LTE: The Trigger for Next-Gen Backhaul

(1)

Prepared by

Patrick Donegan

Senior Analyst,

Heavy Reading

www.heavyreading.com

on behalf of

www.juniper.net

www.nsn.com

August 2013

White Paper

LTE: The Trigger for Next-Gen

Backhaul

(2)

HEAVY READING | AUGUST 2013 | WHITE PAPER | LTE: THE TRIGGER FOR NEXT-GEN BACKHAUL 2

LTE Transforms the Mobile Business

There is pretty much universal agreement that LTE is exceeding the expectations of operators and end users. This is in marked contrast to the launch of 2G and 3G services, which were characterized by long delays in network launches, limited supply of terminals and decidedly muted enthusiasm – or even outright disap-pointment – among early adopters. While enhanced coverage and features went on to drive 2G and 3G phones into the hands of more than 6 billion users world-wide, it's worth recalling that 2G and 3G saw a relatively slow rate of initial adop-tion, with six to 10 years passing before each hit 100 million subscribers.

The transition from 3G to 4G LTE can be seen as marking the critical inflexion point between the voice and data eras and, as such, is transforming the mobile business. When TeliaSonera and Verizon Wireless first announced plans to launch the first 4G LTE networks at the end of 2009 and 2010, respectively, it was unclear whether the slow and painful 2G and 3G launch precedents would be repeated or whether the accumulated experience of earlier generation launches would instead be put to good use and enable the industry to execute on time, delivering new capabilities that truly excite early adopters from day one. Following the on-schedule and highly-successful LTE launches in Sweden, Norway and the U.S., and now more than another hundred mobile operators in more than 50 countries, including Canada, Japan, South Korea, India, Australia, China, the U.K. and Germany, LTE has clearly broken the mold and is either meeting or exceeding the expectations of operators and end users worldwide pretty much from day one.

Early Adopters Have Been Excited From Day One

Early GSM adopters were highly critical of dropped calls resulting from the binary nature of the new digital system and the lack of any handover to analog when out of digital coverage. Early 3G adopters recognized that the initial 384 kbit/s downlink was a bit better than GPRS, but no one was really wowed by 3G until the first HSPA release was rolled out three years later. By contrast, LTE early adopters typically respond much more positively. It isn't just speeds in excess of 10 Mbit/s – or even 20 Mbit/s – that impresses them; it's also the rapid connection setup times. In many countries that have yet to roll out LTE, governments fear losing economic competitiveness to rivals. Berating the country's regulations for holding back mobile broadband deployment, Brazil's Minister of Communications, Paulo Bernado, told a conference in November 2012, "We need to take Internet access to everyone. We need LTE, we need to innovate. The development of LTE is very important." As of early 2013, there are more than 50 million LTE subscribers worldwide, implying that the technology will break the 100-million subscriber barrier some time in 2013, within four years of the first commercial launch. According to the GSM Supplier Association, there were 560 different types of LTE-enabled consumer device available as of November 2012 – three times as many as a year previously. Other numbers offer testimony of the potentially transformative impact of LTE on the end user experience and on the network operator:

 LTE subscribers consume a lot more data than 3G subscribers, which is good news for the operator providing this can be monetized and deliv-ered efficiently. In South Korea, now the world's leading LTE market with 30% subscriber penetration, operators report average consumption of LTE traffic of 3 Gbytes per month, compared with 1.6 Gbytes per month for 3G. LTE subscribers using HDTV are nearing 5 Gbytes per month.

(3)

 Similarly, while only 10% of Verizon Wireless subscribers have LTE devices, this 10% still accounts for around a third of Verizon Wireless' total traffic.

 Many LTE, as well as 3G, operators report that as much as two thirds of their traffic now is video.

 Verizon Wireless reports that postpaid average revenue per account (ARPA) in 4Q12 was up 6.6% over 4Q11.

Unprecedented FMC Opportunities

LTE creates new revenue generation and cost-saving opportunities with fixed/mobile convergence (FMC) that can't be driven by 3G on its own. In April 2012, Verizon Wireless launched its HomeFusion home broadband service via LTE. Leveraging an antenna deployed at the customer premises, and priced initially at $59.99 per month for up 10 Gbytes of data, the HomeFusion DSL-substitution service promises users downlink speeds of 5-12 Mbit/s and uplink speeds of 2-5 Mbit/s, the same speeds that Verizon Wireless commits to LTE customers in the mobility environment. Operators in Germany and some of the Nordic countries are also leveraging LTE to pursue this line of business.

