Wednesday, July 18, 2012

AT&T Announces Shared Wireless Data Plans

Next month, AT&T will begin offering shared wireless data plans that let customers share a single bucket of data across smartphones, tablets, and other compatible devices, plus get unlimited talk and text. 


Customers will be able to choose one of the new shared data plans or choose one of AT&T's existing individual or family plans, without a contract extension. There are no changes to AT&T's device upgrade policy, which means customers eligible to upgrade to AT&T's best device price are not required to switch plans. The new plans will also be available for business customers. http://www.att.com 




The Grum Botnet Meets its Demise

Grum, described as the world's third botnet, has been largely taken offline, following the seizure of command-and-control servers in the Netherlands, Russia and Panama, according to FireEye, which has been tracking the issue. Grum is blamed for generating billions of spam messages daily from at least 120,000 zombie IP addresses around the world. According to the FireEye's blog, Grum's takedown resulted from the efforts of many individuals. Check out the blog for a behind-the-scenes look at how this was done. http://blog.fireeye.com/research/2012/07/grum-botnet-no-longer-safe-havens.html 



Verizon Wireless Adds 33 More LTE Markets

Verizon Wireless is activating its 4G LTE network in 33 new markets and expanding in 32 other markets. The company confirmed that it is on track to meet its goal of covering more than 400 U.S. markets by the end of 2012.

“Our rollout of Verizon Wireless 4G LTE in the United States is on track and we are confident we will meet our target of providing 4G LTE to our customers in more than 400 markets by the end of the year,” said Nicola Palmer, chief technical officer of Verizon Wireless. “With more markets than all other U.S. wireless providers combined, our customers are the first to learn of the great advantages of the Verizon Wireless 4G LTE network for streaming video, downloading files, uploading pictures and so much more, at consistently reliable fast data speeds.” 
http://www.verizonwireless.com 



Qualcomm Revenues Hit $4.63 Billion on 3G/4G Expansion


Qualcomm reported quarterly revenues of $4.63 billion, up 28 percent year-over-year (y-o-y) and down 6 percent sequentially. Operating income hit $1.38 billion, up 24 percent y-o-y and down 9 percent sequentially, while net income was $1.21 billion, up 17 percent y-o-y and down 46 percent sequentially.

"Adoption of 3G and 3G/4G technologies continues around the world, driving strong year-over-year growth in our chipset and licensing businesses this quarter," said Dr. Paul E. Jacobs, chairman and CEO of Qualcomm. "Looking forward, our growth estimates for 3G/4G device shipments in calendar 2012 have moderated slightly, and we now expect the demand profile of the calendar year to be more back-end loaded as new devices are launched for the holiday season. Although our outlook for semiconductor volumes in the fiscal fourth quarter has been reduced from our prior expectations, we are ramping supply of our 28 nanometer chipsets to help enable what we expect to be a strong December quarter for our semiconductor business."

Some highlights:
  • MSM chip shipments: 141 million units, up 18 percent y-o-y and down 7 percent sequentially.
  • March quarter total reported device sales: approximately $47.8 billion, up 31 percent y-o-y and down 8 percent sequentially.
  • March quarter estimated 3G/4G device shipments: approximately 206 to 211 million units, at an estimated average selling price of approximately $226 to $232 per unit.
  • $26.5 billion held in cash and cash equivalents.
http://www.qualcomm.com


New OIF Projects Address 100G, 400G and Emerging Control Plane Applications

The OIF has taken on three new projects focusing on 100G and 400G needs for optical and electrical technologies.

1. Members of the PLL Working Group are actively assessing the need to synchronize data rates of 4x10G lanes with 4x25G lanes. By mapping an interface IC with fiber optic modules, the Multi-Link Gearbox 2.0 project looks at how to process the link technology with optical interfaces as bandwidth grows to 400G data rates.

2. A new project proposes an electro-mechanical footprint for Optical Engine (OE) modules. Driving optical conversion off the front panel, deeper inside equipment, OEMs are looking to achieve connectivity with future optically enabled multi-chip modules (MCM) packages and prepare for 3D stacking technology and 50 Gbps connected devices. This project will address the power, footprint and high-density connectivity needs for those applications.

