Wirevolution

Enterprise Mobile Security

Subscribe!

Archive for the ‘network’ Category

« Older Entries

Net neutrality – Holland leads the way

Friday, July 1st, 2011

Service providers can offer any product they wish. But consumers have certain expectations when a product is described as ‘Internet Service.’ So net neutrality regulations are similar to truth in advertising rules. The primary expectation that users have of an Internet Service Provider (ISP) is that it will deliver IP datagrams (packets) without snooping inside them and slowing them down, dropping them, or charging more for them based on what they contain.

The analogy with the postal service is obvious, and the expectation is similar. When Holland passed a net neutrality law last week, one of the bill’s co-authors, Labor MP Martijn van Dam, compared Dutch ISP KPN to “a postal worker who delivers a letter, looks to see what’s in it, and then claims he hasn’t read it.” This snooping was apparently what set off the furor that led to the legislation:

“At a presentation to investors in London on May 10, analysts questioned where KPN had obtained the rapid adoption figures for WhatsApp. A midlevel KPN executive explained that the operator had deployed analytical software which uses a technology called deep packet inspection to scrutinize the communication habits of individual users. The disclosure, widely reported in the Dutch news media, set off an uproar that fueled the legislative drive, which in less than two months culminated in lawmakers adopting the Continent’s first net neutrality measures with real teeth. New York Times

Taking the analogy with the postal service a little further: the postal service charges by volume. The ISP industry behaves similarly, with tiered rates depending on bandwidth. Net neutrality advocates don’t object to this.

The postal service also charges by quality of service, like delivery within a certain time, and guaranteed delivery. ISPs don’t offer this service to consumers, though it is one that subscribers would probably pay for if applied voluntarily and transparently. For example, suppose I wish to subscribe to 10 megabits per second of Internet connectivity, I might be willing to pay a premium for a guaranteed minimum delay on UDP packets. The ISP could then add value for me by prioritizing UDP packets over TCP when my bandwidth demand exceeded 10 megabits per second. Is looking at the protocol header snooping inside the packets? Kind of, because the TCP or UDP header is inside the IP packet, but on the other hand, it might be like looking at a piece of mail to see if it is marked Priority or bulk rate.

A subscriber may even be interested in paying an ISP for services based on deep packet inspection. In a recent conversation, an executive at a major wireless carrier likened net neutrality to pollution. I am not sure what he meant by this, but he may have been thinking of spam-like traffic that nobody wants, but that neutrality regulations might force a service provider to carry. I use Gmail as my email service, and I am grateful for the Gmail spam filter, which works quite well. If a service provider were to use deep packet inspection to implement malicious-site blocking (like phishing site blocking or unintentional download blocking) or parental controls, I would consider this a service worth paying for, since the PC-based capabilities in this category are too easily circumvented by inexperienced users.

Notice that all these suggestions are for voluntary services. When a company opts to impose a product on a customer when the customer prefers an alternative one, the customer is justifiably irked.

What provoked KPN to start blocking WhatsApp, was that KPN subscribers were abandoning KPN’s SMS service in favor of WhatsApp. This caused a revenue drop. Similarly, as VoIP services like Skype grow, voice revenues for service providers will drop, and service providers will be motivated to block or impair the performance of those competing services.

The dumb-pipe nature of IP has enabled the explosion of innovation in services and products that we see on the Internet. Unfortunately for the big telcos and cable companies, many of these innovations disrupt their other service offerings. Internet technology enables third parties to compete with legacy cash cows like voice, SMS and TV. The ISP’s rational response is to do whatever is in its power to protect those cash cows. Without network neutrality regulations, the ISPs are duty-bound to their investors to protect the profitability of their other product lines by blocking the competitors on their Internet service, just as KPN did. Net neutrality regulation is designed to prevent such anti-competitive behavior. A neutral net obliges ISPs to allow competition on their access links.

So which is the free-market approach? Allowing network owners to do whatever they want on their networks and block any traffic they don’t like, or ensuring that the Internet is a level playing field where entities with the power to block third parties are prevented from doing so? The former is the free market of commerce, the latter is the free market of ideas. In this case they are in opposition to each other.

