LTE: The Trigger for Next-Gen Backhaul - Juniper Networks · PDF fileuser experience and on...

White Paper

LTE: The Trigger for Next-Gen

Backhaul

Prepared by

Patrick Donegan

Senior Analyst, Heavy Reading

www.heavyreading.com

On behalf of

www.juniper.net

www.nokiasiemensnetworks.com

March 2013

http://www.heavyreading.com/

http://www.juniper.net/

http://www.nokiasiemensnetworks.com/

HEAVY READING | MARCH 2013 | WHITE PAPER | LTE: THE TRIGGER FOR NEXT-GEN BACKHAUL 2

LTE Transforms the Mobile Business There is pretty much universal agreement that LTE is exceeding the expectations

of operators and end users. This is in marked contrast to the launch of 2G and 3G

services, which were characterized by long delays in network launches, limited

supply of terminals and decidedly muted enthusiasm – or even outright disap-

pointment – among early adopters. While enhanced coverage and features went

on to drive 2G and 3G phones into the hands of more than 6 billion users world-

wide, it's worth recalling that 2G and 3G saw a relatively slow rate of initial adop-

tion, with six to 10 years passing before each hit 100 million subscribers.

The transition from 3G to 4G LTE can be seen as marking the critical inflexion point

between the voice and data eras and, as such, is transforming the mobile

business. When TeliaSonera and Verizon Wireless first announced plans to launch

the first 4G LTE networks at the end of 2009 and 2010, respectively, it was unclear

whether the slow and painful 2G and 3G launch precedents would be repeated

or whether the accumulated experience of earlier generation launches would

instead be put to good use and enable the industry to execute on time, delivering

new capabilities that truly excite early adopters from day one. Following the on-

schedule and highly-successful LTE launches in Sweden, Norway and the U.S., and

now more than another hundred mobile operators in more than 50 countries,

including Canada, Japan, South Korea, India, Australia, China, the U.K. and

Germany, LTE has clearly broken the mold and is either meeting or exceeding the

expectations of operators and end users worldwide pretty much from day one.

Early Adopters Have Been Excited From Day One

Early GSM adopters were highly critical of dropped calls resulting from the binary

nature of the new digital system and the lack of any handover to analog when

out of digital coverage. Early 3G adopters recognized that the initial 384 kbit/s

downlink was a bit better than GPRS, but no one was really wowed by 3G until the

first HSPA release was rolled out three years later. By contrast, LTE early adopters

typically respond much more positively. It isn't just speeds in excess of 10 Mbit/s – or

even 20 Mbit/s – that impresses them; it's also the rapid connection setup times.

In many countries that have yet to roll out LTE, governments fear losing economic

competitiveness to rivals. Berating the country's regulations for holding back mobile

broadband deployment, Brazil's Minister of Communications, Paulo Bernado, told

a conference in November 2012, "We need to take Internet access to everyone.

We need LTE, we need to innovate. The development of LTE is very important."

As of early 2013, there are more than 50 million LTE subscribers worldwide, implying

that the technology will break the 100-million subscriber barrier some time in 2013,

within four years of the first commercial launch. According to the GSM Supplier

Association, there were 560 different types of LTE-enabled consumer device

available as of November 2012 – three times as many as a year previously. Other

numbers offer testimony of the potentially transformative impact of LTE on the end

user experience and on the network operator:

LTE subscribers consume a lot more data than 3G subscribers, which is

good news for the operator providing this can be monetized and deliv-

ered efficiently. In South Korea, now the world's leading LTE market with

30% subscriber penetration, operators report average consumption of LTE

traffic of 3 Gbytes per month, compared with 1.6 Gbytes per month for

3G. LTE subscribers using HDTV are nearing 5 Gbytes per month.


Similarly, while only 10% of Verizon Wireless subscribers have LTE devices,

this 10% still accounts for around a third of Verizon Wireless' total traffic.

Many LTE, as well as 3G, operators report that as much as two thirds of

their traffic now is video.

Verizon Wireless reports that postpaid average revenue per account

(ARPA) in 4Q12 was up 6.6% over 4Q11.

