News - Business Broadband - WiFi - Liberty-i

News

How Will The PSTN And ISDN Switch Off Impact On Your Business?

17 Dec 2015

Earlier this year BT announced their intention to switch off the PSTN and ISDN networks by 2025. Customers will be migrated to a single IP core network that ultimately will replace all legacy networks and platforms.

PSTN and ISDN: What’s The Difference?

PSTN stands for Public Switched Telephone Network, also referred to as the Plain Old Telephone Service (POTS). Analogue voice data flows over circuit-switched phone lines (copper wires) owned and operated by your phone provider.

ISDN (Integrated Services Digital Network) allows both voice and data services over digital lines, for example video conferencing, data transfer and direct-dial in. ISDN digital services provide multiple channels per line, enabling simultaneous phone calls.

The Alternative – VoIP

Instead of using PSTN & ISDN lines (the expensive ‘line rental’ part of your telecom bill) ‘Voice over IP’ transmits voice traffic over your Internet connection. Already many businesses are using VoIP services [link to voice page on website], not least because it’s a cost effective way to manage telephony within an organisation: this has contributed to the steady decline in take up for PSTN / ISDN services.

For many BT business customers this move by the company will force them to explore new telephony systems, with the added benefit of a more cost effective solution.

So, if your business currently relies on one of the 3.2 million ISDN channels in the UK*, what do you need to know about the ‘big’ switch off?

[wolf_single_image image=”1315″ animation=”fadeInUp”]

What To Do Now

If your current traditional telephony contract is up for renewal in the next few years, now is the time to start exploring the benefits and opportunities of VoIP technology. These include:

Cost savings – no line rental, cheaper calls including International calls, and free calls between your organisation’s offices,

Mobility – remote workers can login to your VoIP from anywhere using an Internet connection, even on their mobiles,

Multi-functional – as well as voice calls, VoIP can also be used for video-conferencing using a VoIP phone,

Integration – because VoIP technology uses the Internet it is possible to integrate it with your other business systems, such as email clients or customer records,

Scalability – VoIP technology scales easily to your business. New phone lines can simply be added, reassigned or removed depending on your business’ needs.

You’ll also need to ensure that your office Internet can handle VoIP. You will need a baseline of 5Mbps down and 2Mbps up as the bare minimum for a small office of about 5-7 users on VoIP: feel free to contact the team at Liberty-i to find out what you will need for your specific organisation. [insert contact us link]

Phone systems and handsets also need to support VoIP, having identified a provider you will be able to find out if they are compatible or not. If not, you can either upgrade to an IP-enabled on-premise PBX or replace your phone system with a hosted telephony offering. [link to zone page of website]

When To Migrate?

We would advise businesses to start thinking about migrating sooner rather than later. Now that ISDN is essentially viewed as a legacy platform, investment in it is likely to fall. This could mean that the standard of the existing network, and support infrastructure, could begin to suffer the effects of being retired well before the 2025 switch off date.

Dates for your diary

2020: Five years before PSTN and ISDN lines will be switched off; businesses will no longer be able to buy any systems that utilise these networks. Although 2025 may seem a long way off, 2020 is only four years away so if you plan to refresh or upgrade telephony systems within your organisation in the next few years, you should be looking at a VoIP solution instead of upgrading your traditional PSTN or ISDN system.

2025: BT plan to have migrated all existing customers to their IP network. This presents an excellent opportunity for businesses to explore VoIP technology prior to the switch off and find a competitive provider.

If you have any questions about the switch off and how you can manage the impact on this on your organisation’s telephony systems, please contact the

Liberty-i team. You can leave a comment below, email sales@liberty-i.com or call +44(0)808 2819 500.

* BT own a significant proportion of UK ISDN channels.

Key Business Benefits of Deploying a Wireless Network

16 Dec 2015

When deploying a data and/or speech network in the enterprise there are various implementation-possibilities, more and more we see a growing interest and demand in the combined wired – and wireless solutions. Bare in mind that in most cases the role of a wireless LAN in the enterprise is not to completely replace the wired infrastructure, merely to extend the network coverage to allow for in-building and campus communication, creating a mobile networking environment. We can see a growing interest for wireless implementations in various vertical markets i.e. retail, manufacturing, health-care and education.

[wolf_single_image image=”1142″ animation=”fadeInUp”]

Some key benefits of deploying a wireless network are:

  • Mobility improves productivity and service: Wireless LAN systems can provide users with access to real-time information anywhere in the organisation.
  • Installation speed and simplicity: Installing a wireless network enables you to go where cables don’t let you, it eliminates the need to pull cables up to the desk.
  • Installation flexibility: due to the easy setup, wireless networks enable scalability and manageability.
  • Lower cost of ownership: although initial purchase prices can be higher than the wired equivalent, the in-time overall cost will be lower, specially in environments with many add, moves and changes.
  • Scalability : wireless networks can be deployed in various topologies and are easily changed.

