Operators in the GSM and UMTS arena can be segmented into four broad categories:
Incumbent. These normally originated from PTTs or a regulatory-driven breakup of a monopoly, or by one of the companies obtaining a second license in European countries.
Latecomer incumbent. Normally not "in the black," as far as their current balance sheet is concerned, these are still players in the 2G market.
Greenfield. These are operators who enter the market as pure 3G players. They are already financially up and running but are yet to have an operating network.
Mobile Virtual Network Operators (MVNOs). These are operators that do not own a wireless access network but simply rely on roaming agreements with incumbent cellular wireless providers in order to provide service to the customers who choose to use their brand. In brief, a MVNO focuses on service definition and branding and on the highest-quality-possible customer care, and it negotiates with a third parties wireless access network services (more on MVNOs in Chapter 9).
In this case study we focus on a provider that belongs to the first class, named ACME Wireless. This carrier type provides the most complete and simple arrangement in terms of networking and service provisioning, since the latecomers often have to use the incumbent's infrastructure and set up complex service arrangements based on roaming agreements even within their home country. Greenfield and MVNO cases may be considered a subset of what can be developed in an incumbent network, without the need of legacy investments protection but with the need of detailed SLAs and partnerships with other wireless carriers, respectively.
Operator ACME Wireless has offered CSD-based services for some years, namely plain Internet access and WAP services. They have also rolled out GPRS and plan to support more advanced data services as they move toward 3G. ACME Wireless infrastructure is depicted in Figure 6.9. ACME Wireless currently has a TDM network for digital voice transmission and a multiservice network based on ATM and Frame Relay-capable switches. The ATM backbone is used to interconnect their five regional offices and the data center where they host their mobile Internet services (WAP gateways and servers, Web hosting and caching, HTTP proxy) and also to connect the GGSNs located in data centers and the regional offices to POPs where ACME Wireless terminates the customer networks' access links. The regional offices and the data center host the provider edge (PE) equipment. The POPs also provide outsourced PE L2-based or PE L3-based connectivity to the customer networks. The POPs are outsourced from major wireline operators operating landline VPN service. This outsourcing service is standardized to be based on MPLS VPNs compliant with [RFC2547]. Each customer can access the operator network either based on a Frame Relay or T1/E1 IMA (Inverse Multiplexing ATM) link. The wireline operator aggregates this traffic at POPs onto the MPLS VPNs they offer to connect multiple sites of the same customer network, as well as to offer connectivity to the wireless network by interfacing to the ACME Wireless regional centers.
The network evolution entails migrating to a unified IP-based voice and data network. The transport will be MPLS based. ACME Wireless plans on reusing the ATM network by interworking the MPLS layer and the ATM layer at ATM edge nodes, to maximize reuse of the existing installed base. Exchange of traffic with the corporation may be based on L2TP tunnels secured using IPSec transport mode or on tunnel mode tunnels. This provides ACME Wireless with the maximum flexibility in selecting partnerships in offering POPs to customers. In fact, secure tunnels decouple the VPN provisioning architecture from the link layer access technology and from any mutual trust between the wireline access operator and ACME Wireless.
If the customer network is outsourcing remote access to some wholesale access provider, then ACME Wireless can cover this need from the wireless side by terminating PPP at the GGSN, or by using the IP with PCO access method. ACME Wireless advises their customers that IP with PCO access mode may be prone to replay-based attacks, and that PPP-based access is best for security and for the other reasons we have suggested earlier in the chapter. In case the customer network uses remote access via L2TP, the ACME Wireless can provide LAC functionality via the PPP PDP type. There are solutions based on IP PDP type and LAC functionality obtained by having the GGSN initiate L2TP tunnels and manage all the PPP negotiations and configuration, using data transferred to the GGSN via GTP. ACME Wireless does not believe this is the target solution, but it still offers this option to customers not equipped with PPP PDP type-capable terminals. In fact, PPP PDP type has not been widespread in the early days of GPRS and UMTS system deployment, but it is becoming more and more widespread as the infrastructures mature. It should be noted that ACME Wireless did not accept the proposal from some vendors to base the whole Mobile VPN offer on VPN clients installed on terminals, since this is a less profitable approach and it does not allow for service delivery control to the same extent as other network-based approaches. For example, the provider can control PPP LCP echo via proxy at the GGSN or by disabling it at the GGSN when PPP is terminated at the GGSN. Keep-alive messages generated by VPN clients cannot be controlled, since this is perceived as regular user traffic by the infrastructure. Also, IP PDP type network-based VPN solutions do not generate periodic keep-alive messages over the air. This allows for long inactivity periods without requiring the wireless bearers to be allocated permanently to the wireless user. As a result, ACME Wireless plans on network-based solutions only.
The option to manage outsourced IPSec VPN gateways for their customers is also perceived as costly, with no apparent benefit. In addition, it requires the VPN GW/VPN clients to be standardized for the network, because of common interoperability issues between VPN clients and GWs from different manufacturers. ACME Wireless perceived this as suboptimal during its development plans definition.
ACME Wireless also must protect legacy investment in data services and the customer base. Typically, this is represented by CSD-based WAP services users. In fact, plain remote access did not require corporations to set up any agreement with the carrier, since the access number to be dialed was the same as the one used for wireline access. The low bit rate and limited use of service led to almost no subscribers to the L2TP-based access service, offered by having the IWF acting as LAC. The real worry was to make the WAP infrastructure as common as possible between the CS and the PS domains. This was fairly easy because of the uniform way to access WAP services from GPRS and CSD offered by reusing the same WAP GW and WAP GW interaction procedures, achieved via L2TP access to an LNS interacting with the WAP GW.
ACME Wireless also plans to offer to ASPs access to a set of services that enable users to charge for application usage out of their wireless bills. In addition, it plans to extend to users network usage discounts based on the purchase of goods and services or the usage of specific applications offered by ASPs, as a means to control the amount of traffic exchanged between the carrier and the ASPs. The network offers APIs to partners (ASPs) to program their services, as well as dedicated APNs to access partner networks services.
ACME Wireless also can offer single sign-on service to customers by collecting session-related data using RADIUS accounting at the GGSN, or via captive portals (described in Chapter 5) that collect the user identity and then manage it across the applications usage workflow. The user identity can be distributed to partners via some HTTP request URL modifications operated by content switches that allow the identification of the user during the session. The user identity passed in the HTTP requests can then be used by the partner ASP to request network services like billing, discounting, location, or even user preferences and class. The single sign-on service comes also with the recall of all user preferences and bookmarks to be used during the navigation. Figure 6.10 depicts the architecture that enables ACME Wireless to offer such services.
From a network management and service provisioning perspective, the integration of the applications with the network elements configuration is in the plans, obtaining real flow-through provisioning (Figure 6.11 shows an example of a possible flow-through provisioning setup, and much more complex scenarios are also possible). This would, for instance, allow a user to begin a session with a simple APN devoted to services network access and then connect to the corporate network, or to a gaming network, where a community of people can share information or exchange media over a specific and predictable QoS-level network. At each stage, the cost of network access would change, thus allowing for dynamic adaptation of the network access fees to the application being used. This could come with advantages to both ACME Wireless customers and to ACME Wireless themselves: Customers are charged a fair price for each activity they perform, while ACME Wireless retains customers and appeals to new customers with fair rates, offering a predictable application environment and receiving the appropriate revenue for each network access service offered.