Unprecedented FMC Opportunities

LTE creates new revenue generation and cost-saving opportunities with

fixed/mobile convergence (FMC) that can't be driven by 3G on its own. In April

2012, Verizon Wireless launched its HomeFusion home broadband service via LTE.

Leveraging an antenna deployed at the customer premises, and priced initially at

$59.99 per month for up 10 Gbytes of data, the HomeFusion DSL-substitution

service promises users downlink speeds of 5-12 Mbit/s and uplink speeds of 2-5

Mbit/s, the same speeds that Verizon Wireless commits to LTE customers in the

mobility environment. Operators in Germany and some of the Nordic countries are

also leveraging LTE to pursue this line of business.

On the cost side, current or future traffic volumes generated by LTE are a critical

driver of the drive by leading operators to build out transport networks and edge

routing networks that are shared for both mobile backhaul and enterprise net-

works. Telecom Italia is a leading example of an incumbent that has adopted this

FMC strategy on the network side,* while in the U.S. many so-called alternative

access vendors (AAVs) – wholesalers offering an alternative to the local incum-

bent local exchange carrier (ILEC) – that have built out backhaul networks are

now adding enterprise customers to these networks.

* See the white paper Implementing the Innovative Edge for Cloud-Based Services.

Figure 1: Live LTE Networks, November 2012

Source: GSM Suppliers Association

http://downloads.lightreading.com/wplib/juniper/HR_Juniper_Innovative_Edge_WP_11_22_12.pdf


LTE Transforms the Backhaul Network As Figure 2 demonstrates, the network architecture changes fundamentally with

LTE as compared with 3G:

Radio resource control (RRC) is pushed out to the core and eNodeB,

respectively, eliminating 3G's radio network controller (RNC) node.

There is a single IP-based mobile network core, the Evolved Packet Core

(EPC), for voice and data as compared with separate voice and data

networks for 3G. This is to reduce cost and latency and enable voice over

LTE (VoLTE), as well as a host of real-time multimedia services such as rich

communication services (RCS).

Whereas in 3G the RNC had to be deployed close to the Node B, the EPC

can be deployed anywhere, including in pool mode (via the S1-Flex fea-

ture), or in a virtualized configuration in the cloud.

IP backhaul is mandatory rather than optional.

And there is a new X2 interface that provides a direct transport path be-

tween eNodeBs for the very first time in a 3GPP architecture to enforce

good performance at the cell edge.

Figure 2: The 3G & LTE Network Architectures

Source: Heavy Reading


Network Planners Are Adding New LTE Capabilities & Features

For launch, the first operators to launch LTE tended to prefer a very basic set of LTE

networking features defined in 3GPP R8. This was one of the key learnings from the

3G launches – don't try and do everything at once; keep it simple at the outset. As

LTE networks are expanding, however, network planners are increasingly looking

to more advanced features. For example:

Many LTE operators have now switched on the X2 interface.

Some LTE operators have switched on 3GPP's S1-Flex feature. As men-

tioned above, this allows different subscribers attached to the same

eNodeB to be connected to different EPC elements for better load-

balancing and to allow dynamic re-attachment to alternative EPC ele-

ments if a connection fails.

Whereas most early LTE launches were in Frequency Division Duplex (FDD)

mode, TD-LTE – the Time Division Duplex (TDD) variant – is now being rolled

out in volume by large carriers such as Bharti Airtel in India, China Mobile

and Clearwire in the U.S. Many operators that have initially launched in

FDD mode also have TD-LTE rollout in their roadmaps.

The first volume VoLTE deployments are expected in 2013.

Public access small cells will increasingly be required to bolster LTE capacity.

The first launches of LTE-Advanced features driving the capacity,

throughput and performance of LTE ever higher are expected in 2013.

As the subsequent sections of this paper will show, the markedly different architec-

ture, performance roadmap and service potential of LTE is driving tremendous

change in the requirements for the backhaul network. The next-gen backhaul

network must evolve from a static, point-to-point SDH or Ethernet network support-

ing a slow-changing network of macro-cells with the location of each element

prescribed by the network hierarchy to a much more flexible, content rich, voice,

video and multimedia distribution network.

