Mobile Service Providers are missing a Key Security Issue - And it is not DNS
#MWC15 Barcelona is a great city, but with 100,000 people coming to the city for Mobile World Congress, it is expected that the criminals will come in force to prey upon these unwary travelers. When I travel, I am careful to protect myself from unsavory acts such as pickpocketing or physical attack. I avoid areas that may be dangerous and I take care to protect my personal belongings from theft such as keeping my wallet in my front pants pocket. But it is easy to become complacent and forget about possible ways to become a victim. When I am walking down a street, it is natural for me to have my phone out to look at the map for directions or use another service. My expensive smartphone is now out in the open for someone to run by and grab it. They will be gone before I even have a chance to react. Smartphone snatch and grab theft via The Times Mobile service providers are concerned about protecting their networks from DDoS attacks and intrusions that either degrade the performance of their network or expose sensitive information about them or their subscribers. One of the most common points of concern for the service providers is the DNS infrastructure. Every mobile operator has been hit by some DNS attack in the past, whether they are willing to admit it or not. Most service providers have implemented some level of protection against DNS attacks. But it is not only DNS that mobile service providers should be worried about. Many mobile operators have rolled out, or are rolling out Voice over LTE (VoLTE) services to deliver voice calls over the data network. To enable the VoLTE service, they need to have an IMS infrastructure in place to handle the SIP signaling to connect and monitor the VoLTE call status. Traditionally, before VoLTE, this IMS network has been closed and not accessible from the subscriber devices directly. Unfortunately, VoLTE changes that. VoLTE requires the smartphone to generate SIP messages to initiate a phone call. These SIP messages are sent to the IMS infrastructure intact. This means it is just a matter of time for malicious hacker to generate fake SIP messages that can reach the IMS services to deliver a DoS attack, obtain unauthorized services, or possibly even gain intelligence about the service provider’s subscribers or network configuration. Mobile service providers need to take a hard look at this portion of their network. They need to determine what needs to be in place in terms of security services such as an application-aware firewall, and/or DDoS protection solution to protect this newly exposed critical component of their infrastructure. Using a smartphone has changed my vulnerabilities and habits in the same way is VoLTE is forcing mobile service providers to re-inspect all aspects of their network as it changes the fundamental models that they have become accustomed to.262Views0likes0CommentsLTE: Context is King
The ubiquity and influence of LTE is intensifying by the day. According to the 2014 Ericsson Mobility report,65%of the world's populationwill be covered by LTE in 2019, with data trafficin theCentral Europe, Middle East and Africa (CEMEA) region alonesetto increase 11-fold between2013 and 2019. But while service providersaren’t exactly shy to trumpetLTE’stransformational credentials,few are equipped to bestmonetise the technology and cope with both soaring data and complexity of consumer demand. One of the major issueshereis thatevery subscriber, application, and device is currently treated in the same way and, when the network getsclogged,servicequality takesan inelegant nosedive. Operators need to rethink their strategie to cope withthe data conundrum, continual demands for improved quality of service, as well as increasingly diverse device mixes, usage patterns and advanced policy-based services. In particular, an efficiencystep-changeis required whenit comes to managing unpredictable changes in traffic.This means collectingand analysingreal-time data on networkload and performance, as well as subscriber activity,andrelating it all backto policy. In other words, context is king. One of thebestways service providers can up their game is byadaptingto exponential increasesinsignalingtraffic using Diameter,which isthe protocol that enables network elements to communicate with each other to coordinate and optimize end-to-end transmissionfrom the internet to mobile devices.Thisis the foundation to establish context, implement charging, and leverage traffic and services management. Domain name system (DNS)protection is also going to bevital indeliveringabest-of-breed and reliableservice.For example,to protect the network againstdistributed denial-of-service (DDoS)attacks and other sudden surges in DNS traffic, operatorsmust be able torapidlydetermine and mitigatethreatsto minimise network disruption.In order to tackle theemerging challengesassociatedwith traffic growth and malicious activity configuredto hobblemobile infrastructures, operatorsare likely to turn totools like IP-client rate limiting. These cancontrol traffic surges, and DNS caching can reduce the load on the DNS server.Furthermore,DNS processing complements Diameter functionality to optimize message routing to provide scalability. Network Functions Virtualization (NFV)smarts are