We can see clearly that many vendors are jumping on the wireless boat, going to market with all kinds of wireless devices I.e. laptops, PDA’s (Personal Digital Assistant) , wireless phones…, each supporting a certain standard for wireless access , where Bluetooth, 802.11 b/a are the mayor supported standards in the wireless business- market.

Virtual Private Networks (VPN) – Technologies and Protocols

14 Dec 2015

What Is a Virtual Private Network? 

A virtual private network (VPN) allows the provisioning of private network services for an organisation or organizations over a public or shared infrastructure such as the Internet or service provider backbone network. The shared service provider backbone network is known as the VPN backbone and is used to transport traffic for multiple VPNs, as well as possibly non-VPN traffic.

VPNs provisioned using technologies such as Frame Relay and Asynchronous Transfer Mode (ATM) virtual circuits (VC) have been available for a long time, but over the past few years IP and IP/Multiprotocol Label Switching (MPLS)-based VPNs have become more and more popular.

This article focuses on describing the deployment of IP- and IP/MPLS-based VPNs. The large number of terms used to categorize and describe the functionality of VPNs has led to a great deal of confusion about what exactly VPNs are and what they can do. The sections that follow cover VPN devices, protocols, technologies, as well as VPN categories and models.

VPN Customer Devices

Devices in the customer network fall into one of two categories:

Customer (C) devices—C devices are simply devices such as routers and switches located within the customer network. These devices do not have direct connectivity to the service provider network. C devices are not aware of the VPN.

Customer Edge (CE) devices—CE devices, as the name suggests, are located at the edge of the customer network and connect to the provider network (via Provider Edge [PE] devices).In CE-based VPNs, CE devices are aware of the VPN. In PE-based VPNs, CE devices are unaware of the VPN.CE devices are either categorized as Customer Edge routers (CE-r), or Customer Edge switches (CE-s).

Site to Site Virtual Private Network? 

In a site-to-site VPN, devices in the service provider network also fall into one of two categories:

Service Provider (P) devices—P devices are devices such as routers and switches within the provider network that do not directly connect to customer networks. P devices are unaware of customer VPNs.

Service Provider Edge (PE) devices—PE devices connect directly to customer networks via CE devices. PE devices are aware of the VPN in PE-based VPNs, but are unaware of the VPN in CE-based VPNs. There are three types of PE device:

Provider Edge routers (PE-r)

Provider Edge switches (PE-s)

Provider Edge devices that are capable of routing and switching (PE-rs)

[wolf_single_image image=”161″ animation=”fadeInUp”]

VPN Technologies and Protocols 

A number of technologies and protocols are used to enable site-to-site and remote access VPNs. These protocols and technologies are described in the sections that follow. Technologies and Protocols Used to Enable Site-to-Site VPNs In site-to-site VPNs, customer user data traffic is either tunnelled between CE devices or between PE devices.

 VPN Site 1

 VPN Site 2

 VPM Site 3

 U-PE Device

 N-PE Device

 Provider Network

 (VPN Backbone)

 CE Device

Modelling and Characterizing VPNs 

A plethora of methods are used to model and characterize VPNs. The purpose of this section is to introduce and explain each of these models and characterizations. As you read this section, you may ask yourself how it is that we have ended up with so many terms to describe VPNs.

The answer is a desire to accurately describe the characteristics of a VPN protocol or technology but also a simple lack of coordination among protocol designers and engineers (this is getting much better), and on top of that a certain amount of “help” from our marketing colleagues (“How can I differentiate our products?”).

Service Provider and Customer Provisioned VPNs 

VPNs can be either one of the following:

Service provider provisioned—VPNs that are configured and managed by a service provider or providers

Customer provisioned—VPNs that are configured and managed by the (service provider) customer itself

Additionally, a VPN service might be offered over the backbone networks of multiple cooperating autonomous systems and/or service providers. In this case, the VPN service is known as inter-AS or inter-provider VPN service.

Strategies for Lawful Intercept

2 Dec 2015

Public access venues like guest networks, HotSpots and Digital Cites pose a unique security challenge to the industry. As the number of public access venues and the number of nomadic users continue to increase dramatically, the requirement for new security mechanisms and the ability to aid law enforcement officials in their duty to protect society has become a paramount concern.

Security for network operators and subscribers to those networks has always been a key part of Liberty-izone Ltd‟s technology. Our Wireless/Wired Intelligent Network Gateways (W.I.N.G.) supports both user and network security features to address a variety of issues being faced in such networks.

Our Gateways safeguard the user by employing features like Dynamic Address Translation™ (DAT) and intelligent NAT (iNAT). These features translate the users‟ IP addresses thereby making it impossible to attack their computers from the Internet. W.I.N.G also support SSL login pages and VPN technologies that allow users to encrypt traffic.