3. The OIF has begun reviewing the extremely well received and forward looking 100G DWDM Framework Document that was published in 2009 to update and target needs of the 100G Intermediate Reach market. This project will look at the requirements and application scenarios related to low cost, power efficiency and high-density approaches for next generation 100G transmission as it relates to the Metro space.

At its quarterly meeting last week, the OIF also held a workshop reviewing emerging control plane technologies for cloud computing and Software Driven Networks (SDN). Topics of discussion included Cross Stratum Optimization (CSO), Open Flow, Application-Layer Traffic Optimization (ALTO) and GMPLS/PCE. 
http://www.oiforum.com

 

Huawei Announces 2 Tbps Wavelengths Based on DSPs + FEC

Huawei announced a prototype WDM platform capable of delivering 2 Tbps per-channel -- a 20–fold increase over the 100G channels available today. Huawei has previously demonstrated 400 Gbps technology at trade shows earlier this year. 

The 2 Tbps channel rate is achieved by using intelligent digital signal processing and high performance adaptive-SD FEC technologies. Huawei claims that the 2T signals with 300GHz spectral width can transmit over a distance of 1,000 km without electrical regeneration when using G.652 fiber and common EDFAs.

The use of 2 Tbps channels expands the prototype WDM system capacity to 56 Tbps when utilizing wavelengths in both the C and L bands.

Huawei is also planning to use flex transceiver technology on this prototype WDM platform. This will enable software-defined OTN, allowing a programmable network controller to configure parameters such as the number of subcarriers, subcarrier spacing, modulation codes and FEC modes, thereby achieving flexible adjustments in areas including line rates, transmission distances and transmission capacity. Huawei describes this as programmable "resilient tunnels". 
http:// 
 

UNH-IOL and TraceSpan to Provide GPON ONU Conformance Testing

The UNH-IOL will use TraceSpan's GPON Xpert OLT emulator to perform GPON ONU testing in accordance with the Broadband Forum's OD-247 GPON ONU Conformance Test Plan.

GPON Xpert combines OLT emulation with passive and objective analysis, and can perform these two functions simultaneously, thus serving as a complete integrated test tool for ONU conformance. The GPON Xpert OLT emulator comes with pre-defined tests for the various OD-247 test cases. Its embedded multi-layer analysis capability automatically compares the ONU's behavior and OD-247 criteria using the Validation Test mechanism.

TraceSpan noted that its GPON Xpert has been used extensively by UNH-IOL and its customers in the lab and during plugfest events, greatly aiding in the debugging of testing. Testing in the lab included a variety of test cases from the draft BBF WT-255 GPON Interoperability Test Plan. 
http://www.tracespan.com http://www.iol.unh.edu 

China Mobile and Clearwire Advance Plans for Global Roaming on TD-LTE

China Mobile and Clearwire signed a a non-binding memorandum of understanding (MOU) for international roaming between China and the United States using TD-LTE.

The carriers are working on the technical means to support international roaming. The companies also expect this agreement to serve as a blueprint for future roaming agreements with other members of the Global TD-LTE Initiative (GTI) of which China Mobile and Clearwire are founding members.

"We recently demonstrated the roaming capability between Hong Kong FDD LTE and Hang Zhou TD-LTE. With the commercial launches of TD-LTE networks in major markets, these networks shall enable international roaming to create a ubiquitous user experience and a unified market," said Dr. Tiger Lin, Chairman of China Mobile International. "Our goal is to make a converged LTE TDD/FDD market in which our subscribers roam between a TD-LTE network and a LTE FDD network at affordable cost and enjoy the benefit of LTE service globally." 
http://www.clearwire.com 



Monday, July 16, 2012

Microsoft Designs New Office for the Cloud

Microsoft CEO Steve Ballmer introduced the next version of Office saying that the suite has been completely-re-designed for the cloud and social interaction.

Specifically, the new Office is available as a cloud-based subscription service. Office saves documents to SkyDrive by default, so content is always available across the user's tablet, PC and phone. As subscribers, consumers automatically get future upgrades in addition to cloud services including Skype world minutes and extra SkyDrive storage. Subscribers receive multiple installs for everyone in the family and across their devices.

Microsoft has also incorporated Yammer, which delivers a secure, private social network for businesses. Yammer offers integration with SharePoint and Microsoft Dynamics.

