|North America I 2014
|Balancing security and speed in LTE: Can vendors keep pace?
|President & CEO
Vikash Varma is President and CEO of Stoke, Inc. Vikash Varma brings more than 20 years of multi-disciplined, international experience to Stoke. Vikash has a successful track record of building businesses from the early stages to market leadership and maximizing value for investors. He was most recently the President, Worldwide Sales, Marketing and Field Operations at CloudShield Technologies. Previously he was President of Worldwide Sales and Field Operations at P-Cube Inc. with overall responsibility for Sales, Channels, Partners, Professional Services, where he grew the business with top tier carriers worldwide before its acquisition in 2004 by Cisco Systems. Prior to P-Cube, Vikash was General Manager at Hewlett-Packard Co. of their Internet Usage Manager (IP Mediation) Software business. Vikash holds a BSc in Engineering from the Birla Institute, one of India’s premier academic establishments.
The rapid growth in data continues with implementation of LTE – not just more speed, but also more dependable, high quality services, and in particular Voice over LTE (VoLTE). This calls for balancing the requirement for security with the imperative of low latency, which is far more stringent for packet-based Voice than for data. Security has been ignored in early-bird US LTE implementations, but is now regarded as a differentiator, especially as cybercrime is rising fast. With managed quality and low latency, VoLTE has a chance of strengthening the hand of mobile carriers against OTT VoIP over the unmanaged Internet.
Mobile data has reached the crossover point where it represents a bigger revenue source for operators than voice traffic, according to figures issued by AT&T, Verizon and multiple industry analysts. In 2013 data traffic revenues grew by a healthy 15% year on year. At the same time, operators have been rolling out LTE networks at a brisk pace – 180 LTE networks were deployed by the end of last year to meet demand – without giving up too much of that revenue in infrastructure costs.
After lagging behind the rest of the world in 3G, the U.S. has stormed ahead to lead the LTE market. Though most carriers around the world have committed to LTE and it is heavily deployed in some countries, in most areas, for example in some European countries where spectrum regulations have delayed LTE rollouts, it is just getting off the ground. Despite the early deployment, the U.S. is behind the market when it comes to LTE security.
Security matters a whole lot more in LTE because these networks are all-IP and therefore as vulnerable to security breaches as any unprotected device in the network. Backhaul traffic in 3G networks was encrypted, but in LTE networks, backhaul traffic from the radio network to the operator core is not, and is subject to all the same massive vulnerabilities that have dogged our network communications for decades.
U.S. mobile operators have been slow to admit to these flaws, arguing that their ‘closed’ networks prevented any possibility of hacking or other threats. That has changed over the last 18 months, largely because of public awareness. We can probably thank the NSA (National Security Agency) and Edward Snowden for demonstrating the disadvantages of an unprotected communications networks to the entire world.
In part, this is driven by factors including a more intense cybercrime focus on mobile networks (the fact that Telecoms Tech hosted an ‘M2M & Internet of Things Hackathon’ in London last November is just one indicator) and a rising incidence of breaches such as eavesdropping, man-in-the-middle attacks, denial of service, and packet insertion. Perhaps the chief influence, though, is operators’ growing recognition that if their LTE networks aren’t secured, they will be at a competitive disadvantage.
This is borne out by an increasing body of formal and informal user data. In a recent U.S. online survey, more than 20% of respondents said that their major LTE security concern was criminals stealing sensitive information. Chief anxiety for 17.5% was the possibility of attackers triggering network outages and degradations, and for 16.5% it was the fear of insecure mobile operating systems and apps. Another 14.6% worried about human error – customers unknowingly downloading malware that might affect the larger network.
The profit motive
LTE security is now at the heart of discussions – especially when it comes to customer retention. Most of the U.S. mobile carriers have adopted aggressive customer acquisition strategies, with pricing and with network availability, as in the case of Verizon, or with better LTE speeds, as in the case of their close competitor AT&T. However, every operator looking for long-term success, according to Heavy Reading’s Patrick Donegan, must play the security game, and U.S. operators can no longer hang back. In a 2013 report, Donegan asserts that a financial analysis of LTE operators four years from now is likely to show a close relationship between support for end-to-end network security and superior financial performance.
The argument that IPSec is costly has been knocked down, as well: results of recent European deployments have proven conclusively that the introduction of security does not result in higher operating expenses.