This transformation must support a heterogeneous network of macro-cells and

small cells evolving much more rapidly and dynamically. It needs to allow EPC

and service delivery platform (SDP) elements to be deployed much more flexibly

throughout the network and according to a variety of new leading-edge network-

ing models to reduce capex and opex.

Subsequent sections highlight some of the critical capabilities of the next-gen

backhaul network for LTE, specifically as regards capacity, low latency, intelli-

gence, synchronization and security.


Building Capacity Into the Backhaul The huge appetite for mobile broadband bandwidth has taken most mobile

operators by surprise, giving rise to the so-called "Data Tsunami," which is bound to

increase inexorably going forward. It has barely been three years since rolling out

100 Mbit/s of backhaul to the cell site seemed remarkable. And yet, in November

2012, Vodafone announced that it has now deployed backhaul capacity of 1

Gbit/s or higher across 47% of its European network footprint, up from 29% a year

previously. Vodafone invokes a theoretical base station site running LTE at

2600MHz, LTE at 800MHz, 3G at 2100MHz and 3G at 800MHz on three sectors to

justify this investment, adding that if each technology hit peak speeds the total

throughput would reach 930 Mbit/s.

The increasingly common 1Gbit/s capacity requirement for many urban cell sites

necessarily has a knock-on impact on capacity requirements throughout the

network. So in the aggregation layer of the backhaul 10 Gbit/s will become an

increasingly common requirement, rising to 20 Gbit/s for some operators. And in

the operator's backbone core, 100 Gbit/s is increasingly common, with a full

terabit per second being conceivable for some operators within five years.

SK Telecom Plans to Launch LTE Advanced in 2013

Had LTE's initial impact at launch been as muted as 3G's we would only be starting

to see LTE start to deliver on its promise around about now. Instead we are

actually seeing leading operators preparing to roll out LTE-Advanced (LTE-A).

Remarkably, having only launched LTE in June 2011, SK Telecom in South Korea

has carried out successful trials and looks set to be among the first operators in the

world to begin rolling out R10 LTE-A features during 2013. Many of the major

operators in the U.S. and Japan will also trial LTE-A features in 2013 and operators

in other markets, including Western Europe, Russia and Australia, also have it in

their roadmaps. The first LTE-A ready chipsets are already on the market, but others

are expected in 2013.

One of these LTE-A features is carrier aggregation whereby different parts of the

operator's spectrum can be aggregated in component carriers of up to five

discrete carriers of up to 20MHz. This gives a theoretical maximum availability of up

to 100 MHz of LTE spectrum, capable of supporting up to 1 Gbit/s in the downlink

and 500 Mbit/s in the uplink.

New Backhaul Requirements of Small-Cell Capacity Supplements

At the same time as exploiting the phenomenal capacity roadmap that LTE and

LTE-A offer at the macro-cellular layer, operators are clear that they will continue

to need to add cell sites to derive greater spectral efficiency.

As shown in Figure 3, Heavy Reading predicts significant adoption of public

access small cells – sometimes referred to as metro cells – as part of this expansion

of cell sites, beginning on a large scale in 2014. While there will likely be some

adoption of public access small cells for the 3G network, from a global perspec-

tive it's unlikely to be long before the majority of public access small cell deploy-

ments that involve 3GPP technologies are primarily for LTE.

Public access small cells create substantial new backhaul challenges. The one

that tends to get the most attention is how best to leverage fiber, copper and


radio solutions to physically build out the last mile – or last 100 meters – of backhaul

connectivity out to the small eNodeB cell, which is a lot closer to rooftop or street

level than base station antennas have typically been deployed up until now.

But there is a lot more to it than that. The first deployments of public access small

cells will see ratios of perhaps three to four small cells to support a given macro-

cell. But some future use cases envisage a ratio as great as twenty to one –

triggering a potentially very large increase in the number of network end points.