In addition, Office is adding a People Card, which provides an integrated view of contacts in each application. The People Card includes presence information complete with pictures, status updates, contact information and activity feeds from Facebook and LinkedIn accounts.

"We are taking bold steps at Microsoft,” Ballmer said at the press conference in San Francisco. “The new, modern Office will deliver unparalleled productivity and flexibility for both consumers and business customers. It is a cloud service and will fully light-up when paired with Windows 8." 
http://www.microsoft.com 

NTT DOCOMO Collaborates with China’s Baidu

NTT DOCOMO has invested US$22.5 million -- equivalent to 20 percent ownership -- in Baidu Yi Xin Network Technology, its joint venture with the Chinese language Internet search provider.

The companies will jointly provide value-added services and digital content for mobile phones in mainland China. Baidu Yi Xin is the content platform provider for mobile phones.

Starting in August, Baidu Yi Xin plans to provide content from Japan on its platform. This will include social games, e-commerce and other Web services, as well as Japan-made content localized for the Chinese market. 
http://www.nttdocomo.com 

euNetworks Activates London-Dublin Capacity with Sea Fibre Networks

euNetworks has activated an 8.8 Tbps capable fibre based network from London to Dublin, completing the meshing of the carrier's 13 operational fibre based city networks into a single optical domain.

euNetworks has developed an end-to-end fully redundant and owned network. Connecting Dublin into a national network across the United Kingdom including Manchester, Birmingham and Bristol and onwards to London, this network has been designed with the ability to provide optimal paths and diverse routing. euNetworks can deliver 10G, 40G and 100G over its DWDM platform.

The new capacity is delivered over Sea Fibre Networks' CeltixConnect cable, which at 136 kilometres is the shortest sub-sea network linking Ireland and the United Kingdom. 
http://www.seafibrenetworks.com 

Australia's NBN Sets FTTH Target for Towns with 1,000 Premises or More

NBN Co, which is building Australia’s national broadband network, lowered its target for areas that will receive FTTH rather than high-speed fixed wireless broadband.

NBN Co said it plans to install fibre in towns of 1,000 premises or more, or to some towns with as few as 500 premises where the town is located on an NBN fibre transit link. Previously, it was expected that fibre would be deployed in towns with a population of 1,000 or more (not premises).

The change is expected to lower the overall costs of the project as many smaller towns across the country will not receive fibre.

The National Broadband Network aims to reach 93% of premises by fibre, and the remaining seven percent via fixed wireless or satellite. 
http://www.nbnco.com.au 

Infonetics: Mobile Services to Hit $976 Billion by 2016

Infonetics Research is predicting that the mobile services market worldwide will grow to $976 billion by 2016, with the bulk of the growth coming from mobile broadband services.

The firm's latest 2G, 3G, 4G (LTE) Services and Subscribers: Voice, SMS/MMS, and Broadband report, which tracks operator subscribers and revenue derived from pre-paid and post-paid mobile broadband data, voice, and messaging services, finds that mobile broadband subscribers will grow from 15% to nearly 40% of all mobile subscribers between 2011 and 2016.

“The mobile world is undeniably shifting from voice to data, as mobile operators migrate as many subscribers as they can to data service plans and smartphones. Already in North America and Asia Pacific, mobile operators derive over 40% of their mobile revenue from mobile broadband and messaging. But, while mobile broadband is no doubt the fastest growing revenue stream for operators, mobile messaging and voice aren’t dead just yet, not by a long shot,” notes Stéphane Téral, Infonetics Research’s principal analyst for mobile infrastructure and carrier economics.

Téral adds: “The prophecies of doom for mobile operators’ SMS/MMS cash cow are being overplayed. Despite the popularity of over-the-top messaging applications like Apple’s iMessage and WhatsApp, our data shows SMS growing every year from 2012 to 2016, delivering a cumulative $1 trillion in operator revenue during those 5 years. And over that same period, voice revenue will decline only slightly, still making up a sizable chunk of operator revenues.”