Posted in network, neutrality | No Comments »

ITExpo East 2011: C-01 “Connecting the Distributed Enterprise via Video”

Monday, January 24th, 2011

I will be moderating this panel at IT Expo in Miami on February 3rd at 9:00 am:

Mobility is taking the enterprise space by storm – everyone is toting a smartphone, tablet, laptop, or one of each. It’s all about what device happens to be tIn today’s distributed workforce environment, it’s essential to be able to communicate to employees and customers across the globe both efficiently and effectively. Prior to today, doing so was far more easily said than done because, not only was the technology not in place, but video wasn’t accepted as a form of business communication. Now that video has burst onto the scene by way of Apple’s Facetime, Skype and Gmail video chat, consumers are far more likely to pick video over voice – both in their home and at their workplaces. But, though demand has never been higher, enterprise networks still experience a slow-down when employees attempt to access video streams from the public Internet because the implementation of IP video is not provisioned properly. This session will provide an overview of the main deployment considerations so that IP video can be successfully deployed inside or outside the corporate firewall, without impacting the performance of the network, as well as how networks need to adapt to accommodate widespread desktop video deployments. It will also expose the latest in video compression technology in order to elucidate the relationship between video quality, bandwidth, and storage. With the technology in place, an enterprise can efficiently leverage video communication to lower costs and increase collaboration.

The panelists are:

  • Mike Benson, Regional Vice President, VBrick Systems
  • Anatoli Levine, Sr. Director, Product Management, RADVISION Inc.
  • Matt Collier, Senior Vice President of Corporate Development, LifeSize

VBrick claims to be the leader in video streaming for enterprises. Radvision and LifeSize (a subsidiary of Logitech) are oriented towards video conferencing rather than streaming. It will be interesting to get their respective takes on bandwidth constraints on the WLAN and the access link, and what other impairments are important.

Posted in network, Video, Wi-Fi | No Comments »

IT Expo East 2011: NGC-04 “Meeting the Demand for In-building Wireless Networks”

Monday, January 24th, 2011

I will be moderating this panel at IT Expo in Miami on February 2nd at 12:00 pm:

Mobility is taking the enterprise space by storm – everyone is toting a smartphone, tablet, laptop, or one of each. It’s all about what device happens to be the most convenient at the time and the theory behind unified communications – anytime, anywhere, any device. The adoption of mobile devices in the home and their relevance in the business space has helped drive a new standard for enterprise networking, which is rapidly becoming a wireless opportunity, offering not only the convenience and flexibility of in-building mobility, but WiFi networks are much easier and cost effective to deploy than Ethernet. Furthermore, the latest wireless standards largely eliminate the traditional performance gap between wired and wireless and, when properly deployed, WiFi networks are at least as secure as wired. This session will discuss the latest trends in enterprise wireless, the secrets to successful deployments, as well as how to make to most of your existing infrastructure while moving forward with your WiFi installation.

The panelists are:

  • Shawn Tsetsilas, Director, WLAN, Cellular Specialties, Inc.
  • Perry Correll, Principal Technologists, Xirrus Inc.
  • Adam Conway, Vice President of Product Management, Aerohive

Cellular Specialties in this context is a system integrator, and one of their partners is Aerohive. Aerohive’s special claim to fame is that they eliminate the WLAN controller, so each access point controls itself in cooperation with its neighbors. The only remaining centralized function is the management. Aerohive claims that this architecture gives them superior scalability, and a lower system cost (since you only pay for the access points, not the controllers).

Xirrus’s product is unusual in a different way, packing a dozen access points into a single sectorized box, to massively increase the bandwidth available in the coverage areas.

So is it true that Wi-Fi has evolved to the point that you no longer need wired ethernet?

Posted in enterprise, network, Wi-Fi | No Comments »

Net Neutrality Fallout

Wednesday, January 5th, 2011

Stacey Higginbotham posted an analysis of the FCC Net Neutrality report and order on GigaOM. She concludes:

As a consumer, it’s depressing, …it leaves the mobile field open for the creation of walled gardens and incentivizes the creation of application-specific devices.