And to derive this extra capacity at a viable cost point, conventional manual

service activation and path provisioning of backhaul elements will be cost-

prohibitive. Instead they will need to be easy to install and self-configuring with rich

self-organizing networks (SON) features to reduce capex and opex.

As discussed in subsequent sections, in addition to driving more traffic and a more

dynamic cell site acquisition and deployment environment, these small cells will

also create new challenges as regards network synchronization and security.

Figure 3: The Growth in Public Access Small Cells



Exacting New Latency Targets As mentioned previously, one of the key performance criteria that has driven the

early adopter's response to LTE to be so positive is the rapid session set up times.

And while low latency is an important enabler of the superior quality of experience

that LTE delivers today for mostly data-oriented applications, it will become even

more important when VoLTE and other real-time multimedia services are rolled

out. As highlighted further on, low-latency networks are also critical for supporting

the stringent synchronization requirements of LTE.

Most operators are targeting end-to-end latency of 20-30 milliseconds in the LTE

network. The platform for achieving this is provided by the flat LTE network archi-

tecture as shown in Figure 2. But while the LTE standard provides the basic archi-

tectural framework for achieving this, the operator still needs to design and deploy

their network in a way that will allow the target to be reached.

Most operators aren't too bothered with a latency target for each network

domain so long as the end-to-end target is reached. Nevertheless, the backhaul

domain certainly has its role to play in minimizing latency. The transition to 1 Gbit/s

at the cell site and 10 Gbit/s in the aggregation layer is obviously an important

enabler. And while the worldwide trend to push fiber out from the core and

aggregation toward the edge of the mobile network is primarily driven by capaci-

ty requirements, the availability of fiber at – or increasingly close to – the cell site is

also a key enabler. This trend will increasingly push microwave out from the core

and aggregation and toward the last mile, allowing the kind of latency that can

sometimes be introduced with a lot of microwave hops to be reduced.

While microwave backhaul is increasingly being pushed out of the core and

aggregation, at the same time it is nevertheless liable to proliferate at the edge of

the mobile network. This is especially true in the public access small cell era where

radio backhaul will often be lower cost than fiber. In choosing from a wide variety

of radio backhaul solutions for these deployments, however, very particular care

will be needed to take account of the potential latency-inducing properties of

some near- or non-line-of-sight (NLOS) radios in the 5GHz and sub-5GHz bands.

There are certainly circumstances where these radios can be used but, when they

are, the network must be even more carefully planned in regard to latency.


The Next Steps in Synchronization As Figure 2 has already shown, LTE renders IP backhaul mandatory rather than

optional. And with that goes the requirement for new packet network synchroniza-

tion standards to replace the DS1s or E1s that mobile operators have traditionally

relied on to synchronize base stations in the network.

The majority of live LTE networks have launched in FDD mode. This requires fre-

quency synchronization to plus or minus 50 parts per billion – the same as in other

2G and 3G FDD systems – and can be achieved using synchronization standards,

such as the ITU's Synchronous Ethernet (SyncE) based on the physical layer, the

IEEE's 1588v2 Precision Time Protocol (PTP), which adds a time stamp to individual

packets based on a master/slave relationship, or one of the Global Navigation

Satellite Systems (GNSS) standards, such as Global Positioning System (GPS) owned

by the U.S. government.

Frequency Synchronization Will Not Be Enough

As LTE is rolled out, different synchronization variants will increasingly be needed.

Chief among these is phase synchronization for which the requirements are a lot

more exacting – 1.5 microseconds and below. Among the releases of LTE that will

require time/phase synchronization are:

TD-LTE requires phase synchronization to plus or minus 1.5 microseconds.

LTE-A supports MIMO and coordinated multipoint (CoMP) features to send

and receive signals from multiple cells or sectors simultaneously to a given

subscriber end point to reduce interference and improve throughput. The

phase synchronization requirements for CoMP are even more exacting at

less than 0.5 microseconds.

To use spectrum resources optimally and prevent interference with the

macro layer – a key operator concern with public access small cells –

those cells deployed with LTE-A will need to be meshed or otherwise net-

worked together, effectively serving as a single sub-network. This will re-

quire enhanced inter-cell interference coordination (eICIC), which re-

quires phase synchronization.

