• June 24, 2011

Mobile Security Requires More Than Secure Wireless Devices

Person with PDA handheld device.

Image via Wikipedia

When people think of mobile security, they usually think of encryption for their smartphones, tablet computers such as the BlackBerry PlayBook or other wireless devices. Or they think of a remote “wipe” capability that can render any lost device blank of any data if some unauthorized party did in fact try to enter the device illegally. These wireless solutions are all state-of-the-art thinking in the mobile security community. And many wireless equipment OEMs and third-party mobile security providers offer them.

But they only protect the data on the devices. They only protect so-called “data at rest” once it’s been downloaded onto the iPhone or iPad. They don’t speak to the need to cover “data in motion” as it is transmitted over the air. Some parts of the over the air journey are protected by infrastructure in the form of Wi-Fi and GSM. One is notoriously subject to human failing to enable security and the other has been broken for sometime. And then there is wireless security for backhaul. In this area, there has not even been an industry standard or de facto standard established. And most microwave solutions providers don’t even offer options for wireless security on the backhaul.

Fortunately, this is not the case across the board. Strong Security on the Eclipse Packet Node microwave radio platform offers three-way protection for mobile backhaul security: secure management, payload encryption and integrated RADIUS capability. Read the embedded overview document in full-screen mode for more details:

  • June 10, 2011

TDD or FDD Wireless: That is the Question!

Image via Wikipedia

TDD, or Time Division Duplex, where a single radio channel is used to send and receive data, has been a common technique employed in unlicensed microwave transmission bands, such as 2.4 and 5.8GHz. The advantage of TDD is a simplified and lower cost design, often based upon 802.11 standards. In contrast, FDD, or Frequency Division Duplex, where data is transmitted in one frequency channel and received in another (separated by anywhere from less than 100 to more than 1,000 MHz) has been the staple of licensed frequency bands between 2 and 38 GHz worldwide.

Now, a number of the CEPT recommendations for the new point to point bands over 40GHz contain provisions for TDD operation. TDD is accommodated either as an alternative band plan or a mixed TDD/FDD band plan, in addition to the more common FDD band plan. However, CEPT recommendations are only just that—recommendations. How these bands will be implemented in each country will be determined by the individual national regulatory authority.

Recently, we asked a number of European national regulators about if and how they would introduce TDD operation in these new bands. The general response was that they were not opposed to the introduction of TDD in principle, and that such operation would have to be worked into existing or revised band plans. One complication raised was that spectrum would have to be reserved for guard bands between TDD and FDD segments within the same band. Regulators usually try to avoid having to waste valuable spectrum in this way. Also, once a band plan is established and the spectrum allocated to users, efforts to introduce TDD operation at a later date is extremely difficult.

Some regulators have already issued new national band plans at 42GHz and above, and to date none of these allow for TDD operation. Furthermore, for countries that have allocated new bands through spectrum auction, there we see the usual FDD style symmetric band approach.

Despite the appeal of TDD operation from a cost perspective, early indications are that although provision for TDD operation is being made in these higher bands, practical complications and concerns over maximizing the use of new bands may prevent its widespread introduction.

What are your thoughts on using TDD more in national band plans? Leave a comment, if you’d please.

Ian Marshall
Regulatory Manager, Aviat Networks

Related articles
  • May 20, 2011

Ethernet OAM Meets Demands on Microwave (Wireless) Networks

Ethernet OAM (Operations, Administration and Maintenance) can help mobile network operators and other transport providers meet the ever-growing demands for increased bandwidth across the backhaul network as well as meeting the equally important demand for quality and reliability of service.

This white paper will look at how Ethernet OAM can help the evolution from TDM to Next Generation Networks (NGN), with a focus on microwave-based NGN radio networks.

  • May 13, 2011

Comprehensive Embedded Security in Microwave (Wireless) Networks

The current and ongoing migration toward IP networking on backhaul networks supports rising data volumes, which is increasing the opportunities and motivations for data and call interception. As data volumes rise in wireless networks and their associated microwave backhaul, security has become of greater concern.

This white paper presents a look at security issues, and the broad portfolio of solutions for remediating such concerns for microwave operators.

  • May 11, 2011

Security Focus as Wireless Traffic Rises, Mobiles Get More Powerful

Even though microwave communications have some built-in security-like features such as scrambling, narrow beamwidth, proprietary airframe, coding and other factors, it is not very hard for them to be broken by those with the proper expertise. Some vendors even openly offer digital microwave interception systems for “legitimate” monitoring. This and the growing sophistication and willingness of those attempting to break into wireless networks makes a high level of security for microwave more important than ever.