Sure enough, just two weeks after the publication of the R&O, Ryan Kim reports on GigaOM that MetroPCS announced on January 3rd plans to charge extra based on what you access, rather than on the quantity or quality of the bandwidth you consume.

Posted in network, neutrality | No Comments »

Net Neutrality and consumer benefit

Monday, December 20th, 2010

A story in Wired dated December 17th reports on a webinar presented by Allot Communications and Openet.

A slide from the webinar shows how network operators could charge by the type of content being transported rather than by bandwidth:

DPI integrated into Policy Control & Charging

In an earlier post I said that strict net neutrality is appropriate for wired broadband connections, but that for wireless connections the bandwidth is so constrained that the network operators must be able to ration bandwidth in some way. The suggestion of differential charging for bandwidth by content goes way beyond mere rationing. The reason this is egregious is that the bandwidth costs the same to the wireless service provider regardless of what is carried on it. Consumers don’t want to buy content from Internet service providers, they want to buy connectivity – access to the Internet.

In cases where a carrier can legitimately claim to add value it would make sense to let them charge more. For example, real-time communications demands traffic prioritization and tighter timing constraints than other content. Consumers may be willing to pay a little bit more for the better sounding calls resulting from this.

But this should be the consumer’s choice. Allowing mandatory charging for what is currently available free on the Internet would mean the death of the mobile Internet, and its replacement with something like interactive IP-based cable TV service. The Internet is currently a free market where the best and best marketed products win. Per-content charging would close this down, replacing it with an environment where product managers at carriers would decide who is going to be the next Facebook or Google, kind of like AOL or Compuserve before the Internet. The lesson of the Internet is that a dumb network connecting content creators with content consumers leads to massive innovation and value creation. The lesson of the PSTN is that an “intelligent network,” where network operators control the content, leads to decades of stagnation.

In a really free market, producers get paid for adding value. Since charging per content by carriers doesn’t add value, but merely diverts revenue from content producers to the carriers, it would be impossible in a free market. If a wireless carrier successfully attempted this, it would indicate that wireless Internet access is not a free market, but something more like a monopoly or cartel which should be regulated for the public good.

Posted in network, neutrality | No Comments »

Dumb mobile pipes

Tuesday, November 23rd, 2010

An interesting story from Bloomberg says that Ericsson is contemplating owning a wireless network infrastructure. Ericsson is already one of the top 5 mobile network operators worldwide, but it doesn’t own any of the networks it manages – it is simply a supplier of outsourced network management services.

The idea here is that Ericsson will own and manage its own network, and wholesale the services on it to MVNOs. If this plan goes through, and if Ericsson is able to stick to the wholesale model and not try to deliver services direct to consumers, it will be huge for wireless network neutrality. It is a truly disruptive development, in that it could lower barriers to entry for mobile service providers, and open up the wireless market to innovation at the service level.

[update] Upon reflection, I think this interpretation of Ericsson’s intent is over-enthusiastic. The problem is spectrum. Ericsson can’t market this to MVNOs without spectrum. So a more likely interpretation of Ericsson’s proposal is that it will pay for infrastructure, then sell capacity and network management services to spectrum-owning mobile network operators. Not a dumb pipes play at all. It is extremely unlikely that Ericsson will buy spectrum for this, though there are precedents for equipment manufacturers buying spectrum – Qualcomm and Intel have both done so.

[update 2] With the advent of white spaces, Ericsson would not need to own spectrum to offer a wholesale service from its wireless infrastructure. The incremental cost of provisioning white spaces on a cellular base station would be relatively modest.

Posted in Mobile Unified Communications, network, neutrality | 1 Comment »

QoS meters on Voxygen

Wednesday, October 27th, 2010

The term “QoS” is used ambiguously. The two main categories of definition are first, QoS Provisioning: “the capability of a network to provide better service to selected network traffic,” which means packet prioritization of one kind or another, and second more literally: “Quality of Service,” which is the degree of perfection of a user’s audio experience in the face of potential impairments to network performance. These impairments fall into four categories: availability, packet loss, packet delay and tampering. Since this sense is normally used in the context of trying to measure it, we could call it QoS Metrics as opposed to QoS Provisioning. I would put issues like choice of codec and echo into the larger category of Quality of Experience, which includes all the possible impairments to audio experience, not just those imposed by the network.