another up and comingmust-have,making it easierfor operators toaggregateinformation from multiple sources andachieve aplatform withthe right level of scalabilitytobest leveragecontext-aware data. Operatorssimplycannotafford toremain aloof, complacent and disconnected from the user-experience any more. While they might be catering to consumers in the same area, their needswill alwaysvary wildly.Clunky and presumptuousone-size-fits all approaches aredefinitivelyon the way out,and things like intricately tailored, geolocation-driven serviceswill become the norm. Encouragingly for all concerned,we arenow entering an era of service provision that has the potential to becomefarricher personalisedand differentiatedthanever before, allwhile utilising network resources withutmost efficiencyand delivering sound ROI. (Originally published in CommsMEA)171Views0likes0CommentsThe Pressing Problem of Signaling Surges in LTE
Ben Volkow, VP of F5 Traffix, was selected among the attendees of LTE World Summit in Barcelona, Spain in May 2012 to be interviewed about the pressing problem of the signaling surges in LTE networks. Listen to what Ben had to say…when in Spain.164Views0likes1CommentLooking for gold under a standard DRA
People have often told me that I should share some of the content of my discussions with customers. So here goes: While speaking to a customer I begin to reflect on why DRAs (Diameter Routing Agent) usually interest core network signaling engineers as they are the ones who are building the Diameter signaling network and require a solution for optimal network scaling. Our conversation focuses on how much more efficient, smarter, flexible, cost effectively, and securely we can manage the signaling load for Diameter messages and other protocols. Most people who are involved in mobile broadband or LTE are not that interested in Diameter signaling. At least I find this to be true when I address Diameter directly in pure technical language. However, when I speak about what great things we can do by using the information contained in every signaling message, you get a complete different conversation, and an interested audience. Typically, when discussing Diameter signaling the interest is in terms of what a DRA and DEA (Diameter Edge Agent) should be able to do according 3GPP and GSMA specifications. But as there are now more vendors claiming to have a DRA/DEA (although only a few are actually deployed) … customers are usually surprised at the possibilities of adding services, increasing security, and optimizing the network when deploying a DRA. If we rename DRA/DEAs to more of a smart proxy (or charging controller), meaning a function that can look inside a message and make decisions on message content, while looking from the application level downward (remember Diameter is an application layer protocol), you get a completely new field of opportunities. The people working on an operator’s commercial services side understand that their customers are generating more and more traffic. And they have been notified that this traffic congestion can be a huge challenge for their network people to manage properly. (In fact this is the ‘standard’ technical DRA discussion) However, when an element like a DRA is inserted in their network to manage the signaling load, here we see the added value of a DRA to look into application specific aspects. Here are some examples that have been well received by services/commercially oriented people. Example 1: Offloading from OCS resources When a prepaid customer is out of credit, it usually takes quite a few re-attempts before the customer or application realizes that there is no credit left and that is the reason the requested service is not working. However, during this process, there has been lots of signaling messages generated to communicate in “Diameter language Gy” that there is zero balance left, and these messages use the resources of an OCS (Online Charging System). But by looking at the Diameter message in a smarter way (e.g. with application view) you can proxy the OCS for this very simple function and optimize its resources for use by only revenue-bearing messages. This is what our SDC does, the Signaling Delivery Controller for Diameter management. Example 2: Rollout special campaigns at lightning speed If a DRA is deployed to sit in front of an OCS to protect it for problems like overloading, this same DRA node can enable a quick rollout of special marketing campaigns without even touching the existing OCS and its surrounding provisioning system. This news would make your marketing team extremely happy as currently, they must wait for long development times plus each new service is weighed against high costs. For example, if you want to offer a specific segment of customers or devices a special offer such as free minutes on a public holiday there no need to bother the OCS. A smart DRA can do the job quickly and at minimal cost. Example 3: Speak all dialects of Diameter Our customers know that our SDC “speaks” all the Diameter dialects that the various vendors have implemented (more than 50 at this writing). And if that wasn’t already enough, it also “speaks” to other protocols like SS7, RADIUS, LDAP, etc…. All this information is all very interesting to technical people but not to marketing services and commercial