May 18, 2015

Understanding Wi-Fi Signal Strength vs. Wi-Fi Speed

Hand-holding-nothing-smThe relationship between Wi-Fi signal strength and the speed at which data can be transferred over that signal is something that is essential to understand when it comes to Wi-Fi performance.

One question we constantly get is this: 

When I connect my computer
to a wireless network, does a stronger signal always imply faster webpage loading, downloads, etc?

The answer, like all answers to WI-Fi questions, can be difficult to get a grip on.  So here's a good, fairly simple explanation from one of our rocket-scientist founders, Bill Kish, that should help clarify things.

All other factors (of which there are many) being equal, stronger signal strength is correlated with higher data transfer speeds, with a couple exceptions and assuming an optimal physical layer data rate selection algorithm. The super detailed, professional and technical diagram below shows a typical relationship for any modern wireless system with adaptive modulation:

_1__Bill_Kish_s_answer_to_What_is_the_relationship_between_wireless_signal_strength_and_data_transfer_speed__-_Quora

The data transfer speed increases up to a point as signal strength increases since higher signal strengths enable the use of higher PHY (PHYsical layer data) rates, also known as MCS (Modulation and Coding Scheme) in modern WiFi. (One gross oversimplification is to think of different MCS as being somewhat like different gears on a bike or car.)

Once there is sufficient signal strength to operate reliably in the maximum supported MCS rate, additional signal strength does not produce additional throughput gains. In fact at some point (usually a few cm away from the AP) you can eventually run into a signal strength so high that the receiver's front-end is unable to process it, at which point throughput will drop precipitously.

All of the details (especially the scale) of this graph are highly dependent on the capabilities of the transmitting radio, the receiving radio and the environment. Variability in the environment and in the radios themselves makes real-world wireless throughput a random variable that can only be assessed accurately via statistical methods.

The physical layer data rate selection algorithm is critical to achieving the monotonically increasing relationship shown here up to saturation. There have been many examples of poor rate control algorithms loose in the wild (in both popular AP's and common client devices) that do not actually achieve this monotonic performance, especially when subject to unexpected environmental inputs or certain radio degradations.

So What To Do?  Get Smart.

Finding the right balance between optimum performance and reliability with adaptive data rate algorithms is what separates the great Wi-Fi systems from those that are good enough. This previous post awhile back helps explain some of the details.

Rate adaptation is the function that determines how and when to dynamically change to a new data rate. When it’s tuned properly, a good adaptation algorithm finds the right data rate that delivers peak AP output in current RF conditions –unstable as they are. Though often ignored, rate adaptation is a critical component to any high performance system.

Wi-Fi engineers have been led to believe, and—for better or worse—site survey software validates the belief, that data rates can be reliably predicted based on a metric like RSSI or SNR. And some product manufacturers use simple metrics like these to determine the right rate.

Ruckus approaches rate selection with a unique focus. Instead of using unreliable signal measurements to hope for the best data rate, we focus on the math. Our rate selection algorithms are statistically optimized, which is our engineer-chic way of saying that we pick the best data rate based on historical, statistical models of performance for each client.

Without the right algorithm, the optimal rate for any client at any given moment in time is a crapshoot. And when you're guessing, the safest guess is to err on the side of reliability, which sacrifices throughput and capacity and causes other unwanted problems.

At Ruckus, we believe in the importance of stable client connections in an unstable RF environment. In fact, our algorithms jointly adapt both the data rate and antenna pattern together to maximize reliability and throughput.

But don’t take our word for it; test it for yourselves!  You'll definitely see a big difference and create a Ruckus (a good one) with your users.

May 01, 2015

Making the Most of Multi-User MIMO

Flying_woman_composite2With the first Wave 2 802.11ac access points hitting the market, Wi-Fi goes gigabit in a big way. Yet to realize such speeds means maximizing a number of new sophisticated RF capabilities that the vast majority of today’s Wi-Fi access points are simply ill equipped to exploit. Two of these key features are transmit beamforming (TxBF) and multi-user MIMO (MU-MIMO), which effectively requires TxBF to work. Meanwhile, MU-MIMO clients are coming fast.  We’ll get a little geeky so strap yourself in.  It’s important.

With Wave 2, multi-user MIMO with transmit beamforming is designed to boost network capacity and strengthen Wi-Fi signals. That’s especially important as Wi-Fi clients explode and quickly take on new features and functions that the 802.11ac standard brings.

Getting a Good Grip on Chip-Based Transmit Beamforming

802_11N_Transmit_Beamforming_TxBF_-_Explained___Transmit_Beamforming
TxBF uses phasing of multiple signals to create
a virtual beam.

Transmit beamforming, or TxBF, remains an optional feature in 802.11ac but is essential for making MU-MIMO work. So vendors must deploy it in their Wave 2 products. Here’s how it works. 

Basically, TxBF allows an AP to concentrate RF energy in the direction of a particular client by using signal processing techniques at the baseband chip level. TxBF requires feedback from the client to allow the AP to synchronize the transmissions from multiple chains so they end up in phase when they are received. This results in some link budget gain.

Depending on the number of transmit chains available, TxBF can provide signal gain up to 3 or 4dB in ideal conditions. However with adaptive or smart antenna technology, a compliment to TxBF, there is no such limits and the gains are cumulative.

 

Bemflex-MU-MIMO-final

With TxBF, the 11ac access point sends out a test transmission to the nearby client devices, in effect instructing each client to “tell me what you just heard.”  The client replies with specific metrics that reveal how well it “hears” the AP’s signal.

This feedback is used by the AP to effectively decide whether and how to manipulate the transmission of the Wi-Fi signal (through phased timing) via its several antennas. With transmit beamforming all antennas participate in the process. 

Think of it like throwing two rocks into a pond. When each rock hits the water waves emanate in all directions out for where the rock entered the water. Where those waves come together is a stronger or bigger wave (in this case a “beam”). Throwing the rocks into the pond at different times effectively changes to location of the strongest wave.  In the Wi-Fi world the timing of these signals coming out for multiple antennas is all performed on the Wi-Fi chip through sophisticated software.

There are two parts to this manipulation: one is improving the signal to the intended client -- helping that client to hear it better; the other is minimizing that signal to all other clients in-range client to reduce noise and interference. Wi-Fi signals have to thrive despite two countervailing influences. One is noise -- the background, omnipresent ambient blend of static and distortion that exists naturally and as a result of electromagnetic devices. The second is interference -- other signals created by active transmitters such as the Wi-Fi radios in other access points themselves.

TxBF manipulates the phase of the signal coming out of each antenna so that these signals all add up (or cancel out) at the client location. This results in a higher signal-to-noise ratio (SNR), and a stronger, clearer signal to a given client.

More important to be able to hear the right signal intended for them, TxBF does something similar to noise-canceling headphones: it changes the phasing of the signal to create nulls (or what are called “notches” in the RF wave patterns) that cancel out that signal to the other clients.  This helps reduce radio noise and interference so each client only “hears” the signal intended for it. That, too, results in a higher SNR.
 

Another Primer on MIMO

 MIMO, for multiple input multiple output, was first introduced in 802.11n. It added multiple transmit and receive antennas on both sides of the radio link. The chipset sends information in two or more spatial streams, each one transmitting via a separate antenna. The corresponding antennas on the receiving radio collect all the signals arriving from different paths and at different times, and the RF chipset recombines them, essentially increasing the signal-capturing power of the receiver.

The multiple spatial streams pack in more data and the physically separate antennas create what’s called spatial diversity that creates slight changes in timing and other characteristics that differentiate each signal and make it easier to extract the information. The easier it is for a client to reduce the correlation between signals, the more data that can be extracted, and the more data that can be pumped into the sending side of the link.  This is a hugely important aspect of getting MIMO to work the way it was designed.

