how wi-fi offload seamless wi-fi offload

Transcription

how wi-fi offload seamless wi-fi offload
SEAMLESS WI-FI OFFLOAD:
FROM VISION TO REALITY
APTILO NETWORKS WHITE PAPER
By Claus Hetting, Senior Consultant & Analyst
© Copyright Aptilo Networks v2 03-13
ABSTRACT
Seamless Wi-Fi offload is a new paradigm in unified mobile and wireless data services. This paper
examines how mobile network operators can build on EAP-SIM and convergent Wi-Fi / 3G / LTE
service management solutions to deliver high-quality carrier-class Wi-Fi to smartphones, tablets
and non-SIM devices. Solutions will empower operators to address a broad base of users with
new business models reflecting a range of new and attractive data service.
HOW
WI-FI OFFLOAD
Interested in WHY? Read our other white paper “Seamless Wi-Fi Offload: A business opportunity today”
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
EXECUTIVE SUMMARY
Seamless Wi-Fi offload is enabling a new paradigm in combined Wi-Fi and 3GPP-based broadband
data services. Mobile network operators can already today offer automatic, clientless, and
convenient seamless Wi-Fi services to smartphones and other SIM-enabled devices with EAP-SIM.
The solution allows MNOs to profit quickly from carrier-class Wi-Fi by building a new class of
always-on data connectivity addressing smartphone users. Carrier-class Wi-Fi with intelligent
service provisioning lets MNOs profit from a range of services based on new business models.
MNOs can choose to deploy their own Wi-Fi networks or to partner with existing Wi-Fi service
providers for national or international seamless Wi-Fi coverage. In either case proven EAP-SIM
authentication and Wi-Fi core service management solutions are available to support a variety of
partnership models, deployment schemes, authentication methods and service types.
Aptilo Networks has seen offload rates of up to 50% on individual sites saving CAPEX on 3G
or LTE equipment while reducing the need for expensive licensed mobile spectrum. Carrier-class
Wi-Fi offers quality offload services while spare capacity can be used to serve ad-hoc consumer or
B2B customers such as other service providers, venue owners, communities and more.
Many options for integration of Wi-Fi into MNO core networks exist today including tunneling of
smartphone Wi-Fi traffic back to the mobile core. A variety of network architectures allow MNOs
to optimize traffic flows and service policy control while receiving the commercial benefit of
seamless Wi-Fi offload. Even more sophisticated means of network selection, traffic optimization,
and service control will develop over the next few years (2013-2015).
Because many practical requirements for Wi-Fi service deployments are not standardized, MNOs
need to adopt service management systems and strategies that address a new reality: Carrierclass Wi-Fi networks are nearly always multi-purpose intended to serve many device and client
types. To build combined Wi-Fi / 3G / LTE services as well as services for non-SIM users service
management flexibility is required.
2
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
1
SEAMLESS WI-FI:
A NEW PARADIGM IN UNIFIED COMMUNICATIONS
There is no question that Wi-Fi offload is one of the mobile industry’s most hotly debated business
opportunities right now. Many of the world’s largest mobile operators already recognize Wi-Fi
as a business-critical technology and some are in the early phases of deploying seamless Wi-Fi
offload. A few progressive new operators entering the mobile arena today even consider Wi-Fi
their primary technology and use mobile services as a secondary network layer only.
The drivers for Wi-Fi offload are well known: Wi-Fi-capable devices are everywhere and more
than a billion are equipped with SIM cards. For many users of tablets, smartphones, and laptops,
Wi-Fi has become the preferred means of connectivity. Razor-sharp competition is forcing many
mobile carriers to cut spending while looking for new ways to stand out in the market. Seamless
Wi-Fi services for SIM-enabled users may well be the differentiator that the mobile industry has
been looking for.
So how can mobile operators turn the vision of seamless Wi-Fi into reality? Aptilo has for more
than 10 years been instrumental in transforming the potential of Wi-Fi technology into successful
commercial data services serving millions of satisfied Wi-Fi users worldwide through close to 100
service provider customers.
The next step is using seamless Wi-Fi offload to satisfy the millions of smartphone and tablet users
demanding still more data. Many view the unification of the widely successful world of mobile
broadband with the equally successful world of Wi-Fi as a paradigm shift for both.
This White Paper examines how to build the right solutions and services to achieve the goal of
making carrier-class Wi-Fi seamlessly accessible to SIM-enabled users while efficiently supporting
a growing base of non-SIM devices. Contrary to common belief seamless Wi-Fi offload is already
available today. The evolution of seamless Wi-Fi will within a few years empower mobile operators
to manage and control Wi-Fi networks as fully integrated extensions of their mobile 3G / LTE
infrastructure and services.
WHAT IS SEAMLESS WI-FI AUTHENTICATION?
Seamless Wi-Fi authentication allows SIM-enabled smartphones and tablets to access Wi-Fi
networks without any user interaction. An iPhone will for example automatically connect to a
Wi-Fi network once inside the carrier’s Wi-Fi coverage area and following authentication based
on information stored on his or her SIM. This does not otherwise restrict the use of any 3G or LTE
network because Wi-Fi and mobile transceivers operate independently on devices1.
A number of carriers and vendors today offer seamless Wi-Fi services for SIM-enabled devices
using a device client in the form of a downloaded or preloaded application. An important aspect
of nearly all the seamless Wi-Fi solutions examined in this paper is that they do not require thirdparty clients in devices2.
Solutions that require the user to take an active role in provisioning his or her cellular device for
a service have historically gained only a few subscribers despite the promise of convenience and
lower costs.
1
In the current version of iOS the smartphone or tablet will automatically prefer Wi-Fi to mobile broadband carriers. Over the next couple of years seamless Wi-Fi solutions will evolve to allow the device and the network to
interactively control the preferred carrier depending on number of parameters. The evolution of seamless Wi-Fi
is discussed later in this paper.
2
Clients may be a requirement e.g. for CDMA operators. Clients can be pre-provisioned in the factory for specific
MNOs or provisioned over-the-air although this will introduce an additional administrative process for MNOs.
3
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Even offers of ‘Free Wi-Fi’ or ‘Free VoIP’ suffer from this difficulty. From experience it seems that
relying on user self-provisioning reduces the addressable market to no more than a few percent.