On the cost side, current or future traffic volumes generated by LTE are a critical driver of the drive by leading operators to build out transport networks and edge routing networks that are shared for both mobile backhaul and enterprise net-works. Telecom Italia is a leading example of an incumbent that has adopted this FMC strategy on the network side,* while in the U.S. many so-called alternative access vendors (AAVs) – wholesalers offering an alternative to the local incum-bent local exchange carrier (ILEC) – that have built out backhaul networks are now adding enterprise customers to these networks.

* See the white paper Implementing the Innovative Edge for Cloud-Based Services.

Figure 1: Live LTE Networks, November 2012

(4)

LTE Transforms the Backhaul Network

As Figure 2 demonstrates, the network architecture changes fundamentally with LTE as compared with 3G:

 Radio resource control (RRC) is pushed out to the core and eNodeB, respectively, eliminating 3G's radio network controller (RNC) node.

 There is a single IP-based mobile network core, the Evolved Packet Core (EPC), for voice and data as compared with separate voice and data networks for 3G. This is to reduce cost and latency and enable voice over LTE (VoLTE), as well as a host of real-time multimedia services such as rich communication services (RCS).

 Whereas in 3G the RNC had to be deployed close to the Node B, the EPC can be deployed anywhere, including in pool mode (via the S1-Flex fea-ture), or in a virtualized configuration in the cloud.

 IP backhaul is mandatory rather than optional.

 And there is a new X2 interface that provides a direct transport path be-tween eNodeBs for the very first time in a 3GPP architecture to enforce good performance at the cell edge.

Figure 2: The 3G & LTE Network Architectures

(5)

Network Planners Are Adding New LTE Capabilities & Features

For launch, the first operators to launch LTE tended to prefer a very basic set of LTE networking features defined in 3GPP R8. This was one of the key learnings from the 3G launches – don't try and do everything at once; keep it simple at the outset. As LTE networks are expanding, however, network planners are increasingly looking to more advanced features. For example:

 Many LTE operators have now switched on the X2 interface.

 Some LTE operators have switched on 3GPP's S1-Flex feature. As men-tioned above, this allows different subscribers attached to the same eNodeB to be connected to different EPC elements for better load-balancing and to allow dynamic re-attachment to alternative EPC ele-ments if a connection fails.

 Whereas most early LTE launches were in Frequency Division Duplex (FDD) mode, TD-LTE – the Time Division Duplex (TDD) variant – is now being rolled out in volume by large carriers such as Bharti Airtel in India, China Mobile and Clearwire in the U.S. Many operators that have initially launched in FDD mode also have TD-LTE rollout in their roadmaps.

 The first volume VoLTE deployments are expected in 2013.

 Public access small cells will increasingly be required to bolster LTE capacity.

 The first launches of LTE-Advanced features driving the capacity, throughput and performance of LTE ever higher are expected in 2013. As the subsequent sections of this paper will show, the markedly different architec-ture, performance roadmap and service potential of LTE is driving tremendous change in the requirements for the backhaul network. The next-gen backhaul network must evolve from a static, point-to-point SDH or Ethernet network support-ing a slow-changsupport-ing network of macro-cells with the location of each element prescribed by the network hierarchy to a much more flexible, content rich, voice, video and multimedia distribution network.

This transformation must support a heterogeneous network of macro-cells and small cells evolving much more rapidly and dynamically. It needs to allow EPC and service delivery platform (SDP) elements to be deployed much more flexibly throughout the network and according to a variety of new leading-edge network-ing models to reduce capex and opex.

Subsequent sections highlight some of the critical capabilities of the next-gen backhaul network for LTE, specifically as regards capacity, low latency, intelli-gence, synchronization and security.

(6)

Building Capacity Into the Backhaul

The huge appetite for mobile broadband bandwidth has taken most mobile operators by surprise, giving rise to the so-called "Data Tsunami," which is bound to increase inexorably going forward. It has barely been three years since rolling out 100 Mbit/s of backhaul to the cell site seemed remarkable. And yet, in November 2012, Vodafone announced that it has now deployed backhaul capacity of 1 Gbit/s or higher across 47% of its European network footprint, up from 29% a year previously. Vodafone invokes a theoretical base station site running LTE at 2600MHz, LTE at 800MHz, 3G at 2100MHz and 3G at 800MHz on three sectors to justify this investment, adding that if each technology hit peak speeds the total throughput would reach 930 Mbit/s.