But until now, Wi-Fi access points could talk to only one client at a time, one after another, by means of a time-slicing to grant fair access to all the clients connected to that access point. An AP with four transmit and four receive antennas and four spatial streams (4x4:4) now has four multiple discrete spatial streams to transmit to different clients simultaneously.

MU-MIMO and RF efficiency

MU-MIMO stands for multi-user MIMO, a brand new, required feature in Wave 2. It too is implemented in hardware, in the 11ac radio chipset, and both the access point and client are required to support it. The concept is breathtakingly simple: with MU-MIMO, that same 4x4:4 access point can talk at the same time to three or four MU-MIMO clients. For example, with Wave 2 WLAN capacity is effectively doubled with single stream clients.

With MU-MIMO a given access point can now handle a much larger number of concurrent clients because it’s serving clients in parallel, in batches of three, for example, and because of the higher 11ac data rates that allow clients to get off the air much faster, leaving more airtime available for other clients.

Even without MU-MIMO clients, a Wave 2 WLAN can realize benefits. Just replacing a heavily burdened 11n AP with a Wave 2 11ac AP will boost the network’s capacity, serving more clients while increasing throughput even for 11n clients (as is the case with Wave 1 access points). As Wave 2 clients hit the market, MU-MIMO will kick in automatically under the covers.

Transmit beamforming is applied to each spatial stream from access point to client in a MU-MIMO configuration, simultaneously optimizing the signal to the target client and minimizing the noise level with regard to other neighboring clients.

The several antennas in MIMO are physically separate and the signal from each travels along different paths, but the spatial streams “mix” in the air on their way to the receiving antennas. This is why separating these spatial streams on the receiving side, often called decorrelation, is critically important.  Any antenna system that can focus or direct these signals to each client or client group to ensure they appear, or are heard, differently by each client is the key to maximizing MU-MIMO performance.

Apart from the physical differences of the antenna locations and the optimizations created by chip-level beamforming, is there another way to increase this differentiation, and thereby increase or sustain MU-MIMO throughput?  There is.  Hello smart antennas.

 
Value-Added MU-MIMO with Smarter Antennas

Ruckus adaptive directional antenna technology, marketed under the name “BeamFlex,” despite sounding somewhat similar to “beamforming,” is quite different. Adaptive antennas continually shape the “physical” antenna patterns by changing the antenna structure electronically (watch this).

 
With adaptive antennas there are three important gains derived.  One is simple antenna gain achieved by focusing more energy in the direction of a given client. Another is the gain from interference mitigation as smart antennas are not forced to constantly send and received signals in all directions at all times.  But perhaps most important to MU-MIMO is the ability for adaptive antennas to control multipath transmission.  Smart antenna systems can effectively steer one spatial stream in one direction and a separate spatial stream in a completely different direction so decorrelation and spatial multiplexing are maximized. This is critical to ensuring proper MU-MIMO operation and maximizing MU-MIMO performance.

While beamforming relies on manipulating the signal timing, to alter the signal’s phase. BeamFlex is all about manipulating the antenna pattern that transmits the beamformed signal.   

A sophisticated (and patented) best-path selection algorithm within each access points lets the AP automatically try different combinations of antenna elements to create focused signals that yield the highest possible data rates, with thousands of possibilities. In effect, Beamflex creates a custom, optimized antenna tuned for a specific spatial stream intended for a given client device or group of clients.

The uniqueness of each antenna pattern means “more signal” can be sent to the target client, and “less signal” to neighboring clients. Depending on the specific situation, BeamFlex can create up to 6dB improvement in the signal-to-noise ratio, and up to 15dB of improvement through reduced interference. The combination means higher data rates, longer range, and higher sustained data rates over those distances.

With multi-user MIMO networks, BeamFlex can create these custom RF patterns for each antenna and each simultaneous MU-MIMO client group so Wi-Fi signals can be better distinguished by clients.  This simply makes MU-MIMO work better. 

That’s pretty smart Wi-Fi.

April 15, 2015

Clearing FUDDY Waters

Fuddy-watersWave goodbye to slow Wi-Fi.

Wave 2 of 802.11ac is here and now, adding new capabilities that improve overall Wi-Fi system performance and capacity.

So don’t be put off by naysayers spewing FUD that Wave 2 APs won’t add immediate value to existing Wi-Fi infrastructures. They already have.

Wave 2 802.11ac-capable access points make more efficient use of the RF spectrum by getting clients on and off the medium faster, leaving more airtime for clients, even those that don't support Wave 2 capabilities. Because Wi-Fi is a shared medium, reducing the time to serve even some clients will benefit all clients.

And as multi-user MIMO clients hit Wi-Fi networks this year, Wave 2 is capable of serving those clients simultaneously—allowing others the opportunity to access the RF spectrum sooner.  It’s carpooling. If you can get people to carpool, even those who don’t carpool benefit because there are fewer cars on the road.  

Having more spatial streams available to use also provides incremental value in the form of spatial diversity, regardless if the clients have one, two, or three spatial streams. More antennas improve MIMO by increasing reliability and signal quality, pushing data throughput closer to data rates.

The other obvious and BIG benefit that wave 2 provides is simple: investment protection. Customers are tired of having to architect and re-architect their Wi-Fi networks every couple years to accommodate the barrage of new devices with new features and functions that can’t benefit from their existing networks. Wave 2 effectively mitigates this risk, extending Wi-Fi refresh cycles.

But, maybe you’re still hearing the same tired message when companies want you to buy Wave 1 instead of Wave 2 saying: “Wave 1 is good enough; no need for Wave 2.” To help demystify a lot of the fear, uncertainty and doubt (FUD) that vendors are belching, here are some more detailed radio truths to help you in your buying decision.


Increased Wi-Fi Capacity with MU-MIMO

Looking closer, if there’s only one reason why Wave 2 makes sense now (and there’s much more) it’s this: MU-MIMO allows an AP to send downlink frames to multiple stations at the same time. This increases capacity compared with single user MIMO. 

QCA-802_11ac_MU-MIMO_Bridging_the_MIMO_Gap_in_Wi-Fi_pdf

Historically, Wi-Fi was only capable of serving clients one-at-a-time. Slow devices consume extra airtime, and all devices served by that AP suffer as a result. This is especially true in mobile-rich deployments. And what networks aren’t packed with smart mobile devices today?   


Better Transmit and Receive Performance 

There may not be many 4x4 clients on the market this year, but adding radio chains helps improve reliability even if you have 1x1, 2x2, or 3x3 clients.

Adding more transmit radio chains improves downlink performance, especially for MU-MIMO. That extra transmitter provides more signal steering control and higher data rates with less interference.

Adding more receive radio chains also improves uplink performance. Using maximal ratio combining (MRC), the AP has the ability better hear signals on multiple antennas and in different polarizations (if the AP supports dual polarization), combining those signals to ensure better reception. This is especially useful for single- or dual-stream clients with small antennas and weak transmit power (e.g. smart phones). 


Legacy Clients Benefit
  

If you’re having a hard time seeing the benefit of MU-MIMO because some portion of your client devices won’t support MU, realize that every MU-capable client in your network ultimately benefits legacy clients (single-user, or non-MU) as well.

With 2-3x greater efficiency from MU, every extra bit of productivity gained is added to the airtime pool for other clients (especially legacy clients that need the boost) to utilize.

SU-vs-MU

 


More Spatial Streams Helps Everyone

The number of spatial streams and the transmission bandwidth together indicate potential throughput performance and number of devices supported. Initial Wave 2 radio chips are 4x4:4 (4 transmit and 4 receive radio chains with support for 4 spatial streams), while most Wave 1 chips were 3x3:3.

While we all wait for four- stream Wi-Fi devices, more spatial streams provides unique benefits, particularly for wireless meshing.  Wi-Fi meshing has always suffered from multi-hop throughput loss. With additional, higher bandwidth streams, APs should now be able to connected wirelessly at true gigabit wireless speeds.
 