Seamless Wi-Fi offload with EAP-SIM authentication carries with it the potential for global massmarket adoption because smartphone users need to do precisely nothing to enable the service.
This is one of the reasons why many industry experts expect EAP-SIM to be a game-changing
enabler of new Wi-Fi business opportunities for service providers in the Wi-Fi space.
FROM SIM-BASED AUTHENTICATION TO FULL SERVICE CONTINUITY
EAP-SIM authentication for Wi-Fi offload is the first step on a defined path towards full service
continuity across Wi-Fi and mobile networks. A great deal of standardization and industry
consensus work is being carried out within the 3GPP and Wi-Fi communities in order that both
industries receive the full commercial benefit of offering unified Wi-Fi / 3GPP broadband data
services.
The unification of Wi-Fi and 3GPP-based networks and services can be broken down into three
phases. This evolutionary path will almost certainly be realized over the coming years as it is
supported by all major vendors, standardization bodies, and industry organizations. MNOs will be
able to choose from a variety of options over the coming years as technologies mature.
The evolution of seamless Wi-Fi for mobile carriers
Figure 1: The evolution of seamless carrier-class Wi-Fi authentication and interworking. Today’s
solutions are all currently available from Aptilo as are a selection of the integration options of Phase
2 including GTP traffic routing.
4
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
2
SEAMLESS WI-FI OFFLOAD TODAY
The 3GPP and Wi-Fi communities have been working together for years to agree on how mobile
and Wi-Fi should interwork. One of the most important items agreed upon is the acceptance of
EAP-SIM and EAP-AKA methods for authentication of SIM-enabled devices on Wi-Fi networks.
Seamless and automatic Wi-Fi authentication offers great convenience to the smartphone or
tablet user. It relies on a signaling exchange between the SIM-enabled device, the Wi-Fi network
(including the Wi-Fi service management platform), and the core network of the mobile operator.
EAP-SIM Wi-Fi authentication can be implemented between a Wi-Fi network and a mobile 3G /
LTE network as shown in the diagram below. All of the parts of the solution are currently available
and are fully tested allowing mobile carriers to implement the first phase of seamless Wi-Fi today.
Figure 2: Seamless Wi-Fi offload using EAP-SIM (EAP-AKA) and local WLAN traffic breakout. The
device authenticates on the mobile network HLR (or HSS) through the Wi-Fi service management
platform including a SIM authentication server.
The interaction-free authentication starts with an EAP-SIM or EAP-AKA message from the
smartphone or tablet. The Wi-Fi AP encapsulates the message using a secure 802.1X link and
RADIUS. A Wi-Fi access gateway (AG) and service management platform signals toward the HLR
(or HSS in the case of LTE) MNO core network using standard SS7 / MAP. The IP-based SIGTRAN
protocol can also be used for this signaling, which is especially useful in the case of hosted
authentication services.
Most vendors use a SIM authentication server to manage the authentication toward the HLR
or HSS. Some vendors – including Aptilo – also have this function pre-integrated in the service
management platform. Once SIM-authentication is complete, the device is free to use the Wi-Fi
network for data services subject to service policies. Today, device traffic is usually passed to the
local Internet with local WLAN breakout, i.e. traffic is routed from the Wi-Fi access gateway to
the local Internet thus saving backhaul transmission resources.
One of the important benefits of EAP-SIM authentication is that it complies with the known and
trusted 3GPP method of using authentication vectors. The method is known for its high level
of access security and has played an important role in the global success of GSM and 3G. Wi-Fi
network access with EAP-SIM is therefore as secure as today’s mobile network access.
5
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
TECHNICAL REQUIREMENTS FOR TODAY’S SEAMLESS WI-FI The evolution of Wi-Fi and mobile interworking in the coming years will allow for much
sophistication above and beyond the current approach. But already today many MNOs are
realizing that seamless Wi-Fi services are achievable through proven means with significant
economic benefits. The technical requirements for the first phase of seamless Wi-Fi offload are
relatively light:
• Smartphone and tablet devices need to support EAP-SIM authentication
Although EAP-SIM authentication is clientless in the sense that no app or other third-party
client is needed, devices still need to support EAP-SIM. Today most leading smartphone
operating systems support EAP-SIM including Apple’s iOS, Android 4.0 or above, Blackberry,
Nokia (Symbian) and Windows 8. With a typical replacement cycle for smartphones of two
years or less, the global installed base of EAP-SIM and EAP-AKA capable devices is expected
to grow quickly.
• Wi-Fi Access Points need to support 802.1X
While EAP-SIM and EAP-AKA define authentication messages, the 802.1X protocol
encapsulates messages for delivery. As a consequence Wi-Fi Access Points used for EAPSIM authentication need to support the 802.1x protocol. This is a light requirement because
current carrier-class Wi-Fi APs are 802.1X-compliant.
• SIM authentication services in the Wi-Fi core network
Seamless Wi-Fi authentication needs support from the Wi-Fi core network in order to interwork
with the HLR or HSS to which the user is subscribed. To complete this part of the process a
EAP-SIM / AKA authentication service is needed for example in the form of the Aptilo SIM
Authentication Server™ (SAS). This server forms a part of the Wi-Fi core together with the
Wi-Fi service management platform. In Aptilo’s case the SIM authentication functionality is
included as an option in the Aptilo Service Management Platform™ (SMP).
All of the above components are available today and the amount of investment and technical
deployment required is minimal compared to the cost and complexity of deploying for
example LTE or 3G-based solutions. This is one of many reasons why seamless Wi-Fi offload
is gaining momentum as a complement to building mobile broadband capacity with LTE or
3G small cells.
Non-SIM users can also be authenticated with EAP-TLS and EAP-TTLS although this is less
common today. These methods are mostly used for authentication of devices in enterprise
or mobile CDMA networks but can also be used for secure access of non-SIM-enabled Wi-Fi
subscribers through certification of devices (EAP-TLS) and authentication servers (EAP-TTLS).
The Aptilo solution offers the flexibility of including EAP-TLS and EAP-TTLS in order that
MNOs may address the largest possible subscriber base3.
3
For more on authentication types and methods see chapter 6 of this paper.