people. However, I explain that by speaking the same language, new services and promotions can be offered much faster and more cost efficiently. Plus the fact that these offerings will also increase signaling traffic without any negative impact on the network so the network engineers won’t get angry. In fact, it’s a pure “win/win” as it is the traffic you want to generate because it brings revenues and creates customer loyalty. In summary, my discussions usually leave people pleasantly surprised with the knowledge of the added value of our smart Diameter solution, known as the SDC. . It is not just another award winning DRA/DEA but a platform that is the starting point of application-relevant signaling management by giving you access to the gold that is inside the signaling messages… so don’t hesitate and contact us, surprise us and we will surprise you!290Views0likes0CommentsConsolidating L4-L7 functionality on the Gi LAN
In a recent article we discussed the value of having an intelligent traffic steering platform on the Gi LAN to optimize the utilization of VAS platforms such as video optimizers, transparent caching platforms, parental control systems, etc. In this post we will review the other platforms on the Gi LAN, and what is happening in the industry to get to a much simpler, more scalable and more cost effective architecture. Inline between the PGW/GGSN and the internet peering router mobile operators have been deploying point product solutions from different vendors addressing a variety of business as well as technical requirements. DPI platforms are used for application analytics and policy enforcement, firewalls are used to protect the radio network and the subscribers, CGNAT platforms are used to address the IPv4 address exhaustion issue and routers are used for static port forwarding towards the VAS services complex. With the continuous growth of data traffic in mobile networks, operators are starting to face some challenges with the scalability of these Gi LAN architectures. In the current environment each of these different platforms will reach it’s capacity limit at a different point in time, leading to constant upgrades and redesigns to keep the network up and running. Clearly, having less platforms inline in the data path would result in clear benefits, provided such a consolidated platform meets the necessary scalability and performance requirements for each of the functions it provides. A consolidated L4-L7 platform that embeds all these functionalities such as firewall, CGNAT, intelligent traffic steering, policy enforcement, header enrichment, TCP optimization and DPI/URL classification in a highly scalable solution is what mobile operators are looking for. Depending on operator business policies, sometimes not all functionality can be collapsed onto a single physical platform. For example an operator’s internal security policy may dictate that security functions have to remain on a standalone platform. But even in those environments going from 4-5 platforms to just 2 platforms is a big step forward. Less platforms means less operational overhead and fewer operating systems and vendors to manage. It also means a simplified architecture which is less prone to errors and hence leads to increased stability. And last but not least new services are also much easier and faster to introduce in this architecture. Consolidation is not a new concept. In the 2005 to 2010 period the routing industry has gone through a massive transition, moving from dedicated platforms for L2 services, L3 services, BRAS/BNG, etc. to a consolidated “service router” model that embeds all of these functionalities in a single platform. The L4-L7 industry is now going through a similar transition and F5 is one of the leaders in this transition, consolidating the most commonly deployed L4-L7 functionalities on the same platform and giving mobile operators the tools to significantly simplify their Gi LAN architecture. The service provider industry has completely embraced and adopted the “service routing” concept in the last couple of years, so there is no reason why this industry wouldn’t embrace the L4-L7 consolidation concept going forward. In some ways the L4-L7 consolidation concept provides even more benefits than the L2-L3 consolidation. In the L2-L3 consolidation model a subscriber’s traffic stream typically only gets processed by one of the L2-L3 functions (e.g. you get either an L2 VPN service or an L3 VPN service but not both at the same time). In L4-L7 architectures a subscriber’s traffic stream may pass through multiple devices in series, like a DPI platform,a firewall and a header enrichment proxy. Each of these platforms have to go all the way up the protocol stack to provide their specific part of the L4-L7 functionality. In a consolidated L4-L7 platform you only have to walk up the protocol stack once, and the system will plug in the desired functionality at each level of the protocol stack on either side of the platform. The rise of LTE and the effects it has on the traffic volumes are driving mobile operators to rethink their Gi LAN architectures, both from the perspective of the VAS services complex as well as from the perspective of consolidating some of the L4-L7 functionality that is present today. And with NFV around the corner, things will only get more interesting.242Views0likes0CommentsOptimizing mobile VAS service platforms with intelligent traffic steering
