Comme la gestion de l’IPsec nécessite une charge de traitement importante, la prise en charge de cette fonction par les équipements du cœur de réseau EPC ou de routage (généralement non optimisés pour IPsec)  ne peut être satisfaite qu’au prix de l’ajout de cartes dans les équipements existants ou même par l’acquisition de nouveaux équipements. A long terme, les opérateurs seront confrontés à un vrai défi d’évolutivité, et aux coûts et aux perturbations occasionnés par le remplacement d’une solution déjà installée.

Avec notre expérience commerciale de déploiements LTE depuis bientôt deux ans, nous avons identifié des critères de sélection essentiels pour les opérateurs de réseaux mobiles qui cherchent à évaluer des solutions de sécurité.  Un des éléments clés est l’emplacement physique de la fonction de sécurité dans le réseau.  Nous avons démontré de façon concluante que la localisation d’un équipement dédié à la fonction de sécurité entre le réseau d’accès radio et l’EPC garantit l’évolutivité de la solution et l’absence de dégradation des performances. Comme le fait remarquer John Byrne, analyste chez IDC, dans un livre blanc comparant l’approche intégrée à une approche dédiée pour assurer la sécurité des communications LTE, « Les opérateurs déployant LTE doivent envisager des solutions dédiées de sécurité pour répondre aux exigences à la fois à court et long terme »

Vous pouvez télécharger le livre blanc, “The Role of Best-of-Breed Solutions in LTE Deployment”, parrainé par Stoke à http://www.stoke.com/Document_Library.asp

For operators trying to get the most out of their initial LTE investment, adding the security function to existing network nodes may appear financially compelling.  However, this approach is only practical while network loads are low.  It is not an approach that will scale well as the network grows.

For example, since IPsec adds significant processing burden to EPC and transport network nodes such as S-GW and routers (not typically optimized for IPsec), throughput is only sustained by adding more equipment and blades.  Over the longer term, operators will almost certainly face scalability challenges, if not the expense and disruption of wholesale solution replacement.

Through our commercial LTE deployment experience over a span of more than 18 months, we have identified key considerations for mobile network operators evaluating security options.  One pivotal consideration is the location of the security function.  We’ve conclusively demonstrated scalability and security without performance degradation by locating a purpose-designed security aggregation device between the radio access network and the evolved packet core.  As IDC analyst John Byrne points out in a white paper about the pros and con of taking an embedded versus a standalone approach to securing LTE communications, “Operators deploying LTE need to consider standalone solutions to address both near- and long-term requirements.”

You can download the Stoke-sponsored white paper, “The Role of Best-of-Breed Solutions in LTE Deployment” at http://www.stoke.com/Document_Library.asp.

Streaming video, cloud applications, mobile payments, games and VoLTE traffic volume are set to explode over the next few years, while the number of “untrusted” connections will increase exponentially.  In the highly competitive mobile broadband market, subscribers’ loyalties lie with the operator who allows them secure access to their mobile applications with consistently high performance and quality of service any time, anywhere. Already suffering from increased user churn and revenue leakage, operators need solutions that provide the needed security of IPsec, without sacrificing network performance.

Most embedded EPC or transport network nodes are simply not optimized for the processing intensive IPsec function. Adding IPsec to embedded network nodes may appear financially compelling in the near-term – but as network usages expands, this option will quickly be exposed as a false economy.

Security should not stand in the way of maintaining a 4G-LTE experience. Clinging to legacy technology and using solutions designed for other purposes – be they 3G or enterprise – will not deliver the necessary ROI.  New approaches are needed to navigate the new frontiers of 4G/LTE.

Through its deployment experience with a major operator leveraging new-generation equipment that has been precision engineered for LTE networks, Stoke has created new data points illustrating the way in which a high performance, stand-alone IPsec aggregation solution can operators to align costs with revenue and maintain high speed performance.

SANTA CLARA, CALIF., February 27, 2012: - BT’s Advanced Research Mobility Team and mobile broadband gateway developer Stoke Inc. have completed joint lab trials investigating different deployment models for LTE networks.

The tests, initiated in February, 2011, were designed to explore potential synergies between mobile and fixed networks and examine a variety of options for LTE transport connectivity.

“This research with Stoke has enabled us to determine some high-potential opportunities to develop innovative services for current 3G environments and opportunities for evolving the architecture to 4G, said Chris Bilton, Director, Research & Technology, BT. “The program findings, especially the proof of vendor interoperability, have provided invaluable insights which will help formulate next steps in proving our findings.”

Stoke’s Security eXchange was used to examine aspects of scalability, enhanced security, and multi-tenant network sharing scenarios, and acted as an anchor device in enabling the demonstration of different architectural strategies for LTE deployment.