In order to secure the network itself, W.I.N.G provides secure management interfaces and IPSec tunnels. It also provides network self-preservation and virus mitigation by employing session rate limiting and automatic MAC address blocking. User access to the network is moderated by features like Home Page Redirection, support for RADIUS, Credit Card and Property Management Billing Systems that enable enforcement of a variety of authentication methods like UAM, Smart Clients and 802.1x

To address liability issues for Venue Owners and Public Access Service Operators (PASOs), Liberty-i W.I.N.G. units support Terms of Use/Agreement pages that can be displayed to the Users. This forces the user to acknowledge the code of conduct they are expected to follow while using the network.

Though all the features stated above adequately address the security requirements of the users and the networks, they fall short of the unique requirements for lawful intercept (LI). The remainder of this paper outlines our LI strategy.

Whatis.com defines Lawful Intercept as follows “Lawful interception (LI) is the legally sanctioned official access to private communications, such as telephone calls or e-mail messages. In general, LI is a security process in which a network operator or service provider gives law enforcement officials access to the communications of private individuals or organizations. Countries around the world are drafting and enacting laws to regulate lawful interception procedures; standardization groups are creating LI technology specifications.”

[wolf_single_image image=”1424″ animation=”fadeInUp”]

Definition Requirement of LI in Public Access Networks 

Most public access technologies rely on some kind of Network Address Translation (NAT) while providing access to visitors. This is done primarily to save public IP addresses, which tend to be expensive. NAT offers security to the end user by restricting access to the end user computer from the Internet and in the process offers anonymity to a public user. This anonymity presents challenges when Lawful Intercept is required.

There is a huge concern that public access networks will provide a safe-haven for users who want to carry out illegal activities on the Internet. These activities include illegally downloading copyrighted material from the Internet, sending threatening emails or engaging in illegal activities in chat rooms. Additionally, venue owners who offer public access networks and utilize them as a marketing vehicle do not want to have their brand associated with any negative activity on the Internet or be exposed to the potential liabilities associated with not taking the appropriate measures to safeguard such activities.

Liberty-i provides a range of public access Gateways that use the W.I.N.G. Service Engine Software to provide seamless access to public users. Our solutions enable any kind of user with varied client configurations to get onto the network without making any changes or adding client side software to their laptops or handheld devices. While our technologies simplify the process of getting access, we are acutely aware of the Lawful Intercept issues and requirements. Liberty-i has a detailed set of solutions and strategies that enable Public Access Service Operators and Venue Owners to comply with Lawful Intercept requirements.

LI using Public Address Assignment 

The NSE provides features that enable automatic provisioning and assignment of publicly routable IP addresses. With the IP-Upsell feature, all users accessing the public access network can be forced to have a public IP address. The traffic of such users does not undergo Network Address Translation and can be traced back to the original user. Additionally, the NSE can also be configured to turn its Dynamic Address Translation™ (DAT) feature OFF, allowing users with DHCP option enabled to access the network.

LI using Trace-Back Logs 

The tracking logs carry the following information. The NSE provides tracking logs, which can be enabled to monitor all the port assignments for the users accessing a public network. These tracking logs enable you to trace-back to a particular MAC address and Username based on port and IP information available to an external site that has been attacked, hacked or used in an illegal fashion.

1) Time Stamp

2) Source IP

3) Source Port

4) Destination IP

5) Destination Port

6) Translated IP

7) Translated Port

8) Translated Destination IP

9) Translated Destination Port

10) User Details

a. MAC Address

b. Local IP assigned

c. Subnet

d. Type of user (RADIUS, PMS, Credit Card, XML, Admin Added…)

e. Username (if available)

LI using Tunneling 

The L2TP Tunneling feature enables the W.I.N.G device to act as an L2TP Access Concentrator (LAC) and initiate single or multiple L2TP tunnels to different L2TP Network Servers (LNS). This capability can be used very effectively with the RADIUS Realm Routing feature to initiate tunnels based on the user Realm or Network Access Information (NAI). Realm specific traffic can be routed to a private network specific to that realm through these tunnels.

L2TP tunneling requires authentication with the „home‟ RADIUS server and since all the subscriber traffic is tunneled to the ISPs „home network‟, all the traffic can be monitored for Lawful Intercept purposes.

LI using Standard Protocol 

There are numerous Lawful Intercept standards and numerous Lawful Intercept Forums. A short list of these can be accessed on the Global LI Industry Forum.

LI is a sensitive issue since it involves issues pertaining to privacy rights. There is a debate on whether LI strategies help protect privacy rights by enabling methods to isolate and precisely target specific users or whether these strategies provide a tool to invade on privacy rights. As this debate continues, PASOs and Venue Owners are faced with providing solutions dictated by current, local legislation.