One of the challenges introduced by the rollout of LTE is the enormous increase in data traffic that gets transported across the mobile core network. Studies have shown that LTE users, in addition to enjoying higher bandwidths, also consume considerably more data than 3G users. These scalability challenges are forcing mobile operators to review their Gi LAN network architecture and how the value added services (VAS) infrastructure elements plug into that. Traditionally mobile operators have been steering traffic into their VAS platforms (e.g. video optimization, web optimization, transparent caching, parental control, etc.) in a very static way using policy based routing (PBR) as presented in the figure below. The advantage of this traditional port-based steering approach is that it is relatively simple to manage and configure. The disadvantage however is that economically this model is difficult to maintain with the constant increase of data traffic in mobile core networks. The VAS platforms are among the most expensive data processing components in the entire network, so mobile operators are currently looking for ways to optimize the utilization of these platforms in their networks. In the current architecture each of these VAS platforms are receiving data for which they are not providing any value. As an example, the video optimizer platform will receive traffic that isn’t video (a lot of port 80 traffic is plain web traffic), plus the mobile operator may have use cases where some video streams don’t need to be optimized. Instead of pushing all that decision logic into the different VAS systems, a better approach is to change the static port 80 steering logic into a more dynamic context-aware intelligent steering logic (please see figure below). This intelligent steering logic is able to take contextual decisions on a per flow or even on a per HTTP transaction basis about which VAS service(s) each flow or HTTP transaction needs to be forwarded to. Some flows may actually have to be passed through multiple VAS platforms which results in service chaining. The goal of this new architecture is to make optimum use of the VAS services that are deployed. The intelligent steering logic is fully controlled using operator defined business policies that can take inputs from a PCRF (subscriber-based steering logic), from Radius transactions (e.g. radio access type steering, device type steering, … ), from third party APIs (e.g. congestion based steering) and from the data packet content (e.g. content-based steering) all of which provide ‘context’ to the flow. An example of a statically configured intelligent steering policy that applies to all traffic on the Gi LAN is shown below. The goal here is to bypass the video optimizers whenever the subscriber is connected to the LTE radio network. As soon as the subscriber falls back to 2G or 3G coverage, his video streams will be steered through the video optimization platform. This architecture allows the mobile operator to keep the network as it was functioning before for their 2G and 3G users, without having to pass through all the LTE traffic through the same VAS services if that is deemed to be unnecessary. Another example which includes service chaining for some subscriber traffic flows is the following scenario. In this use case the mobile operator wishes to continue using traditional port 80 forwarding for all mobile traffic to a video optimization platform, while adding a parental control service which needs to be activated only for subscribers that have opted in to that service. A PCRF is used in this architecture to push down the subscribers’ traffic management policies into the intelligent steering device. User A has subscribed to a parental control service and therefore the PCRF will point to a service chaining policy that will steer that particular subscriber’s port 80 traffic to both video optimization and parental control platforms. User B on the other hand will only have his port 80 traffic steered through the video optimization VAS service. There are many other use cases but the above examples clearly demonstrate the flexibility of having an intelligent traffic steering platform inline on the Gi LAN interface. Not only do these advanced steering policies help mobile operators to cost optimize the utilization of their VAS platforms, they also allow for a rapid introduction of new services without having to re-engineer the entire network. The intelligent steering platform takes a central role by managing, steering and orchestrating all traffic flows in the mobile packet core towards the VAS services infrastructure and helps to reduce the total cost of ownership of the Gi LAN architecture. In addition to intelligent traffic steering other functionalities that are typically present on the Gi LAN could be consolidated. But that’s the subject of another article.413Views0likes0CommentsThe Top Ten Requirements to look for when selecting your Diameter Signaling Controller (DSC) for your IMS/LTE Network