6
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
EXAMINING THE ROLE OF HOTSPOT 2.0
The Hotspot 2.0 technical specification was created by the Wi-Fi Alliance in 2012 and has since
been supported and harmonized with the Wireless Broadband Alliance (WBA) Next Generation
Hotspot initiative. Hotspot 2.0 is understood by many to be a prerequisite for seamless Wi-Fi
offload. Although Hotspot 2.0 will introduce new valuable tools into the Wi-Fi service provider
toolbox, compliance with the full Hotspot 2.0 specification is not a requirement for seamless WiFi offload today.
Hotspot 2.0 is a suite of specifications and features intended to render Wi-Fi technology similar to
cellular technology plus a number of improvements in security of which most are already in use.
The components of Hotspot 2.0 and their relevance to seamless Wi-Fi offload are:
• IEEE 802.11u: Network discovery and selection
Today’s devices access Wi-Fi services by using an SSID name to identify the Wi-Fi network.
As an improvement 802.11u defines a method for automated access to Wi-Fi networks
not defined in the SSID list stored on the device. It also allows the device to react to other
useful information such as network and venue type, list of roaming partners, and types of
authentication available. Although 802.11u will allow access to more Wi-Fi networks and
make Wi-Fi roaming more efficient, carrier-class Wi-Fi offloading -including roaming - can be
deployed already today without the use of 802.11u.
• Secure authentication using EAP methods
Hotspot 2.0 includes the EAP-SIM and EAP-AKA methods for authenticating SIM-based
mobile broadband devices. This is precisely the method already described as a technical
requirement for the seamless Wi-Fi offload solution that can be deployed today. For non-SIM
enabled devices the EAP-TLS and EAP-TTLS methods can be used.
• Enhanced security with WPA2 (802.11i-2004)
WPA2 is a part of the Hotspot 2.0 requirement but has been in existence since 2004. WPA2
has for a number of years been a Wi-Fi Alliance certification requirement for Wi-Fi products.
This is an important component of Wi-Fi security but is included as standard in all carrier-class
Wi-Fi products today.
The Aptilo Service Management Platform™ (SMP) is ready to support the full Hotspot 2.0
suite of standards from day one as soon as 802.11u-compliant solutions become available
on the market. The Wi-Fi alliance launched the Passpoint™ certification program for Hotspot
2.0-capable equipment in June 2012.
7
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
3
HOW DOES CARRIER-CLASS WI-FI MEASURE UP TO 3G & LTE?
Wi-Fi is a best effort and shared resource data service - as are 3G and LTE – but there are distinct
differences. Comparing Wi-Fi to mobile broadband is a bit like comparing apples to oranges
because the two were designed and conceived differently although they often serve the identical
purpose of providing wireless broadband connectivity.
Wi-Fi is a capacity and not a coverage solution. The range of a Wi-Fi AP is 200 meters at best and
is in practice often less than 100 meters. The limited range is governed in part by the fact that
Wi-Fi APs by regulation only are allowed to operate at 100 mW of emitted power (in the EU) with
devices typically operating at 20 or 30 mW. On the other hand capacity constraints are precisely
what many MNOs are facing as a result of the surge in data consumption.
Today’s carrier-class Wi-Fi solutions use state-of-the-art radio technology to provide an order of
magnitude better performance than the sluggish data rates often experienced by users on private
home or office Wi-Fi networks. A number of advancements in Wi-Fi radio technology have taken
place over the past few years based on the IEEE 802.11n standard and many of them have been
achieved by Aptilo partners.
The table below indicates performance levels for Wi-Fi, 3G, and LTE. While peak rates are well
defined, the user rates in the table are based on typical average conditions. The user rate for
carrier-class Wi-Fi assumes dual-band 2.4 GHz and 5 GHz operation.
The rates will vary according to distances from the AP, device capabilities, and deployment
schemes. Carrier-class Wi-Fi using 802.11n typically performs better than 3G / HSPA+ and will
in some cases be comparable in performance to LTE. O2 of the U.K. has openly announced that
their outdoor and street-level carrier-class Wi-Fi service provides “speeds up to ten times faster
than a normal mobile connection.”4
Comparing Wi-Fi and 3G/LTE performance:
Figure 3: Typical carrier-class Wi-Fi networks using 802.11n offer better performance than 3G/HSPA+.
In some cases 802.11n will perform at levels comparable to LTE depending on device capabilities and
Wi-Fi deployment schemes. The table above is indicative only as assumptions beyond the scope of this
paper have been applied in deriving the values. For more information on the assumptions contact Aptilo.
4
The 600 MHz of unlicensed Wi-Fi band is typically not used in a single block but should be viewed as a pool
of available frequencies from which Wi-Fi service providers select a number of sub-bands also known as Wi-Fi
channels. In the 2.4 GHz band carrier-class Wi-Fi deployments typically use 3-4 channels of 20 MHz bandwidth
each. In the 5 GHz band most service providers today will use up to a maximum 9 channels of 20 MHz. These
channels are then arranged into a frequency reuse pattern. By selecting from a large pool of available channels,
Wi-Fi service providers can keep interference low to achieve high service quality and throughput.
8
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
4
BUILD OPTIONS FOR REALIZING SEAMLESS WI-FI SERVICES
A number of build options exist for MNOs wanting to deploy seamless Wi-Fi services. In many
ways the inclusion of Wi-Fi into the mainstream of MNO technologies is a departure from the
tried-and-true site acquisition and deployment processes of MNOs that have been in existence
since the beginning of mobile.
Figure 4: Build options for monetizing
the MNO Wi-Fi offload opportunity.
Any or all of the above can be
pursued in parallel based on similar
technical approaches to EAP-SIM
authentication. All of the above
require flexible service management
to accommodate a variety of services
including ad-hoc users and MNO
subscribers.
MNOs are faced with a number of options: Building their own Wi-Fi networks to complement
3G / LTE networks, partnering with Wireless ISPs (or cable operators, hotel owners, etc.) or a
combination of the two. MNOs may also choose to partner with Wi-Fi hotspot aggregators such
as iPass or Boingo. Some MNOs own Wi-Fi hotspot networks that can be used to provide seamless
Wi-Fi offload and a number of MNOs are already doing this successfully.