Some other highlights:

  • On a global basis, Infonetics expects operators to see a 6% increase overall in revenue from mobile voice, mobile broadband, and mobile messaging services in 2012
  • The highest growth in 2012 will come from Asia Pacific and Latin America, while the EMEA region is expected to see a slight decline due to cutthroat competition and economic turmoil
  • Mobile data (text messaging, multimedia messaging, and mobile broadband) service revenue rose in every region in 2011, driven by an increase in smartphone usage At more than a quarter trillion dollars in 2011, Asia Pacific generates the largest portion of mobile service revenue
  • Voice revenue dipped 0.8% worldwide in 2011, despite the growing use of voice services in China.

Raytheon Develops MORPHINATOR Network Technology


The U.S. Army's Communications, Electronics, Research, Development and Engineering Center (CERDEC) has awarded a $3.1 million contract to Raytheon to develop technology for Morphing Network Assets to Restrict Adversarial Reconnaissance (MORPHINATOR). The aim is to dynamically modifying aspects and configurations of networks, hosts and applications in a manner that is undetectable and unpredictable by an adversary but still manageable for network administrators. MORPHINATOR is designed to be used in conjunction with other existing security devices to provide an active defense approach to information assurance.


Raytheon said the use cyber maneuvering techniques could thwart potential attackers in high-threat environments.


"The intent of cyber maneuver is to place computer network defense technology into a proactive state, thereby shifting the advantage away from the attacker," said Jack Donnelly, director of Trusted Network Systems for Raytheon's Network Centric Systems business. "By constantly changing the characteristics of the networks it resides on, MOPRHINATOR provides a more robust and trusted networking solution."

http://www.raytheon.com

Malaysian Operators Agree to LTE Infrastructure Sharing


Maxis , Malaysia's leading integrated communications service provider, and REDtone, a broadband service provider, signed an infrastructure and spectrum sharing agreement.


The deal paves the way to faster LTE roll out across Malaysia. Both Maxis and REDtone are looking to launch their 4G LTE services early next year in selected areas of the Klang Valley, with other regions to follow closely thereafter.


Maxis Chief Executive Officer, Sandip Das said, “We have been at the forefront of promoting networks to be shared as we have recently commissioned active network sharing on 3G with U Mobile. Data networks are onerous and have to be built carefully. The demand for data is not disputed, but the inflection point is some time away. Sharing will get REDtone up and running quickly and also fetch adequate returns on our investments, besides conserving spends at a national industry level. We are looking to set a new benchmark in data service quality as this will help us design a more effective infrastructure."


"The network sharing and alliance agreement with Maxis is a significant development for REDtone as we build on our broadband business. It will help to address REDtone’s rollout obligation to cover 50% of the country’s population," said REDtone Managing Director Dato’ Wei Chuan Beng. “For REDtone to comply with the 50% rollout requirement, our capex would have been RM390 million as is stated in our detailed business plan (DBP). However, this has been mostly replaced by riding on Maxis’ existing infrastructure and leasing the necessary capacity from Maxis,” added Dato’ Wei.


Maxis noted that it has invested RM3.7 billion in capex in the past three years resulting in 95% 2G and 81% high speed 3G coverage of the population. Maxis now has 3,400 of its 5,200 3G sites enabled with 42Mbps capability, and has also built the capability for efficient LTE rollout.


Sunday, July 15, 2012

Network Security in the Mobile Core: Port Scans to Mobile Devices

It’s no secret that the core of modern mobile switching networks is based on the Internet Protocol.  What’s interesting is that simple network attacks that have been largely mitigated at the data center are finding their way into the mobile core networks.  Two examples of this are port scans and TCP SYN floods from the Internet all the way through the mobile core and to the mobile devices themselves.  The scans have the side-effect of waking up thousands of smart phones at once, causing high CPU on the Radio Network Controllers (RNC) and Serving GPRS Support Nodes (SGSN). This in turn may lead to network congestion and even network outages. This article looks at how the mobile core architecture is susceptible to these attacks and suggests strategies for mitigation.

Running without Firewalls

Mobile switching networks are similar to a typical Internet data center with some interesting exceptions.  First, instead of servers at the back end, they have mobile clients (handsets).  While network traffic is typically initiated from those handsets toward the Internet, nearly all operators allow connections initiated from outside the mobile network to come in, for various reasons.  In one example, an enterprising downstream customer had turned a series of smartphone handsets into security cameras which he would rent out to his customers who then viewed them by initiating web connections from outside the network to the handsets themselves.  In that example, the handsets really are operating as little servers.
However, one very significant difference between a typical data center and a mobile network is that instead of there being thousands of servers, the mobile network has millions of handsets.  With 32% of these handsets being smartphones# capable of running multiple applications simultaneously, the number of concurrent connections that the network must support quickly climbs into the tens of millions.  Conventional network firewall technology does not readily scale at this level so many mobile switching networks have been running without them, developing new architectures along the way.