Investment Protection

MU-MIMO client support is happening this year.  In fact, MU-capable clients are already on the market. Many of the mobile device chipsets in devices used today are actually “multi-user ready” with a firmware upgrade. So, don’t be surprised if software upgrades this year enables widespread MU support with no need to buy new devices. And yes, MU-MIMO does require client support, so not all 11ac clients can use it. But MU-MIMO support in clients is a near-term reality.

MU-MIMO is a long-term investment – it’s simple myopia to defer Wave 2 because “no MU clients exist today.”  And even a short-term AP investment spans 3 years, so why would we focus on client support in the market RIGHT NOW instead of forecasting client feature support 6 months from now? With that perspective, MU-ready APs make even a 4 or 5-year AP investment plan very reasonable.

MU-MIMO also adds margin for imperfect designs – a small contingency of Wi-Fi consultants and administrators are true experts at maximizing spectral efficiency (proper channel reuse, AP location, Tx power, antenna choice, etc). Given the budget, time, building layout, and business requirement, they can fine-tune until Wi-Fi Zen is reached. For the rest of us, all performance features that offer margin to offset “best effort” designs are a huge help for maximizing investment—and making network admins look like experts, even if they aren’t.

Newer Chipsets Bring Efficiency and Performance Gains

Every new generation of Wi-Fi chips comes with efficiency and performance improvements. Every new AP hardware revision is an opportunity to improve radio components, fine-tune the layout, enhance antenna subsystems, and generally improve performance. If you remember back when the first 11ac APs were coming out, the industry as a whole saw a marked performance increase even for 11n clients (specs didn’t change, but performance did). For all clients, expect new APs to enhance speed.
 

Impressive Power Efficiency

Unfortunately, when you add more radio chains, APs require more power.

With Wave 2, The Ruckus R710 is designed to provide full GHz 802.11ac functionality on 802.3at power, while offering a pretty sweet deal on 802.3af “efficiency mode.” We simply reduce 2.4 GHz radio output power to 25 dBm and disable the USB and second Ethernet port. That’s it.

And you won’t have to think about it. The new ZoneFlex R710 is smart enough to detect how it’s being powered. Whether by DC, 802.3at PoE, or 802.3af PoE, it automatically makes the necessary adjustments to maximize 802.11ac performance.

Other Considerations

Wave 2 will be slightly more expensive than current Wave 1 APs, so you can still buy Wave 1 if you are budget conscious. IT JUST may not take you as far.

And if you’re waiting around for Wave 2 because of the data rates promised by 160 MHz channels, don’t be fooled. Wide channels are the enemy of spectral efficiency in the enterprise. Most client devices won’t support 160 MHz, so there’s really no reason to want it…other than for suspect marketing claims like “fastest AP ever.”   

And if you’re worrying about 802.11ac stabbing you in the backhaul, don’t.

For an AP to require more than Gbps the situation would need to be highly unusual, if not completely unlikely. This would mean a 4 spatial stream 802.11ac WiFi client running 80 MHz channels and an 802.11n 3 spatial stream client (on a 40Mhz wide channel) all using the AP at the same time,  Keep in mind there currently doesn't exist 4 spatial stream WiFi clients (but they ARE coming), and given the limited channels available, you'd never want to set the 2.4GHz radio to 40 MHz wide channels So given the real world device and traffic mix, you’ll rarely need more than 1 Gbps uplinks for Wave 2 APs. Even if you do, link aggregation is there to help. 


The Net-Net of it All

If we knew that we’d be really late to market, we’d probably be saying things like “wait on Wave 2 until clients are ready.” What we’d really mean is “please don’t buy Wave 2 from our competitors…we will be late to market.”  But we didn’t say that.  Instead we just thought we’d cause another Ruckus.  Mission accomplished with much more to come. 

April 07, 2015

Getting Engaged: LTE and Wi-Fi Fall in Love

Hratko Rings_WiFi_Lte_2-smWi-Fi and cellular are the two most successful wireless technologies in existence and have complemented each other for years. Now they seem to be getting engaged. And it couldn’t come at a better time as demand for wireless capacity is at an all time high.  But how this all plays out is another matter altogether.

Wi-Fi’s great strength is that it runs in unlicensed spectrum, can be deployed by anyone, and it is supported on almost every smart handheld or IoT device you can think of. Its real sweet spot is high capacity, high-density indoor applications with low mobility. 

In contrast, cellular technology, which has swept across the globe over the last few decades helping to create a multi-trillion dollar telecommunications industry, is ideal for its ubiquitous outdoor coverage, seamless mobility, and support for real-time applications like voice and streaming multimedia.

Combining these technologies offers great promise for the entire industry. But how they come together remains a big question.

There’s simply no doubt that these two technologies will continue to converge with the goal of giving users an “always best connected “experience. Ultimately, users don’t really care about what wireless technology is used as long as it is fast, reliable and affordable.  

A variety of different approaches to Wi-Fi/cellular convergence are being considered by various industry groups. As these worlds collide (see previous post), understanding the distinctions between these different approaches is important, realizing that there’s no right or wrong answer, just different choices (depending on your frame of reference). Like everything, the market will ultimately decide what works best and when.

LTE in Unlicensed Bands (LTE-U and LAA-LTE)

One such option that has received a lot of attention recently is LTE-U. Being promoted by QualComm and other radio access network (RAN) vendors, LTE-U is an approach to run LTE directly over the 5GHz unlicensed bands. While it isn’t so much convergence as it is way to obtain additional wireless spectrum for mobile services, this concept is now under development by 3GPP (3rd Generation Partnership Project) for standardization in Release 13 as LAA-LTE (license assisted access). 

 

LAA continues to run the LTE control channels, and primary uplink/downlink channels in the licensed bands, using LTE-A Carrier Aggregation (CA) to do channel bonding between the licensed and unlicensed downlinks, and possibly the uplinks in follow on releases. The purpose of the unlicensed bands is to provide additional data plane performance – a data plane boost in effect. The great challenge with this approach revolves around getting LTE to peacefully coexist with Wi-Fi in the unlicensed bands, but the sharing of spectrum is not in the LTE DNA.

New-diagram

 


Proponents say that LTE-U can easily coexist with and protect Wi-Fi operations in unlicensed spectrum, similar to the way different Wi-Fi networks shared the band today. Others worry that the scheduled nature of LTE could cause it to push Wi-Fi out of these bands.

LTE assumes that it has full control over the frequency bands in which it operates and was never really designed to contend for access to the medium, unlike Wi-Fi, which is a first-come, first-served contention-based access model.

Wi-Fi employs a listen-before-talk (LBT) mechanism. Any device wishing to use the band must listen to see if it is occupied.  If the band isn’t busy, the device can seize it and start transmitting. The band can only be held for a maximum of 10 milliseconds after which it must be released and the LBT process repeated. This assures fair access to the medium and has proven to be a very effective way of sharing unlicensed spectrum. The challenge for using LTE in unlicensed bands, is how best to implement LBT as it will require changes to the media access control layer.  

Failure to correctly implement listen-before-talk, will likely limit the viability of LTE-U technology, as public venue owners and other businesses will be reluctant to deploy anything that might negatively impact the unlicensed bands.  Public venues include hotels, conference centers, stadiums and transportation hubs. These are highly desirable locations with heavy data demands where a high quality Wi-Fi service now play an essential role in bringing customers into buildings and keeping them there.

 This effectively causes public venues to put a premium on protecting the unlicensed bands.  Many venues now even employ staff to keep track of how these bands are being used.  This makes it essential that any LAA-LTE standard coming out of 3GPP support LBT per IEEE specifications.  

LTE + Wi-Fi Link Aggregation (LWA)

An alternative to using LTE in unlicensed spectrum that could be much more palatable to the broader industry is LTE + Wi-Fi Link Aggregation (LWA).