Historically, security and encryption measures were primarily employed by government or defense agencies or by the financial industry to protect sensitive information. But in today’s connected world the issue of network security can apply to any type of communications network, whether it is fixed, mobile or private.

Is Microwave Ready?

In general, microwave packet radio security is a concern. However, there are different aspects of microwave radio protection that must be considered. The information payload of microwave communications is the most obvious part. For operators that participate in the public switched telephone network (PSTN), the main issue is the security of the communications traffic they are carrying. That would involve both voice and data traffic.

Payload Security

Both popular and scholarly publications have been rife with stories of how easy it has become to tap into mobile calls. For example, the GSM code has been ineffective arguably since a hack was announced in August 2009. With GSM encryption broken, degraded or bypassed, mobile phone calls and text messages can be monitored and diverted by snooping parties. This can happen even before they get to the basestation. The BBC recently demonstrated GSM hacking in an online video.

Once calls and messages are in the mobile backhaul network, in many cases, no encryption is applied at all—not even the broken GSM code. In the past, hackers would have had to buy or by some other means obtain radio equipment identical to that they wanted to take over illegally. This was not an obstacle for those intent on industrial or governmental espionage, but it put it beyond the means of the run-of-the-mill hacker who has become familiar since the mid-1990s. Even if the hacking was not beyond the average hacker’s technical capabilities, it was beyond his economic capabilities. Now commercially available microwave monitoring equipment can be employed to pick out communications channels, to listen and record all conversation and ambient noises for up to 72 hours. One research firm also demonstrated how cell towers can be spoofed to intercept communications.

Secure Management

Another aspect of microwave security encompasses how secure is the management of the network. Even if the payload of a microwave backhaul network is secure, the management may not be, allowing hackers or others with malevolent motives to drop or kill traffic. Unsecure management channels can allow them to create mismatched frequency settings between radio pairs, reconfigure circuitry or reroute payload traffic to another radio if a cross-connect is present. For example, there was an instance where unauthorized users took control of a motorized antenna and repeatedly sent instructions for the motor to adjust the position of the antenna, eventually draining the batteries for the entire site, rendering it “dead.” However, with the shift to the all IP/Ethernet network of the future, hackers are finding ways to wreak havoc on backhaul networks from their desktop PCs, smartphones and other powerful mobile computing devices.

Access Control

Access control of the microwave network is also a cause for concern. It is critical that only authorized personnel are allowed to log onto the administration of a microwave backhaul network. Like many computer-based systems, microwave radios are set up with some basic logon access procedures. Oftentimes, the logon screen will not look very dissimilar from the typical Windows or Macintosh workstation. There will be a dialog box for a username and a password. However, unlike the typical desktop computer, a microwave radio’s graphical user interface is not logged onto that much. Therefore, as per human nature, their usernames and passwords become all too predictable. “Root” and “admin” and “123456” and “password” were very popular as usernames and passwords, respectively, according to one security study. A “mechanized” or “dictionary” attack can randomly generate username-and-password combinations and succeed in unlawfully logging onto a radio on this premise: that the logon will be subject to people being creatures of habit. Thus, there must be a way for microwave network administration to enforce a hard-to-guess username/password security policy.

Another aspect to access control is the issue of the level of control. It is also essential to control what each legitimate user is allowed to perform once logged in—to prevent voluntary and involuntary damaging actions. Not only must users be limited to their area of responsibility and knowledge and avoid involuntary commands that could damage the network but also reserve critical activity for designated key personnel (e.g., cryptography officers).

Would my Radio Network be Secure?

Given the security issues around microwave payload, management and access control, many questions have been raised. Would my microwave radio network be safe from intrusion? What would be the impact of breached calls or text messages? There could always be potential for a Greece type of incident. More importantly, the proactive questions to ask about microwave network security include:

  • Who does need a high level of security?
  • What comprises the high level of security necessary to protect my microwave backhaul?
  • What precautions will a high level of security invoke to protect my network?
  • How is this high level of security implemented?
  • What are the options for high-level security?
  • How do I get a high level of security for my network?
  • Is this high-level security solution standards-based?
  • What type of threats does my high-level security solution need to protect against?

We’ll examine these questions more in future posts. Or see our white paper.

  • May 4, 2011

The World’s Longest All-IP Microwave Link

Successfully Implementing a 193-km Microwave Link over Water to Deliver 99.9995 Percent Availability

Introduction

For most designers of microwave transmission paths, engineering a reliable link over water can be a daunting task. Reflections off the water surface can play havoc with the received signal, leading to high levels of interference resulting in fading and ultimately a high level of errors and signal interruptions. For these types of paths, performance calculations using commercially available software planning tools will be insufficient to ensure superior path performance. In these cases, experience and understanding of the key parameters that influence microwave performance are critical.