A fourth option is for MNOs to acquire existing WISP businesses. Finally, MNOs can choose to
offer international SIM-enabled Wi-Fi roaming through partnerships with foreign WISPs. In all
cases EAP-SIM seamless Wi-Fi authentication will apply although the details of the Wi-Fi services,
Wi-Fi core network support, and mobile core interworking may differ widely.
9
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Any seamless Wi-Fi solution requires not only compliance with 3GPP standards but also flexibility
in service management including multiple means of authentication, policy control, and billing.
Wi-Fi networks are nearly always multi-purpose serving not only MNO subscribers but also adhoc users and roaming users through other service providers on the same or on parallel physical
Wi-Fi networks.
Figure 5: Serving SIM-enabled
subscribers seamlessly across
Wi-Fi and 3GPP-based networks and serving non-SIM
devices on a single combined
Wi-Fi network.
WHERE TO BUILD MNO CARRIER-CLASS WI-FI NETWORKS
Seamless Wi-Fi gives MNOs the opportunity to offload mobile traffic to their own Wi-Fi networks for
relief of traffic congestion and to offer high-quality Wi-Fi services to both SIM-enabled and non-SIM
subscribers. Wi-Fi offload also reduces the need for licensed spectrum. Many 3G / LTE radio equipment
vendors offer a Wi-Fi AP option for small cell base stations although Wi-Fi offload networks can be
built independently of 3G / LTE networks using standard indoor or outdoor Wi-Fi APs.
MNOs need to decide not only how but also where to deploy Wi-Fi. Some parts of the industry are
promoting seamless Wi-Fi as part of a hetnet solution for providing service to a few high-density
places of congregation, such as sports stadiums and transport hubs. Although such deployment
scenarios are attractive, Wi-Fi offload allows operators to benefit from Wi-Fi in a more general sense.
10
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Typical traffic distribution for mobile broadband
Figure 6: The typical distribution of traffic on a mobile broadband network. The few mobile sites carrying
a large proportion of the total traffic can be offloaded by up to 50% with seamless Wi-Fi offload.
The figure above shows the typical data traffic distribution experienced by many MNOs. The
distribution is highly uneven as most of the traffic comes from a few sites. The 80% / 20% rule
often applies and some distributions can be even more skewed. This applies not only to cities but
also to suburban and rural areas. Seamless Wi-Fi offload can be used effectively in any area where
mobile sites are heavily loaded.
CAPACITY GAINS AND SPECTRUM SAVINGS WITH WI-FI OFFLOAD
Carrier-class Wi-Fi has been designed to provide enormous amounts of capacity in small areas.
For indoor applications it is typical to deploy about 100 Wi-Fi APs for example in an airport
building of 100.000 m2. With 802.11n APs comfortably delivering 50 Mbps each the result
is 5 Gbps of capacity5. In the case of outdoor Wi-Fi the AP density is typically lower6 reaching
capacities of 1-2 Gbps per km2. Compare this to a single LTE macrosite capable of delivering
around 100-120 Mbps.
Seamless Wi-Fi solutions today typically offload 20-30% of mobile traffic to Wi-Fi with some
Aptilo c reporting up to 50% offload of individual sites. Because the relation between the licensed
spectrum need and the peak traffic load is linear, MNOs can today reduce their peak spectrum
needs by an equivalent 20-30% or more if mobile traffic can be offloaded during the busy hour
in the right high-traffic areas.
A practical restriction today is that networks and devices offer little intelligence in controlling
where and when mobile traffic is offloaded. The evolution of Wi-Fi offload includes the ANDSF
and Hotspot 2.0 functions and device intelligence features addressing this issue.
5
According to Ruckus Wireless, U.S.A.
6
See the Aptilo White Paper: ”Seamless Wi-Fi Offload for MNOs A real business opportunity today”
11
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
MNO CARRIER-CLASS WI-FI CHALLENGES
Carrier-class Wi-Fi is an opportunity but also a challenge. Some of the most important issues are:
• Lack of deployment opportunities
Many attractive indoor locations – malls, hotels, airports, retail outlets, sports arenas etc. – are
already being served by a number of WISPs and it may be difficult for MNOs to negotiate
access to such sites in order to install equipment. Access to outdoor installation sites on street
furniture such as lampposts and billboards is occasionally possible as local governments realize
the growing importance of Wi-Fi connectivity to everyone in the community. The mobile carrier
O2 of the U.K. (owned by Telefonica of Spain) in the summer of 2012 deployed a Wi-Fi network
on lamppost in the Central London area. O2 smartphone users are today using this Wi-Fi service.
• Backhaul of traffic from Wi-Fi APs
Traffic from indoor Wi-Fi APs can be backhauled through LAN cabling and local switches
inside the buildings but identifying suitable backhaul solutions for a grid of densely deployed
outdoor Wi-Fi APs is more challenging. Current options include the use of unlicensed 5 GHz
mesh Wi-Fi networks for transmission and new forms of non-line-of-sight, point-to-multipoint
microwave systems.
• Dealing with new venue types
MNOs with much experience in acquiring and operating base station sites may not fully realize
the organizational and sales skills needed to partner with Wi-Fi venue owners. The nature of
the Wi-Fi business is such that venue owners must have a vested interest in allowing MNOs to
access facilities. This is in sharp contrast to the case where MNOs have full authority over their
own base station sites. MNOs thus need to change mindsets from ownership to partnership.
• Managing multiple authentication types, service packages, and payments
If MNOs choose to build hotspots in traditional Wi-Fi venues – such as hotels, retail outlets,
transport hubs, etc. – venue owners will typically require that Wi-Fi networks also serve clients
that are not SIM-enabled or existing subscribers of the MNO. Multiple means of authentication
and payment are needed. This accentuates the need for a Wi-Fi core network capable not only of
seamless Wi-Fi authentication but a range of both standard and new service provisioning options.
Part of the solution to dealing with new venue types lies in using the right Wi-Fi service
management platforms with features specifically designed to meet a variety of consumer and
B2B needs. These include guest Internet services for the hospitality industry that integrate with
hotel billing systems, bring-your-own-device (BYOD) Wi-Fi access, customized portals, and
more. Aptilo has for years been serving the full range of venues from airports and hospitals
to retail chains and stadiums.
