It sometimes seems that just about everything connects to the Internet via wireless these days, particularly Wi-Fi. In fact, Juniper Research (News - Alert) predicts that mobile data traffic generated by smartphones, feature phones and tablets will exceed 90,000 petabytes by 2017, the majority (60 percent) coming over Wi-Fi. This should be even higher in Europe, where even in 2012 roughly 71 percent of wireless traffic is already delivered over Wi-Fi—and it is set to rise to 78 percent of traffic by 2016.
Plus, it should be noted that hotspots are growing to meet this demand. In fact, Wi-Fi hotspots are expected to grow from 1.3 million globally to 5.8 million globally over the next four years, according to a report by Informa (News - Alert) Telecoms and Media3. And, ultra-broadband mobile services are starting to enable hop-on, hop-off Wi-Fi mobile access as a way to both up service for subscribers and cut operating costs.
Yet, untrusted access presents a challenge for mobile data services portfolios that include voice, messaging, secure CRM-protected video delivery and security features such as parental control and anti-malware, since mobile operators can’t ensure the IP mobile core with these Wi-Fi hotspots that only offer untrusted access.
“To support this expanded service delivery footprint, the mobile industry and operators are embracing some 3GPP-defined options for service delivery over both trusted and untrusted non-3GPP access networks,” noted a recent Alcatel-Lucent white paper, Expanding the Secure Delivery of Ultra-broadband Mobile Services over Wi-Fi.
The two main tools for Wi-Fi are the trusted wireless access gateway (TWAG), which supports interworking between the mobile packet core and trusted Wi-Fi radio access networks (Wi-Fi RAN), and the Evolved Packet Data Gateway (News - Alert) (ePDG), which gives operators the ability to deliver mobile packet core services over untrusted non-3GPP network access.
The ePDG supports secure access interworking between the mobile packet core and untrusted, non-3GPP networks. Security is achieved through the establishment of an IPSec tunnel between the user device and the ePDG, according to the paper, and once the local IP address is assigned to the device, the IPSec tunnel is established.
“The tunnel originates from the user equipment for each Packet Data Network (PDN) session, and protects both the user equipment and the wireless packet core,” noted the paper.
Because the ePDG spans all radio access types, gateways that support ePDG such as the Alcatel-Lucent 7750 SR Mobile Gateway can use all their common functions. In the case of the 7750 SR Mobile Gateway, this includes scaling of the control and user planes, Lawful Intercept, subscriber accounting and policy interfaces, as well as IP/MPLS networking capabilities to support integration with existing networks.
Edited by Peter Bernstein