Recently, Aviat Networks and our agent, Telecomunicaciones y Sistemas S.A. (TELSSA), deployed an Eclipse microwave link for Central American Corporation for Air Navigation Services (COCESNA) in Honduras that crosses over 193 km, most of which is over water. With careful design and installation, this link is now operating successfully.

COCESNA is responsible for the air traffic control over Central America territory and oceanic areas, therefore, availability of service is a critical issue.

  • April 29, 2011

Synchronization Over Microwave Mobile Backhaul Networks


Synchronization is creating quite a stir in the mobile backhaul industry as operators are wrestling with a variety of synchronization technology options including Synchronous Ethernet (SyncE) and Precision Time Protocol (PTP) a.k.a. IEEE 1588v2. This paper reviews unique microwave backhaul characteristics that need to be taken into account in support of synchronization, and how each particular synch approach can be addressed.

  • April 20, 2011

Unlocking Capacity Block Through Higher Order Digital Modulation

If you are reading this post, then you probably have heard about “4G”, the 4th generation cellular network. For a cell phone user, 4G means improved data speeds that allow faster delivery of multimedia-based applications, see our previous post, What is 4G?, for more details. On the other hand, the network operator desires to spend a minimum on upgrading network infrastructure and prefers to buy a backhaul solution that supports current and near future capacity demands of a cellular network.

Thus, it is important to improve the capacity of wireless backhaul links. To increase transmission capacity, wider channel spacing can be used. However the wireless spectrum is expensive and may not be available in some countries. Using transmission in high frequency bands, such as 60 GHz and above, provides the bandwidth needed to increase capacity. However, very high radio frequencies increase the cost of radio components. In addition, 60 GHz links limit transmission range due to high absorption of radio waves by the atmosphere, making this solution somewhat cost inefficient. One efficient way of improving the capacity of a communication link is to increase the order of the digital communication modulation scheme used for transmission.

In simple terms, digital modulation is the process of mapping a group of data bits into an information symbol that gets transmitted, after up-conversion to the radio frequency (RF) of the link. The most popular digital modulation scheme used in wireless radios is known as quadrature amplitude modulation (QAM). For a given symbol rate, increasing the modulation order, or equivalently packing more bits per symbol, would be an effective way to increase the capacity of a microwave link. For example, each symbol in a 64-QAM signal represents 6 data bits, while for 256-QAM and 1024-QAM signals it represents 8 and 10 data bits, respectively. Therefore, 1024-QAM provides (theoretically) a 25 percent increase in capacity over 256-QAM and an impressive 67 percent increase in capacity compared to 64-QAM.

The price paid for achieving such an increase in capacity is more complex signal processing algorithms and stricter requirements for channel quality, e.g. higher signal-to-noise ratio (SNR) at the receiver is required. In that case, increasing the modulation order for some networks under normal operating conditions can have a diminishing return on throughput. This is due to the fact that the required SNR for an acceptable receiver performance rarely can be met.

Why this is the case? Let us briefly discuss the challenges in increasing the modulation order. Higher modulation order results in larger pool of symbols available for transmission. For example, for 64-QAM, there exists 64 symbols in a 2D grid (known as constellation points) compared to 1,024 symbols for 1024-QAM for the same grid size. Clearly, increasing the number of symbols (assuming fixed power) makes the symbols closer to each other in this 2D grid. Thus, data detection at the receiver becomes more susceptible to errors due to impairment.

In practical terms, receiver circuits are affected by thermal noise, clipping and non-linearity of power amplifiers, phase noise and many other distortions that are beyond the scope of this post. It is worth mentioning that increasing the signal power beyond some limits results in actually decreasing the received SNR since many of these distortions associated with RF circuits are dependent on the transmitted power. Rather, the way to increase the modulation order is to improve the detection schemes and build circuits that are less susceptible to power-related distortions, along with improving the correction mechanisms at the receiver for phase noise and other impairments.

At Aviat Networks, we have the expertise and knowledge to build the highest quality microwave radios that can work at cutting edge signaling schemes. We will make sure that our customers see a sizable return—not a diminishing one from increasing the modulation order. Our pledge is that microwave backhaul will always exceed the capacity requirements of our customers.

Ramy Abdallah,

Senior Signal Processing Engineer, Aviat Networks

  • April 15, 2011

White Paper-Deploying IEEE 1588v2 Synchronization over Packet Microwave Networks

Joint Application Note with Symmetricom and Aviat Networks.