This approach, being strongly promoted by QualComm, achieves a very similar result to LTE-U and LAA-LTE, but with some big differences. With LWA, the LTE data payload is split and some traffic is tunneled over Wi-Fi and the rest is sent natively over LTE.  This can greatly enhance the performance of an LTE service. It’s expected that LWA will proceed rapidly through the standards process and emerge in 3GPP Release 13 in the summer of 2016. 

LWA centers on using a Wi-Fi access point to augment the LTE RAN by tunneling LTE in the 802.11 MAC frame so it will look like Wi-Fi to another network even though it is carrying LTE data.

With LWA, Wi-Fi runs in the unlicensed bands and LTE runs in the licensed bands, and the two radio technologies are combined to offer a compelling user experience. Both technologies are allowed to do what they do best, and LTE no longer needs to perform any unnatural acts.

Unlike the deployment of LTE in unlicensed spectrum, which requires all new network hardware and all new smartphones, LWA could be enabled with a straightforward software upgrade allowing smartphones to power-up both radios and split the data plane traffic so some LTE traffic is tunneled over Wi-Fi and the rest runs natively over LTE. The traffic that flows over Wi-Fi is collected at the Wi-Fi access point and then tunneled back to the LTE small cell, which effectively anchors the session.The flows are combined at the LTE small cell and then sent on to the evolved packet core (EPC) and from there to the Internet.  

The big advantage of this approach is that all Wi-Fi traffic can benefit from the services provided by the mobile operator’s EPC. These services include billing, deep packet inspection, lawful intercept, policy, authentication and the list goes on. If the LTE signal is lost, this service will drop and the user can reinitiate an Internet connection over Wi-Fi.  This approach is somewhat similar to multi-link or multi-path TCP, except that the traffic is combined in the cellular RAN rather then back in the Internet. 

LTE + Wi-Fi Link Aggregation would require that LTE small cells to be deployed in the venue, and that any Wi-Fi APs in the venue be software- upgraded to support LWA. The Wi-Fi APs can also continue to support non-LWA traffic on a separate SSID as well, potentially making it the best of both worlds, providing more upside than using LTE in unlicensed bands, with none of the downside.  As such, LWA becomes a solution that doesn’t impact the unlicensed band while leveraging existing Wi-Fi access points and improving indoor cellular performance.   

 

Lte_WiFi_Aggregation
LTE and Wi-Fi Aggregation         

 

Now What?

The convergence of Wi-Fi and LTE small cell technology will play out over the remainder of the decade.  The end result will be to enable an always best-connected experience for the user.  LTE-U, LAA-LTE, LWA, and multi-link TCP are all options for converging these two great radio technologies and there are others as well.  The future looks bright for carrier grade Wi-Fi technology and LTE small cells.

March 09, 2015

When Worlds Collide: Digging Deeper

Dog-digging-[Converted]
Now that some basic definitions of these new approaches to implement LTE in unlicensed spectrum can be agreed, delving deeper into the colliding worlds of licensed and unlicensed band services, it’s important to understand how these technologies might be deployed and some of the options mobile operators will have.

WrightSome pundits have said “to argue for Licensed Assisted Access (LAA), one needs to make a case for Wi-Fi’s insufficiency in some regard.”  Really? Why? 

These comments reference pre-standard/non-standard LTE operation within the unlicensed spectrum being promoted by equipment suppliers such as Ericsson, but the same assertion may be made to the other proposals.


To understand what insufficiencies Wi-Fi may have, it is first necessary to understand the services that LTE operation in the unlicensed spectrum would actually support. 
It’s important to note that LTE-U and LAA are intrinsically data services.  So is Wi-Fi, notwithstanding adaptations to support real-time, bi-directional services through the use of enhancements such as WMM and the Wi-Fi Alliance’s Voice-Enterprise program. So if LAA, LTE-U, and Wi-Fi are ALL used to support data services, how are they differentiated?  The answer is it depends on who you are and what you want.

In June, 2014, the 3GPP Workshop broadly defined LAA’s operation as: 

"Aggregation of a primary cell, operating in licensed spectrum can be used to deliver critical information and guaranteed quality of service, with a secondary cell, operating in unlicensed spectrum to opportunistically boost data rate"

 This made it pretty clear that LAA will utilize the unlicensed channel(s) to augment the data path, while the licensed downlink and uplink will be utilized for QOS sensitive services like Voice over LTE (VoLTE).

 Pre-standard LTE-U plans to use the unlicensced spectrum for downlink only traffic, therefore making it unsuited for bi-directional services. This leads to another key question: where will LTE within the unlicensed spectrum be deployed?

3GPP’s LAA program and ongoing study item include both indoor and outdoor deployment scenarios. However it is clear that both LTE-U and LAA are initially, and primarily, focused on the indoor market given the challenges that are often faced getting cellular signals within buildings and the practical deployment and economic benefits Wi-Fi can provide there.

It’s generally accepted that around 80% of wireless data usage occurs indoors. And the target bands for LTE operation in the unlicensed spectrum (namely 5GHz and possibly 3.5 GHz) are ideally suited for indoor applications.

While the 3GPP LAA Study Item scenarios (see below) include an option to link unlicensed LAA small cells directly to licensed macro sites, the majority of cases involve linking the unlicensed LAA small cells to co-located licensed small cells, which will in fact most often be integrated into a single unit supporting both licensed LTE and LTE-U/LAA operation. The focus for licensed small cells is now largely indoors.

Given that LTE-U and LAA are data services, are proposed for the higher frequency bands, and will most likely be integrated into small cells, it’s clear that they are envisioned as primarily indoor technologies.

Scenarios
Source: 3GPP, LAA Study Item Deployment Scenarios


Wi-Fi: A Rock Star for Data Delivery Indoors

That’s what it was designed for in the first place. And as the 802.11 standard has evolved and carrier-grade technology has been introduced into the market, Wi-Fi has become more than merely an afterthought for carriers looking for more capacity. It’s become a mainline strategic technology to support present and future mobile data services. A comparison of the unlicensed options for indoor data service delivery bears this out (see chart).


Wifi-lte-comparison-2Relative to neutral 
host support, Wi-Fi is inherently ‘operator-agnostic’, but can be used to service mobile operator subscribers via branded SSIDs or Hotspot 2.0 services.

With LAA or LTE-U the unlicensed capacity can be transparently added or removed to the client’s licensed data links, assuming that licensed coverage is available.  This results in a consistent user experience. However, Hotspot 2.0 addresses the traditional issues and limitations associated with users connecting to Public Wi-Fi and also provides a secured airlink.

Finally the claims of better spectral efficiency for LTE in unlicensed are based on either testing that has been done with the pre-standard/non-standard LTE-U, or simulations of LAA using listen-before-talk (LBT) mechanisms that may or may not prove practical.  The relative performance advantages may not be fully discernable until LAA standards are completed and full evaluations are possible.

Mobile Operator Options for Unlicensed Spectrum

The most compelling advantage for LAA and LTE-U is clearly the direct integration of unlicensed services with the mobile core.

 This is a distinct advantage for mobile operators, enabling a more transparent use of unlicensed spectrum for their subscribers – keeping in mind that Hotspot 2.0 will effectively automate the Wi-Fi connection process and address much of the complexity associated with the millions of today’s disparate Public Wi-Fi hotspots.

Within the various proposals of the operation of LTE within the unlicensed spectrum, the dual mode (licensed and unlicensed) eNB presents a unified interface to the mobile core (Evolved Packet Core, or EPC, for LTE networks).

This is more straightforward than existing 3GPP Wi-Fi ‘interworking’ solutions that allow the data plane from a Wi-Fi network to be interfaced to a mobile core’s data handling subsystems, but involve intermediate gateway devices such as Wireless Access Gateways (WAG/TWAG) or evolved Packet Data Gateways (ePDG).