BT and Stoke are now able to define new architectural strategies that provide important information for LTE license holders.  “With spectrum owners looking at options ranging from build-own-operate to complete outsourcing arrangements, there are many unanswered questions.  The test results shed much-needed light onto the feasibility of LTE rollout options, and point the way to some viable alternatives,” said Dave Williams, Chief Technology Officer at Stoke “We are very pleased to support BT in extending its research into areas that will rapidly add value to its business divisions and customers. Additionally, the trials have helped us to develop advanced new features for our platform.”

The tests utilized equipment from a variety of vendors; Stoke’s Security eXchange successfully demonstrated seamless interoperability and transparency with all vendors’ equipment including RAN, backhaul transport, caching, timing and synchronization and EPC.  The results also highlighted the value of: selecting multi-vendor, best-of-breed equipment to enable a variety of flexible deployment options; validation of the imperative for scalable security in mixed networks; and the advantages of the standalone secure aggregation gateway in enabling distributed deployment of the function at different points in the network.

The growth in LTE deployments, migration challenges and the pros and cons of an embedded versus a standalone approach to security within the EPC core network  is explored in an IDC white paper,  sponsored by Stoke, ‘The Role of Best-of-Breed Solutions in LTE Deployments’ published February 23, 2012.  The paper ^[1] also outlines some of the opportunities created for operators in deploying a standalone approach.

“As IP injects itself deeper into service providers’ LTE networks, operators face new and unfamiliar challenges,” said John Byrne, Research Director, Wireless Infrastructure at IDC Research. “In the specific area of security, operators must keep pace with growing network loads, unpredictable traffic patterns and increasingly complex network architectures with the result that flexibility and scalability are becoming key requirements. We believe that operators taking a long-term view toward maintaining high performance as LTE network loads increase may wish to consider adopting standalone solutions to help manage growing signaling loads, ensure the highest levels of security possible, and maintain the ultra-low latency performance that LTE can deliver.”

Stoke also demonstrated the secure backhaul capabilities of its Security eXchange during the successful Multi-Service Forum Voice over LTE trials in September, 2011 further adding to the number of LTE vendors proven to interoperate with the Stoke Security eXchange.  The product was recently named winner of Mobility Tech Zone’s LTE Visionary Award and was a finalist in the November, 2011 Light Reading Leading Lights awards. Stoke will showcase the Security eXchange together with its Wi-Fi eXchange and Service eXchange systems together with new offerings at Mobile World Congress, Barcelona, February  27 – March 1, 2012.

About BT Innovate and Design BT Innovate & Design is responsible for the innovation, design, development and delivery of the processes, networks and platforms that run the BT business. The organisation leads on innovation on behalf of the whole company. It strives to bring new ideas, products and services to market faster, more cost effectively, efficiently and at higher quality than ever before. BT Innovate & Design also delivers strategic innovation and technology vision for BT through effective and coherent engagement with other parts of the business as well through powerful relationships with third party organisations – including some of the world’s most famous academic institutions. The organisation’s IT professionals have a strong track record in the delivery and development of systems and solutions, and in managing a secure and resilient infrastructure. The innovations developed at BT’s laboratories at Adastral Park near Ipswich, UK, provide BT with a world-class science and engineering base for the design and delivery of next-generation converged networks and services.

About Stoke, Inc.
Stoke delivers transformative gateway solutions for navigating mobile broadband’s new frontiers. Stoke mobile network gateway solutions address today’s challenges using creative approaches, enabling mobile operators to manage traffic growth and increase the efficiency, reliability, and scope of mobile data services. Stoke is backed by prominent venture capital firms and carriers including Kleiner Perkins Caufield & Byers, Sequoia Capital, Focus Ventures, and NTT Docomo. For more information, visit www.stoke.com.

^[1] The IDC white paper ‘The Role of Best-of-Breed Solutions in LTE Deployments’ is is available for download here.

By Mary Lennighan, Total Telecom, in Paris, Wednesday 28 September 2011

French telco says WiFi offload is the right approach to dealing with mobile data traffic, provided ease of use is addressed.

France Telecom-Orange on Wednesday emphasised the importance of using WiFi to offload traffic from its mobile network, based on its existing network of WiFi access points, but warned that there are still challenges to be overcome.

Mobile Broadband Startup Introduces Ultra High-Speed Version, Ramps Shipments of Gateway Solutions To Meet Escalating Demand for Standalone LTE Security Solutions

SANTA CLARA, Calif. — October 18, 2011 — Mobile broadband developer Stoke, Inc. today announced an ultra high performance version of its Stoke Security eXchange solution for 4G/LTE networks. Capable of an unprecedented 40 Gbps of throughput, the standalone Security eXchange with XGLC20 packet processing card equips operators with unmatched capabilities to secure and encrypt huge volumes of LTE mobile broadband services without introducing latency or impairing quality.