There are many important aspects, features and technologies to be aware of when you are deploying an IMS or LTE network. Here is a handy check list for key requirements to look for before you begin your “shopping” for Diameter signaling management solutions referred here as a DSC. 1. An intelligent signaling management solution that routes, manages, load balances and protects signaling from overloads in 4G LTE, IMS and 3G Networks by including a DRA, DEA, IWF (InterWorking Function, Gateway) and load balancer that operates between DRA/DEA instances for maximum scale and complete reliability. 2. A DSC that supports all Diameter interfaces (to date 52) and seamless support for new ones. 3. A DSC that supports the full range of message-oriented protocols for routing and transformation (e.g. SS7, RADIUS, HTTP/SOAP, LDAP, GTP’, JMS). 4. The greater number of IOT with other vendors and the widest range of interworking functions (Diameter — Diameter and Diameter — legacy protocols). 5. The highest performance and value/cost ratio. 6. Get maximum routing flexibility that can be based on any field (AVP) and scalability to grow your network seamlessly. 7. Comprehensive network protection with enhanced congestion, flow control and signaling prioritization mechanisms. 8. Full visibility at the message level into your control plane for network analytics, an integrated management system that prevents traffic congestion and offers you network KPIs, and a full Diameter testing suite for operational continuity. 9. Context-aware intelligent routing that works seamlessly with subscriber management elements for dynamic subscriber data that can be deployed in an Active/Active mode. 10. Any Diameter solution you select should be backed by a financially strong company that offers expertise in carrier deployments delivery and ongoing support both globally and locally, and deep experience in both network and IP to ensure smooth integration between IT and core networks. ****And most importantly, make sure all you can check on all the above features in the field or lab, and not just on paper.227Views0likes0CommentsWhat is Intelligent Roaming?
Roaming means you connect with an operator in the country in which you are visiting: What can make it intelligent? When you are traveling abroad the last thing you want to worry about is loss of service from your mobile phone. And you also don’t want to start worrying about your next bill. Now that LTE is here, why can’t you just enjoy fabulous data speeds while downloading or watching a video and forget about the costs. Wouldn’t it be great if you could simply enjoy the local culture, exotic cuisines, colorful scenes and sit back and chat, talk and video about all these with your friends and family back home?!! Many people don’t realize what roaming entails and what it means for both the user and the telco operator. Apart from the basic concept of throwing your smartphone or other devices in your carry-on luggage there is a lot of technology that supports their operation. Currently, there are over 100 networks live with 4G capabilities offering subscribers rich experiences while at home. Undoubtedly, 4G subscribers expect the same quality and level of service to continue while they travel abroad. However, if you would have looked “behind the scenes” even way before 4G, enabling roaming required SS7 supported signaling for just voice and text messages in visited networks. With the evolvement of 2G/3G data, these roaming capabilities have become even more complex. For SS7- based roaming, there are some very good intelligent roaming solutions available. Many, if not most, operators use them. Typically they are based on so-called OTA (over the Air) mechanisms to remotely control the preferred visited network list. They are often enhanced with SS7-based network traffic steering. The OTA mechanism tells the SIM what is the order of network preferences for logging on. Usually, the SIM memory for this list is limited, so that in practice, the selection of visited networks can change frequently. Therefore to direct the roamer’s selection, a network traffic steering mechanism is often used which ignores attempts of a roamer to locate a specific network that is not among the top preferences of the home operator, forcing the handset to select another network until it either gets to the preferred network or selects the second best available network. This solution works because the signaling is sent back to the home network, enabling the home operator to decide the preferred network in real-time for each subscriber. Customers benefit as the best quality can be selected. However, the main driver behind this mechanism however, is that the home network can select the visited network chosen for the best negotiated price (even if this price can change on a daily basis in theory, but usually every few months contracts are agreed upon for a price per minimum volume). One important note is that with always-on services, like Blackberry email push, once the visited network has been selected, there is minimal chance that the roamer can update to another network. The selected network is completely invested in keeping roamers hooked in. And typically this happens with high usage, always on, high value roamers. Now we are entering the LTE/4G roaming era in which we have a fundamentally different situation. For the subscriber with a 4G smartphone, it doesn’t mean that much changes as the phone also supports the frequencies of the visited network. Operators want it to look simple and “just make it work.” The important technical change is that in LTE there is no longer use of SS7 signaling. Now Diameter is the chosen signaling protocol for mobility management (and for other functions like policy control, charging and more). Another major technical difference in LTE is that there is always a default bearer active, so that all smartphones/devices will be always on. Diameter-based Intelligent Roaming Take the scenario of a visited LTE network and assume the visiting customer has an LTE/4G supported device for that network. Also assume that there is a commercial LTE roaming agreement in place, and the roamer wants to use his smartphone just as he did in 3G technologies. The <!