Wi-Fi interworking, first introduced in 3GPP Release 8, has gone through a number of iterations. In a previous post on Wi-Fi Calling, we noted that Apple’s iOS implementation is making use of the ePDG data path for voice sessions.

For operators choosing to use Wi-Fi as their unlicensed airlink, there is also the option of integrating the authentication and accounting without integrating the data plane.

Using Hotspot 2.0, or standard 802.1X with EAP-SIM or EAP-AKA/AKA’, a Wi-Fi footprint can be used to onboard cellular subscribers, authenticate them against an operator’s HLR/HSS, and provide details on their
data usage, but not actually forward the data traffic to the MNO’s core.

This is a popular deployment option that provides transparent connectivity to the mobile operator’s
subscribers over Wi-Fi.  Yet it doesn’
t require the operator to deploy additional data handling capacity (GGSNs or PGWs) in their core thereby avoiding a good amount of CAPEX.

Wifi-lte-comparison-1The table on the right (click to expand) helps summarize some of the characteristics of Wi-Fi and LTE in unlicensed as they pertain to mobile operator integration.


Heretofore, unlicensed and licensed wireless technologies have been worlds apart. Now, almost any way you look at it, they are colliding. While it won’t happen overnight, the implications will be profound for everyone. So buckle up.

 

February 23, 2015

When Worlds Collide


Worlds-collidepictureWright

 

 





If there’s one thing we know, it’s a ruckus. And there’s one going on in the world of telecommunications around the use of the unlicensed spectrum for LTE services. With Mobile World Congress just a week away, there will undoubtedly be a barrage of announcements on the topic.

This will prompt, from various constituents, strong reaction ranging from extreme antipathy and fear, to statements of expectant support.

Problem is, much of what’s being reported doesn’t paint a complete picture of what’s really going on. So here’s some context to help (with more posts to come).

Basic Background Required

In the fall of 2013, Qualcomm proposed an innovative use of unlicensed spectrum to carry LTE traffic. They referred to their proposal as LTE Advanced in unlicensed Spectrum, or LTE-U for short.

Conceptually, over the air LTE consists of a control connection between the e-Node B (LTE radio access node) and the User Equipment (UE), aka client. There is an uplink path for data traffic from the UE to the eNB, and a downlink path for data traffic from the eNB to the UE.

LTE supports two deployments models in licensed spectrum: Frequency Division Duplexing or FDD-LTE and Time Division Duplexing or TDD-LTE.

FDD-LTE is when the control and uplink are typically deployed in one band, while the downlink is deployed in a separate, paired band.

TDD-LTE, in contrast is where the control, uplink and downlink are deployed within a single band.

 LTE is a full duty cycle technology. This means it is assured full use of the band(s) it is operating in. The control path is used to coordinate the airtime on the traffic channels between the eNB and its connected UEs (in TDD mode, the control path is also used to coordinate the amount of airtime which will be used for uplink and downlink operation).

 LTE Advanced (LTE-A) introduced the concept of Carrier Aggregation (CA). [In licensed terms, “carrier” equates to what the Wi-Fi industry calls a “channel”.] CA allows an operator to effectively bond multiple portions of spectrum for the downlink and/or uplink to achieve greater capacity.

The original Qualcomm proposals for LTE-U were rather wide ranging, including a possibility of implementing all of the LTE paths (control, UL, and DL) in unlicensed spectrum.

 3GPP (the organization responsible for LTE standardization) began looking at LTE in Unlicensed Spectrum in early 2014. A first 3GPP Workshop was held in January 2014, and a second in June 2014 which established some initial priorities for 3GPP’s activities. It was at this second meeting that 3GPP adopted the term Licensed-Assisted Access (LAA) to denote their proposed use of unlicensed spectrum for LTE. A few other outcomes from this second Workshop included decisions to focus on the 5 GHz unlicensed bands and a goal for a single global solution. At the Radio Access Network Specification Group (TSG-RAN) meeting in September 2014, a formal LAA Study Item was approved. This meant that LAA was now officially a study item for 3GPP Release 13. The main goal of the study item is to “study the LTE enhancements needed to operate in unlicensed spectrum and to ensure fair coexistence with Wi-Fi”.

3GPP members are now conducting coexistence testing and will be reporting their findings to TSG-RAN.  The timeline below shows some of the milestones and expectations.

LAA-timeline

 LTE-U versus LAA

 There’s a lot of confusion at this point about the terms LTE-U and LAA. Some are using them interchangeably, while others have distinctly different things in mind when they mention them. For instance, Ericsson recently announced that it will introduce LAA support on some of its small cell platforms by the end of 2015.

However, LAA, as a 3GPP standard, isn’t expected to be finalized until March of 2016. So Ericsson is really referring to a pre-standard/non-standard technology, which has distinctive features from what is most likely to be standardized as 3GPP LAA.

While Qualcomm and 3GPP seem to be using consistent terminology at this point, given the growing alphabet soup, here are some basic definitions and distinctions that the industry should consider adopting as standard nomenclature to keep things clear:

LTE-U   

Pre-standard/non-standard LTE in unlicensed spectrum implementations use 3GPP Release 10-12 CA features to provide Supplemental Downlink (SDL) service over Wi-Fi. Coexistence with Wi-Fi is provided via initial channel sensing/selection, and in the presence of Wi-Fi operating co-channel the use of on/off duty cycle mechanisms controlled by algorithms to determine the allocation of channel airtime for LTE and Wi-Fi (e.g. Qualcomm’s Carrier Sensing Adaptive Transmission – CSAT). Due to the lack of Listen Before Talk (LBT) support, this solution would only be deployable in regulatory regimes that do not require LBT such as the US, China, Korea, and India.

LAA

The proposed 3GPP Release 13 standard implementing LTE within the Unlicensed Spectrum is designed to opportunistically boost data rates. LAA can be used as a secondary carrier (channel) for the downlink only, uplink only, or both.  The initial focus is on SDL - downlink only]. Coexistence with Wi-Fi operating co-channel would be provided via LBT mechanisms. Because of the LBT support, LAA would be deployable virtually worldwide.
Extending-the-benefits-of-lte-advanced-to-unlicensed-spectrum_pdf 

Subsequent posts on the topic will use the terms with these definitions in mind. [Notice that neither of these current initiatives include proposals to implement the entire LTE system (control, UL, and DL) in unlicensed spectrum].

Next up, we’ll compare proposals for LTE in Unlicensed with Wi-Fi, and finally look more closely at the coexistence issues. So stay tuned.

December 21, 2014

Making the Most of Wi-Fi Calling

   IWi_Fi-Calling_Handsets2n the time since Apple’s revelation that iOS 8 would support a form of Wi-Fi calling, the industry has seen a barrage of announcements, even TV commercials, around Wi-Fi calling. Come to find out that many of them are actually existing products and technologies simply re-spun. A deeper dive into Wi-Fi calling’s history and characteristics reveals what is truly needed to properly support this exciting new Apple capability, as well as other Vo-Fi services.

So What is Wi-Fi Calling?

Sort of like the term “cloud,” Wi-Fi calling often means different things to different people.

TMo_Wi-Fi_CallingSimply put, Wi-Fi calling is the ability to place a voice call using IP encapsulation over a Wi-Fi network, but this can be implemented in a variety of ways.

The iOS form of Wi-Fi calling is different from so-called over-the-top (OTT) services like Skype or Lync because it is integrated within the OS’s dialer (not a third- party app) and is architected to work in the same way a Voice over LTE (VoLTE) call works. It’s also being developed to support the transparent handoff of a call as the user moves between Wi-Fi and LTE coverage areas, something OTT approaches simply can’t do. It’s more of an evolution of about older UMA (unlicensed mobile access) based services, which were some of the first to support cellular voice services over Wi-Fi. Other implementations would include services from MVNOs such as republic wireless and Scratch Wireless.