All three of the primary standards-based synchronization solutions have a role to

play, but PTP is the only one that can consistently support frequency and

time/phase synchronization across all types of cell site. GNSS systems like GPS can

support all the synchronization modes. But as witnessed by the creation last year of

the dedicated "COAST" committee to "consider alternatives to the current GPS-

based system" by America's Alliance for Telecommunications Industry Solutions

(ATIS), GPS is vulnerable to being jammed. GPS is also unsuitable for indoor and

below-ground environments because of the need to have line of sight to the

satellite constellation. And there are political issues in some markets relating to the

U.S. government's ownership of GPS. SyncE can certainly support frequency

synchronization, but there is no roadmap for the standard to support phase

synchronization.

Many operators are moving toward an "any two will do" strategy for synchroniza-

tion of the LTE network to enable all the requirements to be met with system

redundancy. Those that are adopting this strategy are typically opting for 1588v2

plus one from either GPS or SyncE.


All a Matter of Timing

Architecting the LTE network to achieve the tough synchronization requirements

requires strong competence in the synchronization domain. While support for PTP is

sometimes presented as a mere "tick-box" feature, the reality is that some vendors

have been more successful than others in this space and have more live customer

deployment references than others that they can cite.

The solution needs to take account of a couple of very specific issues. The first is

the network topology. Depending on whether the backhaul network is leased

from a third party or self-provided, whether it is designed in a star, ring or other

configuration and other design aspects, the PTP implementation must perform just

as well in scenarios where there are just one or two hops between the PTP

Grandmaster and the eNodeB as scenarios when there are more than that. The

solution also needs to take account of different physical layer technologies. For

example, although the level of mitigation that is implemented varies according to

the particular vendor, microwave backhaul links tend to be more vulnerable to

packet delay variation (PDV) and jitter than fiber-based backhaul links.

The IEEE is building more by way of on-path support into the PTP protocol, provid-

ing the operator with greater capability to maintain synchronization as PTP

packets transition from one network element to the next.

The first to be standardized – the boundary clock (BC) – is designed to be support-

ed in backhaul network elements and used initially for frequency synchronization.

Having synchronized with the master clock, the BC then acts as its own master

clock vis-à-vis subsequent downstream clocks. Once standardization has been

completed by the IEEE, transparent clocks (TCs) will also provide on-path support

that is optimized for phase synchronization by enabling a correction field within

the PTP packet to be dynamically updated in real time at each element.

Delivery to 3GPP specifications will require expertise with respect to the time-of-

day requirement for phase synchronization. This can be sourced today from a

Central Stratum 1 clock or by a Grandmaster from a GNSS system. Where GNSS is

used, optimal decisions taking into account potential flaws in GNSS and associat-

ed cost versus redundancy issues will need to be taken as to the respective merits

of centralizing the PTP grandmaster or distributing it throughout the network.

Building on existing 1588v2 PTP capabilities, the right implementation of new on-

path TC and BC enhancements will enable a potentially very challenging

roadmap of frequency and phase synchronization requirements to be achieved

so as to get the utmost from LTE and LTE-A. As shown in a previous section, this

needs aligning with the operator's stringent latency targets. As shown in a subse-

quent section, it also needs aligning with the operator's security strategy.


Backhaul Topology & Service Provisioning The previous sections have flagged some of the critical new capabilities and

features that the next-gen backhaul network will need to deliver if LTE is to meet

the operator's expectations in terms of cost, revenue and customer retention. This

section looks at the underlying networking environment in terms of topology,

protocols and provisioning that will be required to enable that.

Evolution to a Future-Proof Network Topology

As shown in Figure 1, the backhaul network is still essentially a fixed point-to-point

architecture today. In order to deliver the capacity, flexibility and performance

that LTE-based applications and business models demand, operators need to

consider how long this architecture can remain suitable for their evolving needs.