--ZZZLinkBegZZZ-->GSMA <!--ZZZLinkEndZZZ-->has defined how roaming for LTE should work commercially and technically. So in theory, there is nothing else needed other than implementing what the GSMA has defined. But now we get to the real unique value that can be added to the roaming experience. Here is how in a very intelligent way, the home network can remotely control the selection of the visited network by a specific subscriber. Here is how to force the device to reselect the network it originally selected, even overruling attempts by visited networks to capture the revenue generating customer. In addition to what was already possible in an SS7 based network, where a specific device could be steered to register to a preferred network, now there are customer, device and service-aware intelligent roaming capabilities. Since the intelligent roaming solution is configured as an application on the Diameter Agent functionality (DRA) that is required per GSMA guidelines (as per IR.88), it has full visibility of what’s going on in a specific device. It “sees” what services are being used and how “active” those services are. In other words, a network operator has real-time access to the signaling supporting policy control (typically Gx and/or S9 interfaces) and charging functions (typically Gy or related interfaces) while roaming. In addition, it has visibility to the service quality and the availability of all potential visited networks at any given moment. Simply put, we have a complete set of information to make the smartest decisions at any specific moment. So the operator can make decisions as to the best service selection for every roaming smartphone/device given all the business and operational alternatives available. The criteria used to decide to which network to connect is a real differentiator for the home network. The different factors can range from best quality to best price. The home network now has the power to control the redirection of high value traffic. This is possible even following the initial selection of a visited network. So at any given moment the home network can decide to interrupt the active default bearer or any other active link. With this capability the home network has full control of the revenue it can generate on a specific visited network. This capability of controlling the assigned traffic also allows the home network to negotiate a better price than when the home network will generate revenues almost at random for the visited network. With this capability, we’ve made a major jump in the roaming value chain. And keeping in mind that the global roaming market size is about 45 Billion (see reference 1 by <!--ZZZLinkBegZZZ-->Visiongain<!--ZZZLinkEndZZZ-->), the value of controlling the use of a specific visited network or minimizing the use a specific network is huge. Operationally speaking, when other traffic on the visited network, either generated by the visited networks’ own subscribers or by other visitors, cause the visited network to behave below a certain expected level, the home network can select an alternative network. In this way an operator can deliver a truly premium service to its own customers, according to the service agreements, customer and application experience for any individual customer, device and service. By deploying a Diameter Router (DRA) with intelligent roaming capabilities in addition to the GSMA required Diameter Edge Agent (DEA) functionality, operators can benefit from real-time control of the user experience while roaming abroad. And this benefit continues regardless of the time or service used by customers and devices. Diameter signaling and its unique position in the network for total visibility make this possible. 1 Visiongain has determined that the value of the global roaming market in 2012 will reach $45.1billion.527Views0likes0CommentsHow Town Planning Is Like LTE Network Planning