Reading the signals: Security and performance
As LTE networks mature, user numbers grow, data traffic increases, and operators begin to introduce new latency-intolerant services, can security keep pace? Latency – even infinitesimal traffic processing delays – must be kept well within the 20-30 millisecond targets if operators are to deliver on LTE’s core value proposition: faster, better, and far more traffic.
Traffic patterns in LTE are vastly different from 3G networks. Consumers use far more data, and expect higher and higher levels of performance from their mobile devices. LTE now accounts for about for 50% of all wireless connections in the U.S. According to Ericsson’s June 2013 report, the video traffic on mobile networks grew by 60%t year on year.
Operators must secure traffic while handling the more complex and unpredictable LTE traffic flows and levels of network-wide signaling traffic. The US (Verizon) and Canada (Rogers) have already seen embarrassingly high profile outages due to signaling.
What causes signaling surges? There’s an army of potential culprits, including network software updates; malware introduced by applications; heavier use of real-time applications such as video and audio streaming, gaming and advertisements, and Voice over LTE (VoLTE). Because smartphones and devices can host an increasingly higher number of applications, background signaling activity per device rises significantly because of the frequent update requests from applications – especially those for ‘chatty’ social apps.
So it’s not surprising that signaling capacity and mechanisms to prevent signaling overloads from causing outages are receiving greater attention from operators when provisioning core infrastructure elements. The role of LTE security has evolved – it must also protect against sudden and unexpected surges in signaling and user data traffic. The increase in the volume of signaling traffic makes it harder for operators to identify threats and effectively control them in real time.
Voice over LTE: Balancing security and performance
Infonetics Research logged 12 commercial VoLTE networks with 8 million subscribers by year-end 2013. The ramp in 2014 will be faster, principally because of economics: VoLTE allows operators to re-farm spectrum away from 2G/3G to LTE, which will significantly lower voice infrastructure costs. Research firm iGR expects the number of VoLTE subscribers to grow significantly – at a CAGR of 187 percent between 2012 and 2017.
But subscribers need to see a value in VoLTE. There’s a general expectation that calls will have a superior audio quality over 3G or other calls, and this quality of voice will be the key differentiator as operators roll out VoLTE services in competition with over-the-top VoIP service providers. However, subscribers also expect their VoLTE calls to be secured.
It’s not yet clear how Sprint, T-Mobile, Verizon and AT&T Mobility or other U.S. Carriers will market VoLTE this year. The likelihood is that, rather than going straight for groundbreaking new services like real-time language translation or video voicemails, carriers will use VoLTE to reach parity with current communication innovations like FaceTime, Google Hangouts, WhatsApp and other over-the-top (OTT) messaging services. To make this move, operators will need to balance the requirement for security with the imperative of low latency. The U.S. Department of Defense won’t allow a carrier to operate a network without encryption.
The latency factor
VoLTE commands a significant shift in how mobile operators think about success in mobile broadband networks. So far, operators have defined quality primarily in terms of speed and throughput, or bandwidth. With VoLTE, the focus on speed has been reversed completely. Network performance will be measured by how well operators can deliver on consumers’ expectations for improved voice quality. That means no jitter, no latency and no dropped calls.
Latency is defined as the time it takes for a source to send a packet of data to a receiver, which is typically measured in milliseconds. The lower the latency (the fewer the milliseconds) the better the network performance and the more “real time” the voice will sound to the subscriber. The acceptable level of latency for LTE traffic delivery is pegged at about 20 to 30 milliseconds, a microscopic amount that is virtually unnoticeable in some applications, but which would seriously degrade a voice call.
This means that the introduction of security to LTE must be achieved in such a way that it doesn’t contribute to latency. This is not the case with all security solutions, and definitely not the case once the smaller size packets, which are typical for voice traffic, begin to dominate the pattern of network traffic
With several of the major U.S. mobile operators poised to make VoLTE widely available by the end of 2014, and new VoLTE phones about to hit the market in the first quarter of this year, there is pressure on the traditional vendor ecosystem to deliver technology that will allow operators to retain and build their subscriber base. As a result, we can expect to see new players coming to the table with innovative solutions, and operators opening their doors to newer players who can help them get the balancing act right: secure, high performing LTE voice services, that will allow the US carrier market to take on their OTT competition and win.