PARTNERING WITH WISPS OR CABLE OPERATORS
Partnering with WISPs or cable operators with Wi-Fi networks may be the best option for MNOs
with limited access to the right indoor locations. Using the flexibility of for example the Aptilo
Service Management Platform (SMP) a range of practical and field-proven solutions is available.
A partnering strategy allows MNOs to obtain large seamless Wi-Fi coverage footprints without
making their own Wi-Fi investments except for Wi-Fi core and management systems. MNOs also
avoid having to refocus their businesses on the unfamiliar processes of building and managing
Wi-Fi radio infrastructure and can concentrate efforts on operating mobile infrastructure.
12
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Not all WISP partners may fulfill the technical requirement for EAP-SIM authentication, as older
Wi-Fi access points may not be 802.1X-enabled. MNOs need to ensure that WISP partners comply
with such requirements or select partners that own and operate fully EAP-SIM-capable networks.
It is also important wherever possible for MNOs to select partners providing the right Wi-Fi service
quality using for example 802.11n-based systems as opposed to legacy APs.
Various WISP partners may request a multitude of service policies and roaming payment options
as individual WISP expectations and business models can vary widely. The MNO needs to have the
right business processes and service platforms in place to manage – in the worst case – dozens
of tariffs and policies across its partnering footprint. Aptilo has years of experience in configuring
Wi-Fi service platforms to manage such scenarios effectively.
INTERNATIONAL SEAMLESS WI-FI ROAMING
International seamless data roaming using EAP-SIM and Wi-Fi is perhaps one of the largest
untapped business opportunities in the mobile industry today. With mobile roaming tariffs at 1
EUR per megabyte (within the EU) only very few subscribers currently use mobile data roaming.
One reason for the high tariffs is that mobile roaming traffic is backhauled to the home network
of the MNO through costly international transmission links. Not only is Wi-Fi generally less CAPEX
-intensive, it also allows routing of traffic to the local Internet of the Wi-Fi roaming partner.
There are few technical and business differences between national seamless Wi-Fi offload and
international SIM-enabled Wi-Fi roaming although partnering with foreign WISPs requires careful
service management and policy coordination. Any Wi-Fi roaming business case also needs to
strike the right balance between sharing revenues with roaming partners and benefitting from
better customer retention.
AT&T of the USA began offering SIM-based international roaming for smartphone clients in
November 2012 as one of only a few active cases. In the AT&T case the smartphone needs a
third-party client in the form of an app. This is not technically necessary if the Wi-Fi network of
the roaming partner supports 802.1X.
13
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
5
MONETIZING NON-SIM WI-FI USERS
The greater installed base of Wi-Fi devices are not SIM-enabled and do not qualify for EAP-SIM
authentication. This segment includes large-screen devices such as laptops and tablets used by
both consumers and professionals. With a high-quality Wi-Fi network MNOs may benefit from
offering ad-hoc or subscription-based Wi-Fi through a service management platform handling
both SIM and non-SIM services. Various managed services, wholesale and direct-to-consumer
business models are possible:
• Managed carrier-class Wi-Fi services
Business and organizations need quality Wi-Fi connectivity. These may include hotels, retail
chains, and branch offices of small or medium-sized businesses without the budget or
organization to deploy or maintain their own Wi-Fi systems. The managed services business
model can be extended to include any kind of public venue – including hospitals and airports.
• Wholesale of excess Wi-Fi capacity
With carrier-class Wi-Fi delivering several Gbps per km2, MNOs with their own Wi-Fi
networks will have capacity to spare. Wholesale customers may include other MNOs, WISPS,
enterprises, communities or any other business or organization in need of high-quality Wi-Fi
services. Multiple virtual Wi-Fi networks (virtual SSIDs) can be configured on the same Wi-Fi
infrastructure.
• Ad-hoc Wi-Fi services direct to the consumer:
The market for ad-hoc Wi-Fi services can be a new source of revenue for MNOs. Multiple
authentication and payment schemes are possible including SIM-authentication, SMS loops,
credit card payment, prepaid vouchers, direct subscription services and more. Providing
carrier-class Wi-Fi services also to non-subscribers can be an effective new way for MNOs to
attract new mobile subscribers.
• One service for all devices
Many MNO subscribers own multiple Wi-Fi capable devices including a laptop and a tablet. A
combined EAP-SIM authenticated Wi-Fi and mobile broadband service bundle for all devices
– even for those without SIM cards – will boost subscriber loyalty as well as data service
revenues.
• New Wi-Fi business models
Wi-Fi services can be configured to support specific applications such as premium video
streaming or gaming based on subscriptions, prepaid vouchers, or ad-hoc. Free services can
be offered for example by asking the user to pick from a variety of commercial downloadable
apps or advertisements. Similar business models may be offered by for example retailshopping chains.
14
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
6
FLEXIBILITY: PROVISIONING A RANGE OF MOBILE / WI-FI
SERVICES
The worlds of Wi-Fi and mobile are merging but the evolution of seamless Wi-Fi will be gradual
and will require continued core network support on the Wi-Fi side. EAP-SIM is an indispensable
enabling technology for seamlessness but further to authentication, Wi-Fi services for MNO
subscribers also need to be authorized, accounted for, and service policies need to be enforced.
This is the combined role of the AAA and PCRF7 (PCEF8) functions in the Wi-Fi and 3G / LTE core
networks.
As seamless Wi-Fi services and policies vary according to carrier preferences the key feature of any
Wi-Fi core network and service management platform is adaptability of configuration and interfaces.
Examples of combined mobile and Wi-Fi data services may include the following use cases:
• Mobile data (limited or unlimited) & unlimited Wi-Fi data bundle
The Wi-Fi service management platform authenticates the user through the SIM Authentication
Server toward the mobile network HLR and interfaces with the billing and CRM system of the
mobile network. MNOs can choose to apply service policies if smartphone traffic for example
is routed to the mobile core.
• Combined capped 3G & Wi-Fi data bundles
In extension of the solution above the Wi-Fi service management platform interfaces with the
PCRF of the 3G mobile core to enforce the cap on the combined 3G and Wi-Fi data volume. If
data caps are exceeded the user is redirected to a portal to confirm and authorize additional
charging.