Imagine, if a small town consisting of one main road, a few arterial roads with the traditional system of traffic lights, one day woke up to a new reality. Overnight the town residents were shocked to see thousands of new business moving in, bringing with them many more residents, constant commercial activity and of course, a higher volume of vehicle traffic. Should the town’s first move be to add more houses and streets? Think again – adding only these elements without the necessary additional infrastructure would simply increase the congestion and inefficiency of the roads. It’s the same in a network. Just adding bandwidth or spectrum can’t solve today’s sudden surge of more activity of thousands or hundreds of thousands of smartphone subscribers using their mobile data for most of their awake hours. The town needs to revamp its traffic light system just as the network – now filled with new elements and fragmented from the data strain and new services, needs to upgrade its signaling – and in 4G this means its Diameter signaling. And what does upgrade mean? Well let’s go back to our town. If once upon a time, the town’s planners would have simply added more streets and traffic lights, today they would consider an advanced traffic direction and management system that operates according to the traffic flow for maximum optimization. Cars that might once have gone down main thoroughfares will now be directed down alternative paths, balancing the load between roads. So too, network architects must include Diameter solutions such as DRAs for intelligent, dynamic routing, load balancers for unlimited scalability and network control, and Diameter gateways for instant connectivity with legacy elements. You wouldn’t want to live in a town whose infrastructure hasn’t kept up with its growth would you? Well, why would you subscribe to a carrier whose network hasn’t kept up with your needs for reliable and fast service?190Views0likes0CommentsThe State of the LTE Market Today
One of the main success factors of LTE roll out and LTE services is the quality of an operator’s Diameter signaling solutions. Allow me to explain. Today, LTE devices, including smart phones, tablets, dongles etc. are generating an unprecedented volume of signaling, up to 100x the amount of signaling we are used to experiencing in legacy networks. Signaling is the network’s internal communication system, and the language that signaling “speaks” in LTE is called Diameter Protocol, an IP-based stream control transmission protocol. The Diameter Protocol plays a connecting and routing function among LTE networks and inside the network between the different network nodes. Diameter exists everywhere in the network, for example among enabling elements for policy management and enforcement, billing & charging, authentication, mobility management, and roaming services. LTE was designed on the drawing board as greenfield technology, replacing existing legacy 2G, 2.5G, and 3G networks and building new 4G networks from scratch. Keep in mind however, that in telco there tends to be more evolution than revolution. So, in practice, next-generation elements are deployed side-by-side with existing legacy network functionalities. This two-generation hybrid complicates the network by filling it up with a patchwork of technologies, interfaces, and protocols. And this complication—referred to as network fragmentation—is extremely costly if not handled properly. Minimally, it requires connectivity between the LTE interfaces, protocols, and elements, as well as connectivity between the new and legacy components. In addition, there is the huge task of simplifying this network spaghetti, and only a robust Diameter signaling router can succeed here. Now back to the LTE devices. Many are designed with power-saving mechanisms to preserve battery life. However, simply touching the device catalyzes signaling. Many consumers leave several applications open, such as mobile games and social networking sites—and this causes constant, massive signaling. The “always-on” state of LTE devices is constantly pinging the network with signaling, creating a greater volume of signaling messages than ever experienced by a network. The high level buzz around LTE speaks about an enhanced multimedia, personalized, and interactive experience. More specifically, LTE is expected to deliver advanced services and charging schemes such as family data plans, tiered data plans, video optimization, and faster speeds of mobile data. Each one of these improvements involves complicated “back-office” support in the network. Each LTE service comes with a complex navigation route among network elements like PCRFs (policy charging & rules function) that tell the network what level of data plan has been purchased by the subscriber; OCS (online charging system) elements needed to serve prepaid customers; and BSS (business support systems) elements that are connected to data centers across vast geographic areas and require signaling to deliver the billing charges to the correct data center. In short, it is the Diameter signaling router (more commonly known as DRA) that ensures that the correct information about the right subscriber is transmitted to the designated server in the network. So, my take on the state of the LTE market is that we have witnessed a great beginning. And from our perspective, there are two types of service providers. The first is the service provider who plans for signaling routing and gateway solutions from the beginning, and the second is the service provider who doesn’t add it to the plan and ultimately experiences pain due to signaling surges and overloads. This second type of service provider quickly realizes its mistakes and rushes to deploy Diameter routers and load balancers to ensure network reliability and maximum performance. In both scenarios, LTE networks experience a bombardment of signaling at unprecedented levels. This signaling must be managed, or it will upset network performance significantly or bring network operations to a halt.271Views0likes0Comments