They must consider a potential timetable for evolving toward an architecture that

supports greater physical path diversity such as via ring or partial mesh architec-

tures. And they need to do this irrespective of which packet protocols they have –

or plan to have – deployed across the backhaul because a networking constraint

imposed by a network topology is a constraint no matter what protocol runs over

the network.

Figure 4 provides a high level representation of the 3G mobile network as it is

today from the perspective of the primary layers of the network and the primary

protocols that operate in those layers. As such, it provides an illustration of two key

barriers to optimal end-to-end performance across the backhaul and core

networks as LTE is rolled out.

The Diversity of Protocols in Today's Backhaul Network

Over the last four years, Heavy Reading estimates that packet-based backhaul –

which until now has been driven by 3G data traffic volumes – has been rolled out

in live commercial service to around 40% of the world's cell sites, and will reach

Figure 4: Domains & Protocols in Today’s Backhaul Network



85% of the world's cell sites by the end of 2015. That still leaves 60% of the world's

cell sites with only TDM today. As shown, TDM is slowly but surely being pushed out

of the network altogether.

From the core side, having been almost universally deployed in the mobile

operator's core domain, IP/MPLS has been making substantial inroads into the

aggregation domain, and is set to become the most widely deployed protocol in

the aggregation domain in mobile networks worldwide by the end of 2015. L2

Carrier Ethernet established itself as the preferred protocol in the access and

aggregation domains in the early years of packet backhaul deployment. It has

nevertheless already started losing ground to IP/MPLS in the aggregation layer,

and several leading operators that have launched – or are preparing to launch –

LTE are also considering IP/MPLS for deployment further out in the access domain.

The Rigid Segmentation of Network Domains

Even where the same protocol is used across two or more domains, the operator's

internal organization typically still mandates unique teams for each domain

(notably core and transport teams), which drives each team to focus on delivery

of the service from their "border" on to the next.

In 3G networks today, for example, the task of re-hosting an eNodeB from one

RNC to another often entails the path being manually deleted by operations

personnel and traffic being manually re-mapped into a new path. Leading mobile

operators have certainly evolved to what might be thought of as a semi-

automated model whereby with a point and click the network is able to automat-

ically determine a path between elements, albeit with the operations team still

able to specify some boundaries and preferences in each instance.

Manual provisioning is costly to the operator because at each and every domain

boundary, whether it be via encapsulation and de-encapsulation, QoS prioritiza-

tion or other treatment, traffic must be treated afresh to ensure that the desired

traffic characteristics are maintained. It's costly in terms of opex because of the

manual monitoring and intervention that is required. It's costly from a capex

perspective because of system resources that are typically used up in protocol

negotiation across borders in most vendors' implementations. And it's costly in

terms of the user experience because of the potential impact that the repeated

re-applications of traffic treatment at the domain boundary can have on latency.

Consistent with 3GPP's roadmap for SON greater flexibility and automation needs

to be in the operator's roadmap for evolving the next-gen backhaul network, and

MPLS is the optimal protocol to support that evolution. The timing and the form

that evolution takes will vary by operator, depending on the timeframe for LTE

rollout, the direction of the operator's organizational structure, the transport

network team's depth of training in IP/MPLS, as well as cost differentials between

IP/MPLS and alternative packet technologies.

Some operators at the leading edge can foresee a path to so-called seamless

MPLS, which promises the benefits of a fully automated single label switched path

(LSP) from the access right the way through the core, and its associated potential

for reduced opex. Those operators that are behind that curve today will neverthe-

less be encouraged by GUI-based IP/MPLS provisioning and management

solutions for operations personnel that aren't sufficiently familiar with CLI.


Network Intelligence & a Path to SDN As already discussed, operators will need to scale capacity with increasing

flexibility and frequency as LTE starts to penetrate the subscriber base. More than

simply capacity will be required as workloads will need to be shifted geograph-

ically to different points in the network to optimize resources.

As the mobile network transforms into something that increasingly takes on many

of the characteristics of an all-IP network the kinds of dynamic changes and

susceptibility to bottlenecks will require increasingly intelligent systems to note, log

and make automated decisions.