Flow of Network Attacks

A second significant difference is a much larger control plane in a mobile network versus a typical data center.  Control plane signaling is made up of policy control, the auditing of subscriber data and the mobility management of subscribers as they move from one location to another within their home network or roaming to another roaming partner’s network.  While the operator’s policy control and auditing architecture may be fairly modern, the mobility management infrastructure is often a rework of legacy equipment which frequently has scalability issues in today’s usage environment.
Consider the example of a subscriber’s handset in idle mode (PMM-Idle). When a connection initiated from the Internet enters the network addressed to the IP address of the handset, the SGSN will page for address in the last known routing area.  The RNCs servicing the routing area will also page for the handset and the size of the routing area can be as big as a very large city. When the handset is finally located, a signaling connection will be established between the handset and the SGSN. After this signaling procedure, the handset will be in connected mode (PMM-Connected) and at this time data can flow between the handset and the Internet. The overhead of this signaling procedure is what causes congestion in an operator’s network during an attack.
Table 1 - Control Plane response to single port scan packet in the dataplane
RNC Signaling Messages to locate an idle handset Signals Total
Paging messages 2 2
RRC Connection Setup 2 4
Security Function Setup 4 8
RAB assignment 4 12

Table 1 shows that to deliver packet data to an idle mode handset will require approximately 12 signaling messages in the RNC.

Effect of Network Attacks

A multiplier of 12 signaling messages per data connection doesn’t seem like so much overhead, especially when the connection may be long lived and have hundreds or thousands of packets within it.  The above example appeared to be slightly atypical in the sense that:
 

  • The handset was idle
  • A connection was coming to it from the Internet
As long as this case stays atypical, the signaling event overhead remains inconsequential.  But this is where the network attacks start to cause trouble.  Two common network attacks, port scans and SYN floods, both mimic incoming connections.  Port scans in particular use a range of destination IP addresses as they search for hosts, meaning that they will affect a different handset with each packet.
If a moderately sized port scan of 1,000 packets-per-second gets into the mobile network during busy hour from the Internet, it will trigger a cascade of additional 12,000 signaling messages per second to the RNCs as the network attempts to locate and connect handsets across the network.  SYN floods can have the same effect, but they are typically sent at much higher rates, though with fewer destination addresses.  Both attacks are extremely common and they move the example from the atypical to the pathological. If operators RNCs or SGSNs cannot scale to handle this type of attacks, it may lead to network congestion or outages. And even if these nodes are scalable, it would be unwise to waste precious and expensive radio resources to such attacks.

Solutions

In IPv4 networks, one method to solve these problems is use network-address-translation (NAT) technology to protect the traffic.  However NAT has its own set of disadvantages.  It is difficult to NAT tens of millions of connections, especially when operators are required to audit address changes.  Also, as networks move to IPv6, NAT is not an option and the handsets again become exposed to the Internet.
The scalability limitations of conventional firewall technology are forcing mobile operators to consider alternate mitigation methods of these attacks.  Some operators have talked about preventing connections coming into the mobile network from the outside, but they are finding that this stance is not acceptable to their subscribers or their internal managed services departments that are relying on incoming traffic to sell services downstream. As operators migrate to a new architecture where voice is data, connections initiated from outside the mobile network may be inevitable.
Other operators are finding new ways to configure a device already in their network to perform firewall services.  High-capacity application delivery controller (ADC) devices, for example, can use the tried and true technique of SYN cookies to defend against SYN flood attacks.  For port scans, the mobile network operators are using dynamic, programmable scripts on the ADC as whitelists against which to compare the incoming connections.

Conclusion

All mobile operators are moving to the new world of LTE, where everything, including voice, is network traffic.   This vision will still rely on radio networks and IP-based control planes that will still be vulnerable to network attacks.  More smartphones will translate to more concurrent connections, keeping conventional firewall technology out of the mobile network.  And, as the networks move towards an all-IPv6 model, network security will become an even greater challenge since 100% of all handset will be visible to the Internet and will be potential attack targets. Expect the current threat situation to project into the LTE environment and for network operators to continue to find more ways to squeeze better network security out of the high-capacity networking devices they already have. 