Wi-fi-calling-image

While these are all examples of “Wi-Fi Calling,” they have very different characteristics, raising a number of important questions:

  • Where does the voice session terminate?
    In an IMS core, at a standalone SIP server/gateway, or on a MSC, does the voice session have to enter an operator’s core network? If so, how is the ‘untrusted/trusted’ border transited?

  • What codec is used?
    How is it encapsulated for transmission?

  • Is the voice session encrypted?
    If so, what are the encryption endpoints?

  • Is the calling service integrated into the native dialer?
    Or does it require a separate app?

  • Does the service support call handoff to and/or from a cellular service?
    If so, does handoff work with Circuit-Switched networks, VoLTE/IMS networks, or both?

While there are obviously a lot of possibilities to enable Wi-Fi calling, it’s also encouraging that there are so many ways to support voice over Wi-Fi – underscoring Wi-Fi’s flexibility to support a myriad of IP-based services. 

Rw_Status-trimmed
An in progress Wi-FI call made on a republic wireless handset

 


What’s REALLY changing with Apple’s iOS integration and mobile operators lining up to support it is that Wi-Fi Calling will no longer be just a so-called OTT service, or only be offered by upstart MVNOs like republic wireless or Scratch Wireless. Wi-Fi calling is going mainstream.

The question now becomes: How do Enterprises, Operators, and Venues optimize their Wi-Fi networks to support this service?

Voice as an IP Service

Voice is a low bitrate, but very finicky, data service because real-time, bidirectional voice demands a narrow set of operating parameters from the network in to ensure a high quality calling experience.

As such, the requirements for latency, jitter, and packet loss are much tighter for voice than for standard business or Internet applications.

  Wi-Fi Never Really Designed for Voice

Wi-Fi utilizes a shared medium (unlicensed spectrum in 2.4 or 5 GHz) for all the stations in a service set (including the Access Point). Access to the medium is not directly coordinated between the stations, but is performed using mechanisms that seek to minimize simultaneous access attempts and indicate to a transmitter if the intended receiver did not receive its frames. In addition to the contention for access to the medium, Wi-Fi can also be subject to interference by other uses of the same unlicensed spectrum.  

While on the surface, Wi-Fi might not seem like an appropriate access network for quality voice services, advances in Wi-Fi technology make it possible.

Stronger Voice with Smarter Wi-Fi

Addressing many of these issues that can hinder good Wi-Fi calling, new adaptive antenna technology was conceived for transporting delay-sensitive video and voice traffic over Wi-Fi to enable a highly optimized signal for each client. 

A stronger signal equates to a better Modulation and Coding Scheme (MCS).  Better MCS means higher data rates and higher data rate means it takes less time to send a specific amount of data allowing client stations to spend less time accessing or fighting for access to the Wi-Fi medium. 

This also reduces contention for the RF channel as well as reducing the likelihood of collisions (increased jitter), frame loss or packet retransmissions (increased latency).

In other words, providing better signal at the receiver increases the overall airtime efficiency of the service set for stations sending voice and those sending other types of traffic.

Adaptive antenna array technology utilizes smart directional Antennas within a single array, automatically controlled by fancy software that picks, for every packet, the best antenna combination to focus the RF energy towards the intended receiver.  This results in a 5 to 6 dB of gain of signal on the downlink connection.

In addition, smart antennas help mitigate interference from other access points operating in the area by only directing RF energy towards the intended receiver, not simply blasting it everywhere. The impacts from the receiver gain and interference mitigation are cumulative and quite pronounced in dense deployments such as office buildings or high capacity public venues.

Looking ahead, 802.11ac Wave 2 introduces the concept of Multiuser MIMO (MU-MIMO).  Multiuser MIMO effectively allows concurrent Wi-Fi conversations to occur for different clients. The ‘grouping’ of clients into MU-MIMO sets will be essential to maximizing the benefits of this innovation. Good grouping will enhance the ability of a given set of clients to simultaneously receive a transmission and effectively interpret their individual data streams. 

Due to the uniform nature of Wi-Fi calling payload sizes, this will make Wi-Fi calling clients prime candidates for grouping with each other (assuming they meet other grouping criteria), benefitting the Wi-Fi calling experience by servicing multiple downstream clients simultaneously.

 Another important innovation benefiting Wi-Fi calling is the ability to enhance the uplink signal from the client to the AP by receiving the client’s signal on both the horizontally and vertically polarized antenna elements. Because they are able to implement polarization diversity with maximal ratio combining (PD-MRC), smart antennas can provide up to 5 dB of uplink gain. This is especially important when considering single stream/antenna mobile devices (the vast majority of smartphones and tablets, including all models of the iPhone), which transmit with a single polarization. Adaptive smart antenna technology is able to effectively extract or construct the best possible Wi-Fi signal regardless of the client’s orientation relative to the AP.  

Because real-time voice is inherently bidirectional, it is important that both the downlink and uplink support the best possible MCS and highest data rates.

Beyond The Antenna 

Beyond antennas, recent technical advances have also been made in how traffic is handled within Wi-Fi access points to ensure the best possible quality of service for Wi-Fi calling.

Since traffic is often encrypted with Wi-Fi calling, the Wi-Fi access network has no real visibility into the payload to determine what type of traffic is being served.

 With more innovative heuristics-based quality of service, different traffic types can be automatically identified, prioritized, scheduled and queued even without the ability to inspect the inner contents of the packets and detect that they are part of a voice session. This is achieved through sophisticated algorithms that constantly examine the characteristics and behavior of the traffic such as the size and frequency of packets in a flow (even an encrypted flow).

Such sophisticated traffic inspection, classification, and optimization technology works in software to provide per-client, per-traffic-class queuing. So traffic is mapped into the various queues based on existing L2 or L3 tags received from the upstream network or these heuristic-based identification algorithms.

What’s more, sophisticated schedulers implement advanced algorithms to transmit the frames based on airtime and throughput potential or even WLAN prioritization settings that have been configured. If a client doesn’t receive a frame, the scheduler ensures that the frame gets priority for retransmission, eliminating head of line blocking issues. 

The Holy Grail for Wi-Fi Calling?

Ultimately for Wi-Fi calling to work as everyone wants it to, the combination of these technology innovations is essential to delivering a true low-latency carrier-class Wi-Fi calling experience so good that you’ll be able to hear a pin drop (over Wi-Fi).

October 29, 2014

Small Business Gets Big Wi-Fi, Finally!

Businesman-holding-hands-upIn a wireless world that’s so dependent on reliable connectivity, there’s something small business owners will tell you:  Wi-Fi for small businesses really stinks.

The small business sector is one of today’s most underserved and overlooked markets, and the opportunity to provide these businesses with better Wi-Fi is compelling, to say the least.

In 2011, According U.S. census data, there were nearly 6 million small businesses with actual employees in the United States. Firms with fewer than 500 workers accounted for 99.7% of those businesses and businesses with less than 20 workers made up 89.8%.

This is a big market. And these businesses deserve some love.

Dell-oro-chart
Click to view image

Selling business-class Wi-Fi equipment to small businesses looks to be the fastest growing sub-segment within the global enterprise WLAN market.

Dell’Oro Group estimates that that the market opportunity for selling enterprise Wi-Fi gear into the small and distributed branch office segment will jump from $700 million in 2013 to $1.4 billion by 2018 (see chart).

Devicescappe-graphic
Click on Image to View

A recent survey of 400 U.S. small businesses with retail places of business, commissioned by Devicescal and conducted by /GR, found [to nobody’s surprise] that providing free Wi-Fi is good business for increasing:

  • Customer foot traffic
  • The time spent on premises (and most importantly),
  • The amount customers spend.

The study focused on independent “mom and pop” retail stores, including bars, nightclubs, restaurants, fast food places, coffee shops, clothing boutiques, book shops, and salons.