• Casual Wi-Fi with or without SIM
Subscribers with Wi-Fi capability but belonging to another MNO (or subscribers roaming
internationally) with or without SIM can be routed to a portal via the service management
platform for pay-as-you-go casual Wi-Fi services. This service can also be extended to include
EAP-SIM authentication toward the mobile HLR for casual SIM-enabled Wi-Fi.
• Wi-Fi for 3G subscribers without a 3G data plan
Smartphone users without a 3G data plan may be offered ad-hoc, SIM-authenticated Wi-Fi
services on a daily or hourly basis using multiple payment options. The user is directed to
a portal for payment via the Wi-Fi service management platform or the payment can be
detracted from the users prepaid account via the MNOs billing system. This type of service
may give MNOs an opportunity to reach a new segment of users looking for more affordable
data services for example in emerging markets.
7
Policy and Charging Rules Function
8
Policy and Charging Enforcement Function
15
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Figure 7: Multiple authentication methods allow SIM-based and non-SIM devices to access carrier-class Wi-Fi
networks through a flexible service management platform. The SMS & MAC method uses an SMS message from
the user’s phone to authenticate the service after which the MAC address of the device is used for future logins.
THE NEED FOR MULTIPLE AUTHENTICATION METHODS
Regardless of whether an MNO deploys their own carrier-class Wi-Fi network or elects to partner
with one or more WISPs, Wi-Fi services need to support a variety of user types, services, and
devices in order for the MNO to receive the full return on investments in Wi-Fi. MNOs also face a
variety of security concerns depending on the mix of authentication types.
The most secure (and 3GPP-approved) form of authentication is EAP-SIM and 802.1X while the
least secure employs usernames and passwords. A tradeoff exists between offering Wi-Fi services
to address the broadest user base and reaching the highest level of access security using 3GPPbased methods. Individual MNOs will need to decide what may be the acceptable level of security.
16
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
Figure 8: The full matrix of authentication schemes supported by the Aptilo Service Management Platform™. The
most secure authentication is EAP-SIM using 802.1X encryption while the least secure uses manual login with
a user ID and password. Any combination of the methods can be applied for any given Wi-Fi service provider.
There are many examples of the need for multiple methods and as MNOs develop new business
models for combined Wi-Fi and 3G / LTE services more will emerge. Here are a few examples
requiring the specialized support of the service management platform as well as mobile core and
billing systems:
• EAP-SIM authentication with bill-shock prevention:
When Wi-Fi services are capped (either in combination with 3G data quotas or independently)
users need to be advised of and acknowledge the additional charge once the cap has been
reached to prevent ‘bill shock.’ The user is directed to a captive portal to confirm or reject the
additional charge. Aptilo has already implemented such a scheme for a large MNO customer
in Latin America.
• SMS-based authentication for devices not supporting EAP-SIM
Users with devices not supporting EAP-SIM (such as legacy smartphones) can be authenticated
for Wi-Fi based on their mobile subscription by sending a one-time password to the device via
SMS. The identity of the user can be verified by lookup in the HLR or HSS of the MNO. It is
also possible to use a client on the device to automatically connect using the SMS-transmitted
password.
• WISPr 1.0-based authentication for non-SIM devices
Some hotspot aggregators – such as iPass and Boingo – use WISPr-compatible clients in the
devices to automatically authenticate the Wi-Fi user via home or visited AAA.
17
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
LOGIN THROUGH SOCIAL MEDIA
The popularity of social media – such as Facebook, Twitter, and LinkedIn – has created a new
opportunity to authenticate Wi-Fi users via their social media accounts. Although such schemes
are still in their infancy they hold the potential for future mass-market adoption because of their
convenience.
The Swedish start-up Instabridge is in the early phases of launching an app-based service that
allows users to log on to a Wi-Fi network with Facebook. A user can then share his Wi-Fi connection
by inviting Facebook friends to join. The user then also gets access to his or her friends’ Wi-Fi
networks and in this way the use of Facebook authentication may gradually spread to a large
subscriber base. The Instabridge app uses Facebook’s own Connect API for authentication and is
currently available for Android devices.
Although Facebook-based login today is intended to make access to private Wi-Fi networks easy
and convenient, such methods can be extended to work on carrier-class Wi-Fi networks using for
example the flexibility of the Aptilo Service Management PlatformTM.
18
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
7
PHASE 2: INTERWORKING WITH 3G / LTE CORE NETWORKS
Phase 2 in the evolution of seamless Wi-Fi offload is about giving MNOs more sophisticated
means of controlling the flow of Wi-Fi traffic and enforcing their own policies from inside the
mobile core. An important part of this is the routing of Wi-Fi traffic from smartphones to the
mobile core instead of only allowing local WLAN breakout of Wi-Fi traffic. A number of options
exist for realizing the features of Phase 2.
The figure below gives an overview of the many Wi-Fi / 3GPP integration options ranging from
simple EAP-SIM authentication and local WLAN breakout to full service integration and traffic
routing to the mobile core. Many alternatives are possible and Aptilo supports them all. Individual
MNOs will need to decide what approach or combination of methods serves their specific business
needs in the best manner.
Mobile Core
Existing OSS /BSS
Prepaid
Policy & Charging
Integration
Integration with
existing OSS/BSS
Billing
SWo
Policy
&
Charging
SWf
CDR
Gx
Database
lookups
Aptilo Wi-Fi
Offload
Solution
Service Management
PlatformTM
Carrier-Class Wi-Fi
Service Management
CRM
One-time-password
D’/Gr’
RADIUS / http
SIM Authentication Server
SMS-C
HLR
Wx /SWx
TM
HSS
Gx /Gy /Gz
EAP-SIM/AKA
Wi-Fi Core
Wm/SWm
EAP-SIM/AKA
SWa/
Wa
Access
TM
Controller
PCRF
XML / SOAP,
LDAP, RADIUS
TTG
ePDG
IPSec to Device
S6b
GTP /PMIP
Wm/STa /Gxa
WAG
TWAG
AP
Controller
GTP /PMIP /MIP
rd
or 3 party
access GW
Policy-based routing to DPI
Local break-out of Wi-Fi
(Mobile RAN + Core offload)
Internet
GGSN
P-GW
SGSN
S-GW
DPI
Backhauling
Wi-Fi to
Mobile Core
(RAN offload)
Wi-Fi Offload
Wi-Fi
RAN
Mobile
RAN
19
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
DIRECTING SMARTPHONE WI-FI TRAFFIC TO THE MOBILE CORE EDGE (DPI)
Instead of directing the traffic from EAP-SIM-enabled devices and other services indiscriminately
to the local Internet using local WLAN breakout the MNO can retain a first degree of control over
smartphone traffic inside the 3GPP core by routing traffic to the edge of the core, i.e. to a DPI
(Deep Packet Inspection) node.