By “tampering” I mean any intentional changes to the media payload of a packet, and I am OK with the negative connotations of the term since I favor the “dumb pipes” view of the Internet. On phone calls the vast bulk of such tampering is transcoding: changing the media format from one codec to another. Transcoding always reduces the fidelity of the sound, even when transcoding to a “better” codec.

Networks vary greatly in the QoS they deliver. One of the major benefits of going with VoIP service provided by your ISP (Internet Service Provider) is that your ISP has complete control over QoS. But there is a growing number of ITSPs (Internet Telephony Service Providers) that contend that the open Internet provides adequate QoS for business-grade telephone service. Skype, for example.

But it’s nice to be sure. So I have added a “QoS Metrics” category in the list to the right of this post. You can use the tools there to check your connection. I particularly like the one from Voxygen, which frames the test results in terms of the number of simultaneous voice sessions that your WAN connection can comfortably handle. Here’s an example of a test of ten channels:

Screen shot of Voxygen VoIP performance metrics tool

Posted in impairments, metrics, network, QoS Metrics, Skype, VoIP | 1 Comment »

Third Generation WLAN Architectures

Thursday, October 21st, 2010

Aerohive claims to be the first example of a third-generation Wireless LAN architecture.

  • The first generation was the autonomous access point.
  • The second generation was the wireless switch, or controller-based WLAN architecture.
  • The third generation is a controller-less architecture.

The move from the first generation to the second was driven by enterprise networking needs. Enterprises need greater control and manageability than smaller deployments. First generation autonomous access points didn’t have the processing power to handle the demands of greater network control, so a separate category of device was a natural solution: in the second generation architecture, “thin” access points did all the real-time work, and delegated the less time-sensitive processing to powerful central controllers.

Now the technology transition to 802.11n enables higher capacity wireless networks with better coverage. This allows enterprises to expand the role of wireless in their networks, from convenience to an alternative access layer. This in turn further increases the capacity, performance and reliability demands on the WLAN.

Aerohive believes this generational change in technology and market requires a corresponding generational change in system architecture. A fundamental technology driver for 802.11n, the ever-increasing processing bang-for-the-buck yielded by Moore’s law, also yields sufficient low-cost processing power to move the control functions from central controllers back to the access points. Aerohive aspires to lead the enterprise Wi-Fi market into this new architecture generation.

Superficially, getting rid of the controller looks like a return to the first generation architecture. But an architecture with all the benefits of a controller-based WLAN, only without a controller, requires a sophisticated suite of protocols by which the smart access points can coordinate with each other. Aerohive claims to have developed such a protocol suite.

The original controller-based architectures used the controller for all network traffic: the management plane, the control plane and the data plane. The bulk of network traffic is on the data plane, so bottlenecks there do more damage than on the other planes. So modern controller-based architectures have “hybrid” access points that handle the data plane, leaving only the control and management planes to the controller device (Aerohive’s architect, Devin Akin, says:, “distributed data forwarding at Layer-2 isn’t news, as every other vendor can do this.”) Aerohive’s third generation architecture takes it to the next step and distributes control plane handling as well, leaving only the management function centralized, and that’s just software on a generic server.

Aerohive contends that controller-based architectures are expensive, poorly scalable, unreliable, hard to deploy and not needed. A controller-based architecture is more expensive than a controller-less one, because controllers aren’t free (Aerohive charges the same for its APs as other vendors do for their thin ones: under $700 for a 2×2 MIMO dual-band 802.11n device). It is not scalable because the controller constitutes a bottleneck. It is not reliable because a controller is a single point of failure, and it is not needed because processing power is now so cheap that all the functions of the controller can be put into each AP, and given the right system design, the APs can coordinate with each other without the need for centralized control.