As the LTE network becomes larger with more network elements, with convention-

al demarcation lines in the network becoming more porous, the case for central-

ized management as a means of controlling opex will become compelling, driving

a roadmap for the introduction of software-defined networking (SDN) principles

into the mobile network.

Increasingly intensive usage of real-time multimedia voice and video services

creates new challenges with respect to congestion control, for example. In 3G,

congestion control is managed by the RNC so a new means of supporting

congestion control will be required with LTE. Congested IP networks don't differen-

tiate according to traffic type so mobile operators will be faced with a choice of

throwing more bandwidth at the problem at significant cost or embedding

congestion control intelligence in other backhaul network elements. Backhaul

infrastructure vendors can obviously deliver this capability themselves, but open-

ing their products up to value added resource-optimizing applications from third

parties via standard software development kits (SDKs) will drive innovation in

keeping network costs down.

Over time SDN will become a critical enabler of leveraging greater intelligence

into the backhaul network. In order to control the end-to-end delivery of every

service, a much finer granularity is required. Loading all of that computing and

memory-intensive control functionality onto backhaul routing elements would

deplete their core user plane forwarding function so centralizing control accord-

ing to the SDN model will become increasingly advantageous. That said, stripping

all of the control plane functionality out of these network elements risks rendering

them entirely dumb in terms of application and network awareness. So while SDN

will clearly drive greater centralization, care will also need to be taken to strike the

optimal balance between centralization and decentralization of control functions.


Critical New Security Requirements The architectural changes from 3G to LTE drive tremendous upside for the opera-

tor in terms of performance, cost efficiency and new business models. But they

also have an important downside from a security perspective.

IP backhaul – which is inherently vulnerable to hacker attacks – is manda-

tory rather than optional as an alternative or compliment to TDM back-

haul.

The distribution of the radio resource control to the eNodeB and EPC

means that in LTE the 3GPP encryption terminates in the eNodeB at the

edge of the mobile network rather than deeper in the network in the RNC.

Establishing a great many more signaling and bearer paths between net-

work elements via the X2 and S1 Flex interfaces allows many more ele-

ments at one time to be subject to a cyber-attack.

The elimination of the RNC node means that an attacker that is able to

access a cell site can potentially gain direct access to the mobile opera-

tor's core for the very first time.

Public access small cells deployed at street or low roof level are inherently

more vulnerable to physical tampering by attackers than macro-cells,

which have much greater physical protection.

These exposures need closing off to protect the operator's conventional business

model. But risk mitigation is just as critical if operators are to leverage the new

capabilities of LTE to drive new business models based on m-commerce and m-

health, many of which will not be viable unless the network is fully bullet-proofed

from a security standpoint.

As recommended by 3GPP, one of the key solutions for mitigating these new risks is

the use of IPsec for both authentication of eNodeBs and encryption of traffic

across the S1 and X2 interfaces. Operators such as T-Mobile in Germany, Every-

thing Everywhere in the U.K. and Telecom Italia are leading the way with a policy

of implementing IPsec at their LTE cell sites.

Because it is new to the backhaul network, some network planners tend to view

IPsec with an element of trepidation. The encapsulation and encryption features

of IPsec are computationally intensive; it creates an overhead; it adds to capex;

and the management of a lot of IPsec tunnels requires close attention to opex,

especially in a highly dynamic network environment.

Implementing IPsec across the S1 and X2 in a manner that supports the operator's

end-to-end network latency target for LTE is extremely important. Consistent with

that, the implementation also needs to support the low packet delay variation

requirements of synchronization standards like IEEE 1588v2, for example by

enabling synchronization packets to be excluded from the IPsec tunnel and

transmitted along an express path, marked up with the highest prioritization so that

they bypass standard queuing mechanisms. Leaving just the synchronization traffic

unencrypted in this way still counts as a security vulnerability of sorts, albeit a very

minor one compared with the far greater risk of leaving all the traffic unencrypted.

