocols are used to establish This is to resolve the contingency that
an IPsec tunnel for signaling during the The Non-3GPP Interworking Function some devices may support 5G SIM
registration procedure between the device (N3IWF) is the IPsec tunnel terminating authentication but do not support 5G NAS
and the interworking and gateway node for 5G similar to the ePDG for signaling over trusted Wi-Fi access. These
functions. The EAP-5G protocol is then integration with the 4G Core. It is located devices lack the support for the EAP-5G
used to encapsulate NAS messages over in the Mobile Core and communicates with and IKEv2 protocols. 3GPP refer to such
the IKEv2 protocol. the Access and Mobility Function (AMF) devices as non-5G-Capable over WLAN
control plane over the N1 and N2 (N5CW). The TWIF contains the NAS
Another interesting new principle is the interface. For the data plane it protocol stack and exchanges NAS
use of IPsec also for trusted Wi-Fi communicates with the User Plane messages with the AMF on behalf of this
networks. Why would you want to use an Function (UPF) over the N3 interface. type of devices.
IPsec connection - albeit with null
encryption to avoid double encryption - in The trusted non-3GPP Gateway Function The TWIF is located in a trusted
a secure Wi-Fi network? It turns out that (TNGF) is for 5G the equivalent to the environment, often the Wi-Fi Network,
implementations in devices and gateways Wireless Access Gateway (WAG) used for and communicates with the Access and
with dual support for both trusted and trusted access to the 4G Core. The TNGF is Mobility Function (AMF) control plane over
untrusted access will probably be easier to located in a trusted environment, often the the N1 and N2 interface. For the data
implement in this case. Add to this the Wi-Fi network, and communicates with the plane it communicates with the User Plane
benefits of a fixed anchor point in the Access and Mobility Function (AMF) Function (UPF) over the N3 interface.
Mobile Core to facilitate mobility and control plane over the N1 and N2
ATSSS. interface. For the data plane it Just as in the case of TNGF, the device
communicates with the User Plane is connected with the TWIF using
et’s now examine the new functions for Function (UPF) over the N3 interface. As an IPsec tunnel with NULL
non-3GPP access. Again, please note that discussed, the device and the TGNF is encryption.
these functions are not the same thing as connected using an IPsec tunnel with null
physical gateways. In practice, these encryption.
functions could all reside in the same
gateway.
WWW.APTILO.COM
59
CARRIER WI-FI
The new Access Traffic Steering, Switching & Splitting (ATSSS) function is the
‘Holy Grail’ of mobile data offloading, but its complexity and reliance on device
support means it will likely take years to come to market.
WWW.APTILO.COM
60
CARRIER WI-FI
Will new and better technology and The capability of such apps or hidden
standards for automatic network selection clients must include at least the solutions
and intelligent convergence between to the following current imperfections in
mobile and Wi-Fi services be developed for switching between Wi-Fi and mobile
the mass market of the future? The short network access:
answer is probably yes. We will address
one of them here, namely the newly • oiding unintentional ‘walk-by’
released Access Traffic Steering, Switching switchover to public Wi-Fi which could
& Splitting (ATSSS) as introduced in 3GPP produce a poor user experience or even
release 16. intermittent loss of connectivity.
But the answer is also that for the most • Policies and thresholds should
part such technologies - including automatically reject or accept handoff
Passpoint with SIM authentication - to Wi-Fi and/or back to cell sites if
already exist. These may not be ideal but either is congested.
are still extensively field-proven and work
well enough to have already been
implemented by dozens of major carriers.
WWW.APTILO.COM
61
CARRIER WI-FI
WWW.APTILO.COM
62
CARRIER WI-FI
WWW.APTILO.COM
63
CARRIER WI-FI
WWW.APTILO.COM
CARRIER WI-FI
SUMMARY 64
Two standard options for non-3GPP (Wi-Fi) Access – with backhauling to mobile core
- Untrusted: A secure IPsec tunnel is established between the device and a gateway in the mobile core.
- Trusted: The device is in a trusted secure Wi-Fi network, connected with the mobile core through a trusted gateway.
Standards will only be implemented if there are good commercial reasons for it
- Most mobile operators today are using SIM authentication and then just non-standard local break-out and policy control.
- The non-3GPP access which backhauls traffic to the mobile core is mainly used for Wi-Fi Calling, using the untrusted method.
WWW.APTILO.COM
66
CARRIER WI-FI
WWW.APTILO.COM
68
CARRIER WI-FI
WWW.APTILO.COM
69
CARRIER WI-FI
E T
acket . x
Gateways . lient
Enterprise n
cer cate
O E O E TNE O E TO
Aptilo IoT Connectivity Control Service™ (IoT CCS) is a Aptilo Zero-touch Wi-Fi IoT Connectivity™ uses existing
unique cloud-native solution from Enea. It adds a flexible device certificates to auto-authenticate and connect
layer of IoT security and policy control on top of any mobile Wi-Fi IoT devices to a Wi-Fi network. Devices will securely
infrastructure. Delivered as a service on Amazon AWS, mobile auto-connect to the Wi-Fi network when switched on for the first
operators can go beyond traditional IoT connectivity and provide time and will continue to auto-connect as required. The solution
secure, unified and programmable global IoT connectivity. They interfaces with IoT platforms, currently Amazon Web Services
can allow customers to control authentication, security, policies (AWS) IoT Core, for access to databases with x.509 certificates,
and global connectivity from a single user interface. Manual used for secure management of the device. If the certificate
setup of a secure private connection (APN) typically takes weeks. matches, the device is granted access to the secure 802.1x Wi-Fi
With Aptilo IoT CCS multitenancy virtual APN in place, network through EAP-TLS authentication. A prerequisite is that
enterprises can create their own APN connections in a matter of the device is trying to connect to a ZeroTouch SSID or Passpoint
minutes. service. Aptilo is actively working with IoT chipset vendors such
as Esspresif to implement this as a default feature.
WWW.APTILO.COM
70
CARRIER WI-FI
Enea 5G Solutions
WWW.APTILO.COM
71
CARRIER WI-FI
WWW.APTILO.COM
72
CARRIER WI-FI
WWW.APTILO.COM
73
CARRIER WI-FI
WWW.APTILO.COM
CARRIER WI-FI
SUMMARY 74
Enea 5G Solutions
- Enea offers 5G functions both in the Network Data Layer (UDR + UDSF) and in the Control Plane (5G EIR, NEF, AUSF, PCF, UDM)
- Avoid vendor lock-in with the cloud-native 5G solutions from Enea which offers a clear separation between the network data
layer and applications. Platform agnostic architecture that supports any PaaS, private cloud, and public cloud deployment.
WWW.APTILO.COM
75
CARRIER
WI-FI
About Aptilo Networks About Enea
Aptilo Networks, an Enea company, is one of the Enea is one of the world’s leading suppliers of
world’s leading providers of Wi-Fi service innovative software for telecommunication and
management solutions and cloud-based IoT cybersecurity. Focus areas are cloud-native, 5G-
connectivity control services. The company has ready products for data management, mobile
delivered software and services to more than 100 video traffic optimization, edge virtualization, and
operators that serve tens of thousands of traffic intelligence. More than 3 billion people rely
enterprise customers, and hundreds of millions of on Enea technologies in their daily lives.
end-users and devices.
Enea is headquartered in Stockholm, Sweden,
and is listed on Nasdaq Stockholm.
WWW.APTILO.COM WWW.ENEA.COM