With more wireless-only devices, savvy users and mobile business applications needing higher capacity and more reliable Wi-Fi access, small businesses have been, well, stuck.

And when it comes to Wi-Fi today, small businesses have few reliable choices.

Most small businesses are typically forced down-market to use consumer-grade Wi-Fi equipment (including Wi-Fi integrated into cable modems and DSL routers provided by services providers). These solutions lack the features, functionality and gusto to adequately meet the growing demands for better and more reliable wireless connectivity.

Another [not so great] option has been the use of enterprise class wireless LAN (WLAN) systems. While feature-rich, these solutions are simply overkill and way too expensive and technically daunting for small organizations with no dedicated IT experts (which is pretty much every small business on the planet).

What the market craves is some sort of system that bridges this growing gap, with business-class Wi-Fi reliability and pervasive performance at consumer-type prices. And it must be brain-dead simple to use.


A New Way to W-Fi with Xclaim Wireless



Xclaim-ap-and-harmonyLooking to solve these problems, Ruckus today took a big step into the small business market with Xclaim Wireless.

Xclaim is a business-class Wi-Fi system, insanely priced and simple, simple, simple to configure and install.

This isn’t merely a repackaged Ruckus enterprise product simply de-featured at consumer price points. Rather, it’s a new way to Wi-Fi, uniquely developed and designed for the small business market.  

No controllers, nerd knobs, or complex network settings to memorize. Xclaim redefines the notion of better Wi-Fi for small business by combining enterprise-class power and reliability with the simplicity that small businesses are clamoring for.

Xclaim-harmony-on-ipadAt the heart of Xclaim is a custom-built (and yes FREE) mobile application, Harmony for Xclaim, that puts Wi-Fi management into the palm of your hand; radically simplifying the configuration, management and monitoring process of Wi-Fi networks. We're talking grandparents-can-do-it-simple (watch this). 

Pundits are already xclaiming what they think about all this. 

So say goodbye to the days of amenity Wi-Fi as the norm for small business. Now there’s a powerful business-class Wi-Fi solution for mobile connectivity that offers tremendous benefit for both businesses and their customers without both going either broke or crazy.

Visit Xclaim Wireless to learn all about it.

October 27, 2014

Hotspots Get Hotter with Release 2 of Hotspot 2.0


Wright

HotSpot_2.0.ai

Hotspot 2.0 Release 2 is here – expanding and improving on the considerable innovations introduced with HS2.0 Release 1.

At Ruckus, we’ve always been huge fans of Hotspot 2.0 and have taken an active part in its testing and development.  With Release 2, Hotspot 2.0 gets even better. 

Hot Spot 2.0 (HS 2.0), often referred to as Wi-Fi Certified Passpoint, is the new standard for Wi-Fi public access that automates and secures the connection. It addresses the two major challenges with legacy hotspots:

  1. the often-confusing task of connecting (which SSID, what’s this captive portal thing, does this even have Internet access?) and

  2. the open/unencrypted airlink connection. Hotspot 2.0 also enables us to interconnect all the “islands” of hotspots into larger footprints via roaming agreements between Wi-Fi operators.

Early examples include the recent announcements of bidirectional roaming between the Time Warner Cable and Boingo Passpoint services, and AT&T’s release of a new Wi-Fi Hub service with Hotspot 2.0 support.

Release 1 of HS 2.0 was based on the IEEE 802.11u standard and introduced new capabilities for automatic Wi-Fi network discovery, selection and 802.1X authentication based on the Access Network Query Protocol (ANQP).  

 With Hotspot 2.0, the client device and access points now exchange information prior to association using ANQP. The AP advertises the “backend” service providers (SPs) who can process authentication requests that are reachable from this hotspot. The client then checks to see if it possesses a credential for one of those SPs.  If it does, the client proceeds to associate and then authenticate to the network using 802.1X and the provisioned credential. Supported client credentials include SIM cards, USIMs, X.509 certificates and username/password pairs. Each credential is associated with a specific EAP type. The primary benefits of Release 1 were automating the connection experience at hotspots where the client credential was accepted and providing a secure, encrypted airlink for Public Wi-Fi. A secondary benefit is the ability to support multiple roaming partners over a single SSID, with SSID proliferation having become an increasing issue for operators looking to expand their footprint through roaming relationships.

Release 2 is largely focused on standardizing the management of the credentials; how they are provisioned, how they are stored on the device, how they are used in network selection, and how long they are valid. Some of these capabilities aren’t applicable to cellular credentials (SIM/USIM), because those are provisioned by the home mobile network operator (MNO) and are themselves the stored credential. But what about all those Wi-Fi only devices, how do we get them provisioned for service (and perhaps even linked to the subscriber’s cellular data account)? And what if the SP wants to apply some policy as to how its credential may be used (including the cellular credentials)? How do we expire a credential after a certain amount of time or usage? What do we do if a device submits a credential that has expired? And how can we do all of these things in a manner that preserves the security of the subscriber and their credential? These are some of issues that the smart folks in the Wi-Fi Alliance’s® Hotspot 2.0 Technical Task Group are addressing with Release 2 of Hotspot 2.0.

Making Smart Phones Event Smarter.


 Until Release 2 there was no standard format for managing a Hotspot 2.0 credential on a client device. Depending upon the OS or manufacturer, a text or XML file was typically used, but these might have different naming conventions, syntaxes, and locations within the file system. Release 2 leverages the Open Mobile Alliance’s Device Management (OMA-DM) framework, which provides a standardized XML tree structure within which different information can be stored in a consistent manner.




Release 2 specifies a new Per Provider Subscription Management Object (PPS-MO), which is one or more branches in the OMA-DM tree containing all of the information related to the Hotspot 2.0 credential(s) on the device. The credentials themselves may be stored in the PPS-MO (e.g. a username/password pair), or they may be located elsewhere on the device (e.g. a SIM or X.509 client certificate) and referenced within the PPS-MO. However, the PPS-MO doesn’t just contain the credential information; it also standardizes the storage of some associated Release 1 parameters and introduces a whole range of new ones. Click on the table to see a few of the new of the release 2 parameters for comparison.

MAIN-FETURES-IMAGEIt’s important to understand that the credential information and associated parameters for each provider are being stored in a separate branch of the PPS-MO tree. Further, only the provider who provisioned the credential is allowed to modify any of the parameters for that credential. So, a SIM credential branch from your cellular provider might contain preferred roaming partners and blacklisted SSIDs that apply when using EAP-SIM, while a username/password credential branch from your cable operator could contain a different set of policies to follow when using that credential with EAP-TTLS. Consistent with Release 1, Release 2 upholds the user’s preference as the ultimate decision maker for network selection, providing the ability for the user to prioritize multiple subscriptions/credentials.

A Few New Backend Servers Needed.

With Release 1, the only supporting servers required were the AAA servers providing the client authentication, or perhaps acting as gateways to a mobile operator’s Home Location Register (HLR) for EAP-SIM authentication. Release 2 adds a number of new server elements to support service registration, credential provisioning, credential management, and ensure the security of the client and credentials. Here’s an overview of these new server elements: 

  • Online Signup (OSU) Server
    Registers new users for service and provision them with a credential.
  • Policy Server (PS)
    Provisions network detection and selection policy criteria for the provider’s issued credential.
  • Subscription Remediation Server (SubRem)  
    Corrects any issues with the issued credential, policy or subscription, and also to renew prepaid type credentials.

  • CA
    Generates and issues client certificates if TLS authentication is used. 

HS2-KEY-NEW-FEATURES

All Release 2 clients receive Trust Roots that link to the Wi-Fi Alliance’s® PKI.  This means that clients can validate all Release 2 server components and even the provisioning WLAN itself, even before they’ve been provisioned with a credential of their own. Remember that these are logical entities and could be implemented on separate platforms or in a single box, perhaps combined with the AAA server.

How does it all work?