Distributing control in this way is considerably more difficult than distributing data forwarding. Control plane functions include all the security features of the WLAN, like authentication and admission, multiple VLANs and intrusion detection (WIPS). Greg Taylor, wireless LAN services practice lead for the Professional Services Organization of BT in North America says “The number one benefit [of a controller-based architecture] is security,” so a controller-less solution has to reassure customers that their vulnerability will not be increased. According to Dr. Amit Sinha, Chief Technology Officer at Motorola Enterprise Networking and Communications, other functions handled by controllers include “firewall, QoS, L2/L3 roaming, WIPS, AAA, site survivability, DHCP, dynamic RF management, firmware and configuration management, load balancing, statistics aggregation, etc.”

You can download a comprehensive white paper describing Aerohive’s architecture here.

Motorola recently validated Aerohive’s vision, announcing a similar architecture, described here.

Here’s another perspective on this topic.

Posted in enterprise, manageability, network, QoS Metrics, Wi-Fi | 1 Comment »

Google sells out

Tuesday, August 10th, 2010

Google and Verizon came out with their joint statement on Net Neutrality on Monday. It is reasonable and idealistic in its general sentiments, but contains several of the loopholes Marvin Ammori warned us about. It was released in three parts: a document posted to Google Docs, a commentary posted to the Google Public Policy Blog, and an op-ed in the Washington Post. Eight paragraphs in the statement document map to seven numbered points in the blog. The first three numbered points map to the six principles of net neutrality enumerated by Julius Genachowski [jg1-6] almost a year ago. Here are the Google/Verizon points as numbered in the blog:

1. Open access to Content [jg1], Applications [jg2] and Services [jg3]; choice of devices [jg4].
2. Non-discrimination [jg5].
3. Transparency of network management practices [jg6].
4. FCC enforcement power.
5. Differentiated services.
6. Exclusion of Wireless Access from these principles (for now).
7. Universal Service Fund to include broadband access.

The non-discrimination paragraph is weakened by the kinds of words that are invitations to expensive litigation unless they are precisely defined in legislation. It doesn’t prohibit discrimination, it merely prohibits “undue” discrimination that would cause “meaningful harm.”

The managed (or differentiated) services paragraph is an example of what Ammori calls “an obvious potential end-run around the net neutrality rule.” I think that Google and Verizon would argue that their transparency provisions mean that ISPs can deliver things like FIOS video-on-demand over the same pipe as Internet service without breaching net neutrality, since the Internet service will commit to a measurable level of service. This is not how things work at the moment; ISPs make representations about the maximum delivered bandwidth, but for consumers don’t specify a minimum below which the connection will not fall.

The examples the Google blog gives of “differentiated online services, in addition to the Internet access and video services (such as Verizon’s FIOS TV)” appear to have in common the need for high bandwidth and high QoS. This bodes extremely ill for the Internet. The evolution to date of Internet access service has been steadily increasing bandwidth and QoS. The implication of this paragraph is that these improvements will be skimmed off into proprietary services, leaving the bandwidth and QoS of the public Internet stagnant.

The exclusion of wireless many consider egregious. I think that Google and Verizon would argue that there is nothing to stop wireless being added later. In any case, I am sympathetic to Verizon on this issue, since wireless is so bandwidth constrained relative to wireline that it seems necessary to ration it in some way.

The Network Management paragraph in the statement document permits “reasonable” network management practices. Fortunately the word “reasonable” is defined in detail in the statement document. Unfortunately the definition, while long, includes a clause which renders the rest of the definition redundant: “or otherwise to manage the daily operation of its network.” This clause appears to permit whatever the ISP wants.

So on balance, while it contains a lot of worthy sentiments, I am obliged to view this framework as a sellout by Google. I am not alone in this assessment.

Posted in Google, network, neutrality, Policy | No Comments »

A small step for Google, a giant leap backwards for America?

Thursday, August 5th, 2010

Google is rumored to be ready to cut a Faustian deal with Verizon, benefitting its shareholders by selling the soul of the Internet, namely open, equal access.

If the rumors turn out to be true, Google might consider changing Point 6 of its corporate philosophy (which currently says “You can make money without doing evil“) to “We don’t care. We don’t have to.

Update: Google and Verizon deny the rumor.

Posted in Google, network, neutrality | No Comments »

« Older Entries
Linley Guide to Connectivity Chips for Cellular Handsets
The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.