The increasingly common 1Gbit/s capacity requirement for many urban cell sites necessarily has a knock-on impact on capacity requirements throughout the network. So in the aggregation layer of the backhaul 10 Gbit/s will become an increasingly common requirement, rising to 20 Gbit/s for some operators. And in the operator's backbone core, 100 Gbit/s is increasingly common, with a full terabit per second being conceivable for some operators within five years.

SK Telecom Plans to Launch LTE Advanced in 2013

Had LTE's initial impact at launch been as muted as 3G's we would only be starting to see LTE start to deliver on its promise around about now. Instead we are actually seeing leading operators preparing to roll out LTE-Advanced (LTE-A). Remarkably, having only launched LTE in June 2011, SK Telecom in South Korea has carried out successful trials and looks set to be among the first operators in the world to begin rolling out R10 LTE-A features during 2013. Many of the major operators in the U.S. and Japan will also trial LTE-A features in 2013 and operators in other markets, including Western Europe, Russia and Australia, also have it in their roadmaps. The first LTE-A ready chipsets are already on the market, but others are expected in 2013.

One of these LTE-A features is carrier aggregation whereby different parts of the operator's spectrum can be aggregated in component carriers of up to five discrete carriers of up to 20MHz. This gives a theoretical maximum availability of up to 100 MHz of LTE spectrum, capable of supporting up to 1 Gbit/s in the downlink and 500 Mbit/s in the uplink.

New Backhaul Requirements of Small-Cell Capacity Supplements

At the same time as exploiting the phenomenal capacity roadmap that LTE and LTE-A offer at the macro-cellular layer, operators are clear that they will continue to need to add cell sites to derive greater spectral efficiency.

As shown in Figure 3, Heavy Reading predicts significant adoption of public access small cells – sometimes referred to as metro cells – as part of this expansion of cell sites, beginning on a large scale in 2014. While there will likely be some adoption of public access small cells for the 3G network, from a global perspec-tive it's unlikely to be long before the majority of public access small cell deploy-ments that involve 3GPP technologies are primarily for LTE.

Public access small cells create substantial new backhaul challenges. The one that tends to get the most attention is how best to leverage fiber, copper and

(7)

radio solutions to physically build out the last mile – or last 100 meters – of backhaul connectivity out to the small eNodeB cell, which is a lot closer to rooftop or street level than base station antennas have typically been deployed up until now.

But there is a lot more to it than that. The first deployments of public access small cells will see ratios of perhaps three to four small cells to support a given macro-cell. But some future use cases envisage a ratio as great as twenty to one –

triggering a potentially very large increase in the number of network end points. And to derive this extra capacity at a viable cost point, conventional manual service activation and path provisioning of backhaul elements will be cost-prohibitive. Instead they will need to be easy to install and self-configuring with rich self-organizing networks (SON) features to reduce capex and opex.

As discussed in subsequent sections, in addition to driving more traffic and a more dynamic cell site acquisition and deployment environment, these small cells will also create new challenges as regards network synchronization and security.

Figure 3: The Growth in Public Access Small Cells

(8)

Exacting New Latency Targets

As mentioned previously, one of the key performance criteria that has driven the early adopter's response to LTE to be so positive is the rapid session set up times. And while low latency is an important enabler of the superior quality of experience that LTE delivers today for mostly data-oriented applications, it will become even more important when VoLTE and other real-time multimedia services are rolled out. As highlighted further on, low-latency networks are also critical for supporting the stringent synchronization requirements of LTE.

Most operators are targeting end-to-end latency of 20-30 milliseconds in the LTE network. The platform for achieving this is provided by the flat LTE network archi-tecture as shown in Figure 2. But while the LTE standard provides the basic archi-tectural framework for achieving this, the operator still needs to design and deploy their network in a way that will allow the target to be reached.

Most operators aren't too bothered with a latency target for each network domain so long as the end-to-end target is reached. Nevertheless, the backhaul domain certainly has its role to play in minimizing latency. The transition to 1 Gbit/s at the cell site and 10 Gbit/s in the aggregation layer is obviously an important enabler. And while the worldwide trend to push fiber out from the core and aggregation toward the edge of the mobile network is primarily driven by capaci-ty requirements, the availabilicapaci-ty of fiber at – or increasingly close to – the cell site is also a key enabler. This trend will increasingly push microwave out from the core and aggregation and toward the last mile, allowing the kind of latency that can sometimes be introduced with a lot of microwave hops to be reduced.