This scheme allows for non-SIM traffic to travel the usual route via local WLAN breakout while the
DPI node takes care of policy enforcement for SIM-based traffic. As most MNOs use DPI nodes to
control traffic this option may be attractive to many. There are multiple MNO benefits of using
this approach in for example a second phase of seamless Wi-Fi integration:
• Non-SIM devices can be served for additional revenue but their traffic is routed outside
the mobile core for security and backhaul transmission efficiency. The access gateway or
Aptilo Access Controller™ directs non-SIM traffic to the local Internet based on policies
configured in the Wi-Fi service management platform.
• SIM-enabled smartphone traffic is routed back to an existing DPI platform at the mobile
core edge. The DPI node extracts policy information from the Wi-Fi service management
system’s PCRF-function and enforces service policies (acting as a 3GPP PCEF) on smartphone
Wi-Fi traffic before routing the traffic to the Internet.
• DPI nodes function independently of their associated network and can also be used as a
seamless Wi-Fi traffic policy control mechanism outside of the mobile network core. This
gives MNOs more options for optimizing traffic flows and minimizing transmission costs.
BEST OF BOTH WORLDS:
TRUSTED ACCESS USING YOUR WI-FI ACCESS GW AS A VIRTUAL SGSN / S-GW
Wi-Fi
AP
WAG
TWAG
Tunnel
GTP/MIP/PMIP
GGSN
P-GW
Internet
In 2G and 3G mobile broadband the radio access network connects to an SGSN network node
before entering the mobile core GGSN. A Wi-Fi network can emulate this architecture by making
Wi-Fi an integrated sub-network of the mobile core. As in the case above non-SIM Wi-Fi traffic
breaks out locally, while the EAP-SIM-authenticated Wi-Fi traffic is tunneled (with GTP or PMIP) to
the MNOs GGSN using a Wireless Access Gateway (WAG) emulating an SGSN.
MNOs may be attracted to this option because it uses 3GPP specifications for interworking with
Wi-Fi including – in the Aptilo case – a 3GPP-compliant AAA platform as a part of the service
management platform or as a stand-alone server. This method also uses policy control functions
(PCEF) already configured in the mobile core so that ideally less system integration is required.
This option also supports all well-known management functions for general Wi-Fi services
including open SSID for non-SIM-based Wi-Fi users for example with Web-based login. In many
ways this solution represents a ‘best of both worlds’ approach to combined Wi-Fi & 3G services.
20
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
In the case of Wi-Fi interworking with LTE core networks – i.e. toward the EPC or Enhanced Packet
Core – differences in 3GPP architecture call for a new approach. Building on the 3G architecture
above, SIM-authenticated Wi-Fi traffic is routed to the P-GW (Packet Data Network Gateway)
using one of GTPv2, PMIPv6, or MIPv4 tunneling with multiple tunneling protocol support also
available. As above non-SIM traffic is routed to the local Internet from the access gateway.
A combined Access Gateway and TWAG (Trusted Wireless Access Gateway) allows for local
WLAN breakout of non-SIM-authenticated traffic while the Wi-Fi service management platform
serves the important functions of AAA and policy enforcement. One of the key benefits of this
method is that the P-GW acts as an anchor for the mobility of the Wi-Fi subscriber.
‘UNTRUSTED 3GPP ACCESS’: THE ROLE OF 3GPP I-WLAN AND IPSEC
Wi-Fi
Tunnel
AP
IPSec
TTG
ePDG
Tunnel
GTP/PM IP
GGSN
P-GW
Internet
The 3GPP standardized the first non-3GPP interworking architecture in Release 6 called I-WLAN
(Interworking Wireless LAN). This early standard required the use of the IPSec protocol for socalled ‘untrusted’ access of non-3GPP traffic including that of Wi-Fi to the mobile core. The
I-WLAN option still exists today for 3G networks but requires a TTG (Tunnel Termination Gateway)
inside the core network for terminating the IPSec connection from the device.
The option of using IPSec as means of tunneling Wi-Fi data traffic into the core remains also for
LTE networks that use an ePDG network node as the termination point for IPSec. Today the better
part of the industry considers untrusted access less likely to be the solution preferred by MNOs.
This is because the IPSec requires a resource-demanding client in the device as well as at network
termination points. Aptilo’s seamless carrier Wi-Fi solutions support the untrusted architecture as
required in both 3G and LTE versions.
21
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
8
PHASE 3: INTELLIGENT NETWORK SELECTION & SERVICE
TRANSPARENCY
The target for the third phase of seamless Wi-Fi is full service continuity and device mobility across
Wi-Fi and 3G / LTE networks. This involves not only the mobile and Wi-Fi network cores but also
their interaction with the mobile device. As a result the 3GPP has defined a number of standards
that are expected to enable intelligent offloading through interaction between the network and
the device. Some of the functionalities below are expected to become commercially available
during 2013-2015, but it will take some time before they are widely deployed.
ANDSF: INTELLIGENT NETWORK SELECTION ACROSS 3GPP AND WI-FI
Today’s device operating systems (such as iOS and Android) automatically prefer Wi-Fi services to
mobile broadband for example via EAP-SIM authentication. Applications on mobile devices use
data buffering to preserve a form of mobility and are often robust in assigning new IP addresses
and continuing to run. In this way the experience of ‘seamlessness’ is to some degree preserved.
But application-based switching of this kind is not ideal for MNOs wanting to control traffic flows.