About the Autho
David Holmes, Technical Marketing Manager, F5 Networks
About the Company
F5 Networks, Inc., the global leader in Application Delivery Networking (ADN), helps the world’s largest enterprises and service providers realize the full value of virtualization, cloud computing, and on-demand IT. F5® solutions help integrate disparate technologies to provide greater control of the infrastructure, improve application delivery and data management, and give users seamless, secure, and accelerated access to applications from their corporate desktops and smart devices. An open architectural framework enables F5 customers to apply business policies at “strategic points of control” across the IT infrastructure and into the public cloud. F5 products give customers the agility they need to align IT with changing business conditions, deploy scalable solutions on demand, and manage mobile access to data and services. Enterprises, service and cloud providers, and leading online companies worldwide rely on F5 to optimize their IT investments and drive business forward. For more information, go to www.f5.com.
See our Converge! One Minute Videos


 

Sprint Launches LTE in Five Cities

Sprint launched its first commercial LTE network services in Atlanta, Dallas, Houston, Kansas City, and San Antonio. More market launches are planned for later this year. By the end of 2013, Sprint expects to have largely completed the build out of its all-new 4G LTE nationwide network – with an enhanced 3G network – covering 250 million people across the United States.

Sprint said it will continue to offer an unlimited 4G data plan, setting itself apart from the other major competitors. Sprint’s Everything Data plan with Any Mobile, Anytime includes unlimited data, texting and calling to and from any mobile phone in America while on the Sprint network, is priced at $79.99 per month for smartphones.

According to a YouTube posted by the company, Sprint 4G LTE download speeds are expected to be in the 6-8 Mbps range with peaks of 25 Mbps. Upload speeds are 2-3 Mbps.

Sprint initially has five LTE devices for sale, all for under $200: HTC EVO 4G LTE ($199.99); LG Viper 4G LTE ($99.99); Samsung Galaxy Nexus ($199.99); Samsung Galaxy S III ($199.99 for 16GB version) and Sierra Wireless 4G LTE Tri-Fi Hotspot, the nation’s first to support 4G LTE, 4G WiMAX and 3G ($99.99).

The LTE services run over Sprint's new Network Vision platform. As of April 25th (Sprint's quarterly investor update), the company had approximately 600 Network Vision sites complete and on air. Zoning requirements were completed for approximately 9,700 sites and leasing agreements were completed for close to 7,700 sites. More than 3,200 sites were in notice to proceed status and work has started on approximately 3,000. Sprint said it expects to bring approximately 12,000 sites on air by the end of 2012 and to complete the majority of its Network Vision roll-out in 2013.



  • In May, Sprint Nextel announced a new $1 billion credit facility with Deutsche Bank and a syndicate of other banks to finance equipment purchases from Ericsson for Network Vision. The borrowers under the secured credit facility are all of Sprint’s subsidiaries that currently guarantee Sprint’s revolving bank credit facility, and the obligations will be secured by a lien on the equipment purchased from Ericsson in connection with Network Vision and guaranteed by Sprint.
  • l
  • Sprint's suppliers include Alcatel-Lucent, Ericsson and Samsung.

AT&T reduced the price of the Nokia Lumia 900 LTE Windows Phone by 50% to $49.99 with a new 2-yr wireless agreement with voice (min $39.99/mo) and min monthly data plan ($20/mo). The device was first launched on the AT&T network on April 8.

Last month, citing strong competitive pressure in smartphones, Nokia lowered its outlook for mobile device sales in Q2 and announced a number of restructuring initiatives as well as plans to aggressively cut prices if needed.

The Nokia Lumia 900 boasts a 4.3-inch AMOLED ClearBlack display and is powered by a 1.4GHz Qualcomm Snapdragon APQ8055 + MDM9200. It runs Windows Phone Release 7.5 – Mango Commercial Release 2 (Mango + LTE). Its 8 megapixel camera includes Nokia's exclusive Carl Zeiss optics, with large aperture (F2.2) and wide angle focal length (28mm).
http://www.att.com
http://www.nokia.com

See also