Conversely care must also be taken to ensure that latency requirements don't

negatively impact security in the LTE network. For example, verification of protocol


negotiations to ensure that malicious traffic cannot insert itself into the packet

stream during the handshake and connection set up are an important part of the

way some operators want to build security into the LTE network. Operators that

lack the ability or the right support to reduce latency elsewhere in the network

may be tempted to cut corners with respect to the verification of these protocol

negotiations, and hence leave the network needlessly exposed.

Besides encryption, the other enabling function provided by IPsec in the LTE

backhaul consists of leveraging Internet Key Exchange v2 (IKEv2) and a Public Key

Infrastructure (PKI) for authentication of eNodeBs to protect against so-called

base station spoofing or man-in the middle attacks.

3GPP does allow an extension of the manually administered "shared-secret" model

from 2G and 3G into LTE rather than leveraging IPsec for authentication. This

consists of a field engineer manually entering a cryptographic key at each cell site

in the initial setup process. But it's nevertheless increasingly clear to leading

operators that with the rollout of LTE the manual shared secret model of base

station authentication will no longer be fit for purpose.

Manual inputting of shared secret keys into each eNodeB by an operative

while preserving its secrecy is prone to human error.

In the interests of security, shared secret keys should be changed regular-

ly. Managing that program of key renewal manually without affecting

operational stability, together with the necessary site visits to carry out

changes, is also potentially expensive from an opex perspective.

The introduction of public access small cells and machine-to-machine

applications will result in an acceleration in the rate of deployment of

end-points in the network. As a result, the operational challenges of a

manual shared secret key model will become increasingly acute.

Going forward, eNodeB authentication based on IKEv2 can therefore expect to

see greater adoption. Leading UTRAN vendors have also put significant develop-

ment resources into automated certificate enrollment and certificate manage-

ment through the use of Certificate Management Protocol (CMP) as recom-

mended in the 3GPP specifications. These enable eNodeBs to be securely auto-

configured and have their certificate managed over their lifetime.


Conclusion People that use LTE almost always remark on how much better it is than 3G. This

assures that wherever it is launched user demand for LTE is likely to match and

then exceed demand for 3G a lot more quickly than might have been expected.

Driving network efficiency to support increased volume and diversity of LTE traffic

types while keeping tight control of costs will require a fundamental re-think in the

way that network capacity and networking intelligence are architected and

provisioned. Boundaries between network domains must become less rigid and

more porous. Architectures and networking capabilities need to become less

static and more dynamic. Provisioning needs to become less manual and more

automated or self-organizing. Operators need a roadmap for incorporating the

cost-saving and revenue generating potential of SDN into the backhaul network.

In pursuit of these objectives, MPLS becomes an increasingly important protocol

for enabling this transformation across the core and backhaul domains.

LTE also drives the need for a fundamentally different outlook in regard to end-to-

end latency, synchronization and security throughout the backhaul, as well as

across the network end-to-end. All in all, LTE necessarily triggers fundamental

change in the backhaul network that needs to be planned for today.

Background to This Paper

About Juniper Networks

Juniper Networks is in the business of network innovation. From devices to data

centers, from consumers to cloud providers, Juniper Networks delivers the soft-

ware, silicon and systems that transform the experience and economics of

networking. Additional information can be found at www.juniper.net.

About Nokia Siemens Networks

Nokia Siemens Networks is the world's specialist in mobile broadband. From the first

ever call on GSM, to the first call on LTE, we operate at the forefront of each

generation of mobile technology. Our global experts invent the new capabilities

our customers need in their networks. We provide the world's most efficient mobile

networks, the intelligence to maximize the value of those networks, and the

services to make it all work seamlessly. With headquarters in Espoo, Finland, we

operate in over 100 countries and had net sales of approximately 13.8 billion euros

in 2012. www.nokiasiemensnetworks.com.

http://www.juniper.net/

http://www.nokiasiemensnetworks.com/

LTE: The Trigger for Next-Gen Backhaul - Juniper Networks · PDF fileuser experience and on...

Documents

Transcript of LTE: The Trigger for Next-Gen Backhaul - Juniper Networks · PDF fileuser experience and on...