SANTA CLARA, Calif. — October 4, 2011 — Mobile broadband developer Stoke, Inc. participated in the VoLTE (Voice over LTE) Interoperability test event organized by the MultiService Forum (MSF) and backed by the GSMA, on September 12-30, 2011. Stoke’s Security eXchange, a standalone high performance gateway, was part of the interoperability event hosted at the Vodafone Centre for Test and Innovation located in Dusseldorf. Stoke contributed in building and validating practical LTE network use cases such as secure association and encryption of VoLTE traffic from the radio access network to the evolved packet core, followed by recommendations for deployment scenarios.

The event focused on validating the GSMA’s technical recommendations for IMS-based VoLTE, and establishing best practices for VoLTE deployment strategies for LTE/EPC/IMS technology. Stoke contributed to development of IOT test scenarios related to the scalable encrypted communications function, a likely requirement in planned heterogeneous LTE network deployments. This was accepted as a component of the VoLTE interoperability event, and Stoke continues to be active in defining the required amendments to LTE architecture and the definition of the interface specification itself.

“We are excited to be part of the MSF’s efforts in applying the industry standards set by 3GPP to actual use cases, leveraging our ground-breaking experience from live deployments,” said Dave Williams, CTO at Stoke. ‘As a leader in the field of LTE security solutions we are seeing a growing industry focus on this key requirement, which is a prescribed aspect of 3GPP mobile architectures, and we are very pleased to have successfully contributed to this aspect of the MSF testing.”

Late-stage startup Stoke is taking an increasingly prominent role in building awareness of the importance of scalable encryption solutions for LTE communications, particularly in small cell deployments where traffic backhaul services cannot always be ‘trusted’. Williams added, ‘Through the MSF testing, our goal was to prove to mobile operators that, with the right standalone platform, IPSec imparts no additional system latency or throughput performance penalty, and ensures subscriber, network and services integrity.”

“We’re pleased to welcome Stoke to the MultiService Forum,” stated Kyu-Ouk Lee, MSF President. “The knowledge, experience, and enthusiasm that Stoke brings to the MSF is making a valuable contribution to our ongoing interoperability program, and we welcome its contribution.”

Stoke’s Security eXchange encrypts user and control plane traffic between LTE base station (eNodeB) devices and the core network at line rate, with no impact on throughput or performance quality. The Security eXchange allows operators to mitigate the strategic risks inherent in deploying all-IP LTE networks and improves their ability to scale their networks to accommodate growth in traffic and eNodeBs.

The MSF VoLTE Interoperability event was hosted by Vodafone and China Mobile in the Vodafone Centre for Test and Innovation in Dusseldorf and in the China Mobile Research Institute Lab in Beijing.

About the MultiService Forum
The MultiService Forum (www.msforum.org) is a global association of service providers, systems suppliers and test equipment vendors committed to developing and promoting open-architecture, multiservice Next Generation Networks. Founded in 1998, the MSF is an open-membership organization comprised of the world’s leading telecommunications companies. The MSF’s activities include developing Implementation Agreements, promoting worldwide compatibility and interoperability of network elements, and encouraging input to appropriate national and international standards bodies.

About VoLTE IOT Event 2011
The MSF hosted the VoLTE IOT 2011 Event in the Vodafone Centre for Test and Innovation in Dusseldorf and the China Mobile Research Institute Lab in Beijing in September 2011. The event is backed by the GSMA following the launch of its global VoLTE initiative in 2010, which is supported by more than 40 leading organizations in the mobile space. The event built on the major success of the previous Global MSF LTE Interoperability Event that took place during March 2010 and reflects the industry’s drive to continue to deliver major carrier driven events that benefit all its members in their quest to keep pace with an ever faster moving industry. The MSF VoLTE Interoperability test event focused on validating core network interfaces to ensure multi-vendor deployment strategies for LTE technology and will validate the MSF physical scenarios developed to incorporate 3GPP LTE/EPC technology and the GSMA’s technical recommendations, focusing on Voice over LTE, with the support of China Mobile and Vodafone. http://www.msforum.org/interoperability/VoLTE.shtml

About Stoke, Inc.
Stoke is the mobile industry’s only transformation platform, delivering future-focused thinking and solutions for 3G and 4G mobile broadband infrastructures. Stoke enables mobile operators, through the application of Business-Crossover™ thinking, to overcome limitations inherent in legacy approaches and architectures, helping them tackle the new realities of 3G mobile data service delivery today and successfully navigate their transition to 4G services platforms tomorrow. For more information, visit www.stoke.com.

Download the last white paper from Heavy Reading prepared by Gabriel Brown, Sr Analyst, on behalf of Stoke.

http://www.lightreading.com/lg_redirect.asp?piddl_lgid_docid=212471&piddl_lg_pcode=librarypage

4G World

October 24-27, 2011 at McCormick Place, Chicago

Find us at the Stoke Booth #1215