While microwave backhaul is increasingly being pushed out of the core and aggregation, at the same time it is nevertheless liable to proliferate at the edge of the mobile network. This is especially true in the public access small cell era where radio backhaul will often be lower cost than fiber. In choosing from a wide variety of radio backhaul solutions for these deployments, however, very particular care will be needed to take account of the potential latency-inducing properties of some near- or non-line-of-sight (NLOS) radios in the 5GHz and sub-5GHz bands. There are certainly circumstances where these radios can be used but, when they are, the network must be even more carefully planned in regard to latency.

(9)

The Next Steps in Synchronization

As Figure 2 has already shown, LTE renders IP backhaul mandatory rather than optional. And with that goes the requirement for new packet network synchroniza-tion standards to replace the DS1s or E1s that mobile operators have tradisynchroniza-tionally relied on to synchronize base stations in the network.

The majority of live LTE networks have launched in FDD mode. This requires fre-quency synchronization to plus or minus 50 parts per billion – the same as in other 2G and 3G FDD systems – and can be achieved using synchronization standards, such as the ITU's Synchronous Ethernet (SyncE) based on the physical layer, the IEEE's 1588v2 Precision Time Protocol (PTP), which adds a time stamp to individual packets based on a master/slave relationship, or one of the Global Navigation Satellite Systems (GNSS) standards, such as Global Positioning System (GPS) owned by the U.S. government.

Frequency Synchronization Will Not Be Enough

As LTE is rolled out, different synchronization variants will increasingly be needed. Chief among these is phase synchronization for which the requirements are a lot more exacting – 1.5 microseconds and below. Among the releases of LTE that will require time/phase synchronization are:

 TD-LTE requires phase synchronization to plus or minus 1.5 microseconds.

 LTE-A supports MIMO and coordinated multipoint (CoMP) features to send and receive signals from multiple cells or sectors simultaneously to a given subscriber end point to reduce interference and improve throughput. The phase synchronization requirements for CoMP are even more exacting at less than 0.5 microseconds.

 To use spectrum resources optimally and prevent interference with the macro layer – a key operator concern with public access small cells –

those cells deployed with LTE-A will need to be meshed or otherwise net-worked together, effectively serving as a single sub-network. This will quire enhanced inter-cell interference coordination (eICIC), which re-quires phase synchronization.

All three of the primary standards-based synchronization solutions have a role to play, but PTP is the only one that can consistently support frequency and time/phase synchronization across all types of cell site. GNSS systems like GPS can support all the synchronization modes. But as witnessed by the creation last year of the dedicated "COAST" committee to "consider alternatives to the current GPS-based system" by America's Alliance for Telecommunications Industry Solutions (ATIS), GPS is vulnerable to being jammed. GPS is also unsuitable for indoor and below-ground environments because of the need to have line of sight to the satellite constellation. And there are political issues in some markets relating to the U.S. government's ownership of GPS. SyncE can certainly support frequency synchronization, but there is no roadmap for the standard to support phase synchronization.

Many operators are moving toward an "any two will do" strategy for synchroniza-tion of the LTE network to enable all the requirements to be met with system redundancy. Those that are adopting this strategy are typically opting for 1588v2 plus one from either GPS or SyncE.

(10)

All a Matter of Timing

Architecting the LTE network to achieve the tough synchronization requirements requires strong competence in the synchronization domain. While support for PTP is sometimes presented as a mere "tick-box" feature, the reality is that some vendors have been more successful than others in this space and have more live customer deployment references than others that they can cite.

The solution needs to take account of a couple of very specific issues. The first is the network topology. Depending on whether the backhaul network is leased from a third party or self-provided, whether it is designed in a star, ring or other configuration and other design aspects, the PTP implementation must perform just as well in scenarios where there are just one or two hops between the PTP Grandmaster and the eNodeB as scenarios when there are more than that. The solution also needs to take account of different physical layer technologies. For example, although the level of mitigation that is implemented varies according to the particular vendor, microwave backhaul links tend to be more vulnerable to packet delay variation (PDV) and jitter than fiber-based backhaul links.

The IEEE is building more by way of on-path support into the PTP protocol, provid-ing the operator with greater capability to maintain synchronization as PTP packets transition from one network element to the next.

The first to be standardized – the boundary clock (BC) – is designed to be support-ed in backhaul network elements and ussupport-ed initially for frequency synchronization. Having synchronized with the master clock, the BC then acts as its own master clock vis-à-vis subsequent downstream clocks. Once standardization has been completed by the IEEE, transparent clocks (TCs) will also provide on-path support that is optimized for phase synchronization by enabling a correction field within the PTP packet to be dynamically updated in real time at each element.