If MNOs are to benefit fully from Wi-Fi offload, network selection needs to be controlled
intelligently. ANDSF – ‘Access Network Discovery and Selection Function’ defined in 3GPP
Releases 8, 10 and 12 – allows devices to know when, where and how to select a suitable Wi-Fi
network connection.
In practice ANDSF relies on interaction between the PCRF (policy control) server in the 3G /
LTE core and an ANDSF client in the device. The further development of the ANDSF standard
will mean that policies can for example allow the device to select a specific Wi-Fi network for
preferred access based on time-of-day, location, subscriber type, application, and device type.
Network selection based on radio network quality and backhaul bandwidth availability is left up to
individual device vendors to implement, i.e. they are beyond the scope of the 3GPP specifications
today. But they are still very much needed. Some vendors report that they already offer such
solutions based on device measurements, although it remains to be seen if this will become part
of a future ANDSF framework.
3GPP INITIATIVES TOWARDS A TRUE HETEROGENOUS RADIO NETWORK
A number of other 3GPP-defined functions are expected to further enhance the seamless WiFi user experience as well as network efficiency: DSMIP (Dual Stack Mobile IP of 3GPP Release
8) preserves the IP address of the device when the network changes so that applications can
continue to run without executing their own switching routines, while IP Flow Mobility (3GPP
Release 10) allows IP traffic flows to split between Wi-Fi and 3GPP networks based on for example
application-specific criteria.
22
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
9
A BUSINESS-CRITICAL FUNCTION: SERVICE MANAGEMENT
PLATFORM FLEXIBILITY
Regardless of the chosen build strategy and combination of business models, MNOs offering
Wi-Fi services will be required to manage and operate a number of service types across multiple
core networks enforcing multiple policy controls while using multiple means of authentication.
At the same time flexible service management platforms need to interact with billing and other
support systems.
This complexity requires an approach that advances well beyond the methods and functionality
defined in the 3GPP standards for interworking. In addition to the 3GPP standards – which are
fully supported by Aptilo – MNOs with carrier-class Wi-Fi services will need service platforms that
support the multi-dimensional business models and service scenarios of this new reality.
Partner Network
Roaming
Home Wi-Fi
Policy
&
Charging
OSS / BSS
Integration
Wi-Fi User
Experience
Mobile Core
Integration
Wi-Fi Service
Control
Office Wi-Fi
Public Wi-Fi
Local
Break-out
Small Cell Wi-Fi
Backhaul to mobile core through tunnels
Wi-Fi
Gateway
3GPP Wi-Fi Access
Access
Point
EAP-SIM / AKA
non-SIM
23
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
THE APTILO SERVICEGLUETM CONCEPT
To meet any service logic requirement Aptilo has developed the Aptilo ServiceGlueTM functionality
as an integral part of the Aptilo Service Management Platform. This is a logical framework for
linking the Wi-Fi, 3G, and LTE access and gateway network on one side to any Mobile Core and
OSS / BSS functions and databases on the other side. The Aptilo ServiceGlue can be configured to
deliver the precise service logic required by individual MNOs or WISPS across multiple networks.
Aptilo ServiceGlue™
Lookups &
parameter
mapping
Configurable Functions
100
Request
IDI
101
OSS
OSS
102
Lo
ookkup
up
Action
103
Gateway
SOAP/XML
LDAP
RADIUS
Diameter
BSS
BS S
104
Action/Post
Request
Action
Action
Action
Diameter, RADIUS, BGP
105
kup
Loo
Lookup
HLR/HSS
kup
Loo
Lookup
R
Request
t
PCRF
Diameter, RADIUS
Aptilo ServiceGlue offers flexibility of service control beyond the capabilities of any ready-made
service management platforms and it is especially valuable in the case of Wi-Fi offload: MNOs can
look up policies from several mobile core sources and map these to corresponding functions in
the Wi-Fi core network including vendor specific attributes (VSA).
CLOUD-BASED EAP-SIM AUTHENTICATION AND SERVICE MANAGEMENT
Cloud-based or hosted service management solutions may be an attractive option for MNOs on
the fast track to Wi-Fi offload or for quick seamless Wi-Fi proof-of-concept testing. Some MNOs
may even prefer to outsource operations indefinitely to obtain a better operational efficiency.
The cloud-based alternative can be particularly attractive for MNOs that are not building their
own Wi-Fi footprint.
To this end Aptilo offers a fully managed cloud-based service, operating the Aptilo Service
Management Platform from one of Aptilo’s Network Operation Centers (NOC) or from the MNOs
NOC. The service ensures a very high availability and all the features and functionality of the
Service Management Platform including EAP-SIM seamless authentication. Many configuration
options are possible including remote or local access controllers for local WLAN breakout as well
as interfacing to third-party access gateways.
24
SEAMLESS WI-FI OFFLOAD: FROM VISION TO REALITY
10
THE APTILO WI-FI OFFLOAD VISION
Aptilo believes that Wi-Fi and mobile industries are on a path of convergence enabled by advances
in standards, technologies, and systems for seamless 3GPP / Wi-Fi interworking. Already today
MNOs and carrier-class Wi-Fi services providers alike can benefit economically from technologies
such as EAP-SIM authentication and Wi-Fi / 3GPP core integration.
Over the next few years a new paradigm of unified Wi-Fi and mobile will emerge enabling MNOs
to profit from combined Wi-Fi & mobile broadband services and new cross-industry partnerships.
Unified Wi-Fi and mobile networks will meet the demand for wireless data connectivity worldwide
well into the future.
Policy
&
Charging
90+ Wi-Fi
Service Provider
Deployments
ABOUT APTILO
Aptilo Networks has provided service management solutions to Wi-Fi 3G / LTE and WiMAX
service providers since 2001 serving more than 90 Wi-Fi service providers in 60 countries. Today,
Aptilo is a recognized industry leader in enabling the seamless service delivery across Wi-Fi and
3GPP-based network systems. Aptilo Networks routinely partners with leading carrier-class Wi-Fi
and 3GPP equipment vendors to deliver end-to-end carrier-class solutions to the global wireless
market. Aptilo Networks is headquartered in Stockholm, Sweden, with regional offices in Kuala
Lumpur, Plano, Texas and Toledo, Ohio. Aptilo Networks is privately held with Norvestor Equity
as the majority shareholder.
25