There are quite a few “standards” in place today and Liberty-i feels that there isn‟t a commonly accepted or widely used standard. Liberty-i continues to track these standards bodies and will work with the industry to incorporate widely accepted standards and practices applicable to a public access Gateway.

Conclusion 

As Internet usage and the introduction of new applications like VoIP in a public access environment continues to increase, Service Providers will be required to provide more tools to aid law enforcement officials in tracking criminal activity over the Internet. Public access Gateways play a critical role on connecting nomadic users to public access networks, and are the ideal place to start the process of tracking illegal activity.

Lawful Intercept is important and Liberty-i W.I.N.G already has several features in place to aid PASOs and Venue Owners in supporting LI requirements. Liberty-i is committed to tracking this part of the industry and providing new LI features as standards solidify and market requirements dictate additional techniques approaches.

Peering into the Alphabet Soup: Relative Advantages of IEEE802.11a, b & g

28 Nov 2015

Abstract

IEEE 802.11 Wireless LAN technology has been a runaway success. However, the continuing evolution of this communications standard has resulted in a great deal of confusion among end customers and even industry insiders. Some advances in the standard, such as 802.11a, 802.11b and 802.11g have opened up new spectrum or resulted in dramatic increases in data rates. This paper briefly describes how the IEEE 802.11 standard has evolved and takes a more detailed look at the relative merits of 802.11b, 802.11a and 802.11g.

Why the Confusion?

The IEEE and equipment manufacturers often get a lot of criticism due to the confusion that inevitably surrounds the development of new networking technologies. At least in the case of the IEEE, this criticism may be a bit misdirected. The IEEE acts a technical standards development body. It makes no pretense at being a marketing organization, nor does it make any attempt to craft consumer friendly messaging. Instead, the IEEE focuses exclusively on the essential (but often arcane) work of developing standards.

IEEE 802.11 actually has a rather long heritage. The first meeting of the IEEE 802.11 Working Group was held in 1990. The standard itself specifies a radio frequency signaling method and a set of related parameters, collectively referred to as the Physical Layer (PHY). It also describes the behavior of the Medium Access Controller (MAC), which determines when each radio in a given network can transmit without interfering with other users. Completing the original IEEE 802.11 Standard took seven years (NOTE: Blinking or rubbing your eyes won’t help…this is not a misprint). When it was finalized in 1997, it described the MAC much as it exists today. The original PHY, however, only supported data rates up to 2 Mbps in the 2.4 GHz band. While this was perfectly adequate for some applications, it immediately became clear that higher data rates were absolutely essential before 802.11 could enjoy wide market adoption. Two new Task Groups were formed to develop extensions to the 802.11 Standard. Task Groups are simply designated with letters of the alphabet (TGa, TGb, etc.) in the order in which they are formed. Thus began the “alphabet soup” syndrome that characterizes WLAN technology to this day. The first Task Group formed was Task Group A, which was chartered with establishing a standard to support higher data rates in the then newly opened 5 GHz band. The work of this Task Group eventually resulted in the 802.11a extension to the original standard. As you may have guessed by now, the next group formed was Task Group B, whose efforts eventually resulted in IEEE 802.11b. This group was chartered with developing higher data rates in the 2.4 GHz band while supporting backward compatibility with equipment conforming to the original 802.11 Standard. The result was wildly successful. IEEE 802.11b has been widely adopted and lead to the establishment of the Wi-Fi Alliance which tests equipment from literally hundreds of vendors to ensure interoperability.

[wolf_single_image image=”157″ animation=”fadeInUp”]

To date, no less than eleven Task Groups have been formed to provide a variety of enhancements to the original IEEE 802.11 Standard. Task Groups will continue to be formed whenever essential enhancements to the Standard are identified. The work of these groups is vital to the continuous development and improvement of WLAN technology. That said, so much activity has also caused a lot of confusion and earned the dubious title of “alphabet soup”. Table 1 summarizes the activity of all past and present IEEE 802.11 Task Groups.

The evolution of WLAN technology is an on-going process. IEEE 802.11g represents the current state-of-the-art, but it is by no means the end of the line. In the home environment, is essential that a single AP provide coverage of the entire home. The range advantage should make 802.11g the dominant platform in the retail space. In the enterprise, the picture is not quite as clear. In enterprise settings, the range issue associated with 5 GHz can be overcome by means of installing more Access Points. In this space, the higher number of channels available in the 5 GHz band makes 802.11a more attractive because a higher user density can be supported. But remember, 802.11g was designed specifically to facilitate design of cost effective dual band radios. The next major step in WLAN evolution is therefore expected to be the emergence of dual band radios. Table 2 clearly shows that dual band radios will offer an extremely attractive combination of product attributes. We should start seeing dual band devices capable of operating in both the 2.4 and 5 GHz bands on a worldwide basis in the next 12 months.