Mobile Backhaul Networks are evolving to packet, driven by 4G evolution, requiring high data and video traffic and growing number of apps, users, smartphones and tablet devices. 1588v2 microwave are a perfect match for Mobile Backhaul evolution. Paper covers 1588v2 overview, unique considerations for microwave and typical deployment scenarios (multi-hop, ring).

  • April 6, 2011

What’s So Different About IEEE 1588v2 Sync Over Microwave Backhaul?

The beauty of IEEE 1588v2 (i.e., Precision Time Protocol) synchronization is that it is a bookended solution. In theory, there is no need to worry about what is in between or underneath—from a Layer 1 transport perspective. While in principle this is accurate, there are a couple “unique” aspects of running 1588v2 over a microwave network that should be carefully considered in your deployment plans.

First, the infamous “last mile” is in reality typically many miles across multiple microwave radio hops—which may consist of a mix of linear, ring and hub-and-spoke configurations. Unfortunately, more hops introduce more packet transmission delay and delay variation over the backhaul—a potentially lethal mix for sync transport—the amount of which is proportional to the number of microwave hops. Careful design and engineering are required. On a bright note, Aviat Networks and Symmetricom recently validated <1.5ms delay could be achieved across 10 hops—well within the requirements for mobile backhaul.

Second, most advanced microwave systems now support Adaptive Coding and Modulation (ACM), a key benefit for microwave transport that allows the effective throughput of the microwave link to be dynamically changed to accommodate for radio path fading, typically due to changes in the weather. If bandwidth is reduced as a result of an ACM change, it is critical that advanced traffic and QoS management techniques be applied in the microwave systems to ensure that 1588v2 traffic (packets carrying timestamps) are given the highest/strict priority for transmission, and are not subject to delay or discard. On a brighter note, Aviat Networks and Symmetricom recently validated that 1588v2 could operate over a highly loaded (approaching 100 percent) microwave network running ACM.

In a nutshell, there are some unique considerations for running 1588v2 over microwave – but the outcome can be predictably bright with proper engineering.

Check out the Aviat Networks application note for more information on the Aviat Networks/Symmetricom partnership and 1588v2 network synchronization over microwave backhaul.

Errol Binda

Senior Solutions Marketing Manager, Aviat Networks

  • March 30, 2011

Microwave Backhaul Total Cost of Ownership (TCO) pt. 2

How Important is Initial CAPEX?

Are we seeing the forest or the trees?

Based on microwave Total Cost of Ownership (TCO) model posted earlier, the most significant contributor to total cost is ongoing OPEX.

We see an increasing trend of operators making decisions on backhaul solution based mostly (sometimes solely) on price (or initial CAPEX). While initial CAPEX is important, if the goal is lowest cost, this can be problematic approach as initial CAPEX it is not the most significant contributor to total cost.  Ongoing OPEX is key.

Perhaps a better approach would be to focus on features most impacting lowering total costs.  For instance, adaptive coding and modulation can lower antenna sizes – which can reasonably reduce 10 year TCO by as much as $48,000 (which is 2-3x more than initial CAPEX).  Deploying ring architectures with high layer (L2/L3 or packet-based) failure recovery techniques can enable lower per hop reliability and smaller antennas – further lowering costs.

Microwave Backhaul Total Cost of Ownership (TCO) pt. 2

Microwave Backhaul Total Cost of Ownership

Gary Croke

Product Marketing, Aviat Networks

  • March 16, 2011

Microwave Total Cost of Ownership (TCO) Pt. 1

When choosing the right backhaul technology, total cost of a microwave system is a critical, often overlooked, consideration. TCO is not widely understood today. Lack of understanding of microwave TCO can lead to poor decisions about choice in backhaul technology and obscure the relative importance of features. Features that lower critical components of TCO are often not given enough attention.

A summary of a TCO model for a mobile operator in North America is shown below. Clearly, ongoing OPEX resulting from tower leases represent largest contributor to total cost.  These lease costs include tower space for antennas and cable runs, shelter/cabinet space and power, and ongoing move/add/change fees regularly paid to tower companies. The largest portion of this tower lease is related to the antenna size. Microwave products and features that enable smaller antennas sizes, less indoor space, and fewer cables are most important for operators.

Microwave Total Cost of Ownership (TCO) Pt. 1

10 Year Microwave Total Cost of Ownership

*Note: for private network applications (like state/local governments, public safety organizations, and utilities) who generally own towers, initial CAPEX is often higher, leading to an overall reduction in ongoing OPEX and TCO.

Make sure to check back next week for post #2 ” How Important is Initial CAPEX?” where I breakdown the true costs of initial and ongoing CAPEX.

Gary Croke

Product Marketing, Aviat Networks

Subscribe to our newsletter