A Release 2 client will see the Release 2 support in the Hotspot 2.0 indication element of the APs beacons and probe responses.

The client then sends an ANQP query to the AP. In the ANQP response, the AP indicates that Online Signup services are available and lists the OSU providers that are reachable from this hotspot. Since the client does not have a valid credential associated with this hotspot operator, or any of its roaming partners, it does not proceed to automatically associate and 802.1X authenticate. Instead, while it is still in the pre-association phase, the user will be notified that Online Signup services are available. If the user elects to sign up, they will be presented with a list of the available Online Signup providers. The list is typically displayed as an icon, operator friendly name, and description for each operator. The icon and friendly name are actually embedded within the PKI certificate issued to the OSU server, thus ensuring that clients don’t connect to “rogue” provisioning systems. Remember that everything described so far has happened while the client is not yet associated to any WLAN.

It’s also important to note that with Release 2 of HS 2.0, a new type of WLAN is being introduced, the OSU Server-only authenticated layer 2 Encryption Network (OSEN).  Release 2 OSU deployments can use either Open or OSEN WLANs for the client provisioning process. 

Samsung-g5s
The OSU Provider List on a Samsung Galaxy S5

The intent is to ensure that the client is connecting to a valid/trusted OSU WLAN and that the registration and provisioning servers are authenticated. In order to accomplish this, there will be new Public Key Infrastructure (PKI) root trusts loaded into Release 2 clients. These will be used to validate OSU servers and the OSU WLAN if the OSEN option is used. 



Once the user selects an OSU provider from the list, the connection manager on the device will connect to the OSU WLAN (Open or OSEN). It then triggers an HTTPS connection to the OSU server URI, which was received with the OSU providers list. The client validates the server certificate to ensure it is a trusted OSU server. Then the client will be prompted to complete some type of online registration through their browser.

The final step of this registration is the provisioning of the credential and parameters to the client.   Finally, now that the client has a valid credential for the production HS2.0 WLAN, it disassociates from the OSU WLAN and connects to the HS2.0 WLAN using the standard ANQP mechanisms. The connection manager also factors any configured policies into its selection decisions when utilizing the credential. From then on, the credential provider can use this framework to update the credential, policy or subscription of the device by indicating via RADIUS messaging that the client needs to contact one of the provisioning servers and/or the client device can initiate an update based on configured intervals or user action.

What’s Next?

The Wi-Fi Alliance recently held a formal launch event for Release 2 of HS 2.0 at its Wi-Fi Global Congress at the Palace Hotel in San Francisco. Ruckus performed the public demonstration of Release 2 at the launch event while the WFA announced that Ruckus’ OSU server suite is one of two selected for the Passpoint Release 2 Certification Testbed. The Ruckus SmartCell Gateway and ZoneFlex Access Points have already been certified for Passpoint Release 2.

On the client side, Samsung already has two models of the Galaxy S5 that have been certified, there are a number of certified chipset reference designs available from companies like MediaTek, Broadcom, Qualcomm Atheros, and Marvell. Intel has also received certification for the 7260.HMWG adapter.

The WBA is planning its Next Generation Hotspot (NGH) Phase 3 trials, which will be based on Hotspot 2.0 Release 2. We expect a number of operators to participate in the NGH Phase 3 trials and some to conduct their own private trials. Commercial deployments will follow.

 So it looks like hotspots will be heating up even more with Online SignUp and standardized credential management, which is great news for everyone. 

June 14, 2014

Not So Random Thoughts on Privacy and Positioning

Iphone-icture2Earlier this month at the Apple’s Worldwide Developer’s Conference (WWDC) it was uncovered by Frederic Jacobs that with the upcoming Apple iOS8 operating system, Apple devices will be able to, as a privacy mechanism, hide or mask their MAC address by randomly generating a fake MAC address to present to the Wi-Fi network. 

In iOS8 Wi-Fi scanning behavior has changed to use random, locally administrated MAC addresses within Wi-Fi probe requests and responses (the way devices and and access points talk to each other to determine if a connection can be established).  Many expect Google to make similar changes within its Android OS.

Media access control (MAC) addresses are unique identifiers that are assigned by device manufacturers. A MAC address is hard-coded onto the device’s network interface and is unique to it. These addresses are essential for networking and network diagnosis because they never change, as opposed to a dynamic IP address that can change as users move around. For a network administrator, that makes a MAC address a more reliable way to identify senders and receivers of data on the network.

The news caused a fair bit of consternation among companies that use MAC addresses as a way to identify and locate client devices being used in public spaces for the purposes of improving the customer experience when using Wi-Fi networks.

Many see Apple’s move to randomize MAC addresses as simply a way for them to push its iBeacon technology. iBeacon already uses Bluetooth Low Energy (BLE) technology for which Apple also randomizes the addresses. But make no mistake. iBeacon will undoubtedly benefit from this action. More to the point, it’s a good way for Apple to remain publicly contentious about user privacy concerns while helping its iBeacon business along.

Protecting user privacy is nothing but goodness. Most people don’t want personal information about them, like their age, birthday, gender and what color underwear they have on, exposed to anyone who might use it for some nefarious purpose.

But here’s the thing. And it’s an important thing. MAC addresses don’t expose ANY of this kind of information. Users are personally identifiable only after they have logged onto the Wi-Fi network and/or signed into a mobile app (e.g. a shopping app / or an app for a convention venue) where they provide details to gain access or opt-in to obtain information of use to them (promotions, directions, alerts, etc.).

While being able to hide the unique MAC address on a device seemingly provides an added level of protection and privacy for users, it effectively prevents increasingly popular passive network-based Wi-Fi location services from identifying and tracking devices that aren’t connected or associated to the Wi-Fi network but are still “talking” to it.

This means value-added services that users want and business have been demanding could be diminished.

MAC addresses can be tracked whether or not users actually connect to a Wi-Fi network. Even when people aren’t using or connected to a Wi-Fi network, their device (if Wi-Fi is turned on) still continues to let the network know that it’s around by transmitting probe requests.

This information is extremely useful for Wi-Fi-based location and positioning systems that are designed to provide invaluable analytics that can be used by businesses to deliver customized services to their clients who they know are within a given area.

Affected-chartThe biggest impact of this move by Apple is on devices that are not associated with the Wi-Fi network (see above chart). All associated devices remain unaffected by any changes to MAC-address randomization on any mobile OS. In addition, many advanced location-based systems, like the Ruckus Smart Positioning Technology (SPoT) service already make use of sophisticated hashing performed on MAC data to maintain user privacy. While these systems won’t see any reduction in the accuracy of location services they deliver, they will now have less data available to make use of as a result of Apple’s move. What a shame.

Fortunately iOS devices will remain identifiable. Despite MAC-address randomization, these devices have a unique, and known, range of MAC addresses. By eliminating all unassociated iOS devices from the database (positioning engine), the integrity of the user/visitor profile in a venue is maintained.

The good news for venues like malls, hotels, airport and convention centers, as well as value-added resellers and carriers looking to deliver location-based services using Wi-Fi is, the impact of the iOS8 feature is limited.

Because only unassociated iOS devices are missed (again, see chart above), organizations can continue to engage and locate a majority of their users — still a significant number compared to the limited pool of users who hope to be identified by Bluetooth signal.

Meanwhile, venues can continue to have access to high quality location analytics and customer insights, and can continue to engage their users (visitors/customers) with highly targeted location based services, (including promotions and other content. Apple’s move will help drive a massive shift from users of unassociated devices towards users with associated devices. With that, organizations need not worry about being unable to engage users and analyze their movement and behavior.

Ultimately, brands, venues and companies must begin to focus on creating customer value and satisfaction that delivers a compelling mobile experience beyond basic wireless connectivity. Location-based Wi-Fi services and brand-based mobile applications remain an ideal way to do exactly this.

So keep watching this SPoT.