Delivery to 3GPP specifications will require expertise with respect to the time-of-day requirement for phase synchronization. This can be sourced totime-of-day from a Central Stratum 1 clock or by a Grandmaster from a GNSS system. Where GNSS is used, optimal decisions taking into account potential flaws in GNSS and associat-ed cost versus rassociat-edundancy issues will neassociat-ed to be taken as to the respective merits of centralizing the PTP grandmaster or distributing it throughout the network. Building on existing 1588v2 PTP capabilities, the right implementation of new on-path TC and BC enhancements will enable a potentially very challenging roadmap of frequency and phase synchronization requirements to be achieved so as to get the utmost from LTE and LTE-A. As shown in a previous section, this needs aligning with the operator's stringent latency targets. As shown in a subse-quent section, it also needs aligning with the operator's security strategy.

(11)

Backhaul Topology & Service Provisioning

The previous sections have flagged some of the critical new capabilities and features that the next-gen backhaul network will need to deliver if LTE is to meet the operator's expectations in terms of cost, revenue and customer retention. This section looks at the underlying networking environment in terms of topology, protocols and provisioning that will be required to enable that.

Evolution to a Future-Proof Network Topology

As shown in Figure 1, the backhaul network is still essentially a fixed point-to-point architecture today. In order to deliver the capacity, flexibility and performance that LTE-based applications and business models demand, operators need to consider how long this architecture can remain suitable for their evolving needs. They must consider a potential timetable for evolving toward an architecture that supports greater physical path diversity such as via ring or partial mesh architec-tures. And they need to do this irrespective of which packet protocols they have –

or plan to have – deployed across the backhaul because a networking constraint imposed by a network topology is a constraint no matter what protocol runs over the network.

Figure 4 provides a high level representation of the 3G mobile network as it is today from the perspective of the primary layers of the network and the primary protocols that operate in those layers. As such, it provides an illustration of two key barriers to optimal end-to-end performance across the backhaul and core networks as LTE is rolled out.

The Diversity of Protocols in Today's Backhaul Network

Over the last four years, Heavy Reading estimates that packet-based backhaul –

which until now has been driven by 3G data traffic volumes – has been rolled out in live commercial service to around 40% of the world's cell sites, and will reach

Figure 4: Domains & Protocols in Today’s Backhaul Network

(12)

85% of the world's cell sites by the end of 2015. That still leaves 60% of the world's cell sites with only TDM today. As shown, TDM is slowly but surely being pushed out of the network altogether.

From the core side, having been almost universally deployed in the mobile operator's core domain, IP/MPLS has been making substantial inroads into the aggregation domain, and is set to become the most widely deployed protocol in the aggregation domain in mobile networks worldwide by the end of 2015. L2 Carrier Ethernet established itself as the preferred protocol in the access and aggregation domains in the early years of packet backhaul deployment. It has nevertheless already started losing ground to IP/MPLS in the aggregation layer, and several leading operators that have launched – or are preparing to launch –

LTE are also considering IP/MPLS for deployment further out in the access domain.

The Rigid Segmentation of Network Domains

Even where the same protocol is used across two or more domains, the operator's internal organization typically still mandates unique teams for each domain (notably core and transport teams), which drives each team to focus on delivery of the service from their "border" on to the next.

In 3G networks today, for example, the task of re-hosting an eNodeB from one RNC to another often entails the path being manually deleted by operations personnel and traffic being manually re-mapped into a new path. Leading mobile operators have certainly evolved to what might be thought of as a semi-automated model whereby with a point and click the network is able to automat-ically determine a path between elements, albeit with the operations team still able to specify some boundaries and preferences in each instance.

Manual provisioning is costly to the operator because at each and every domain boundary, whether it be via encapsulation and de-encapsulation, QoS prioritiza-tion or other treatment, traffic must be treated afresh to ensure that the desired traffic characteristics are maintained. It's costly in terms of opex because of the manual monitoring and intervention that is required. It's costly from a capex perspective because of system resources that are typically used up in protocol negotiation across borders in most vendors' implementations. And it's costly in terms of the user experience because of the potential impact that the repeated re-applications of traffic treatment at the domain boundary can have on latency. Consistent with 3GPP's roadmap for SON greater flexibility and automation needs to be in the operator's roadmap for evolving the next-gen backhaul network, and MPLS is the optimal protocol to support that evolution. The timing and the form that evolution takes will vary by operator, depending on the timeframe for LTE rollout, the direction of the operator's organizational structure, the transport network team's depth of training in IP/MPLS, as well as cost differentials between IP/MPLS and alternative packet technologies.

Some operators at the leading edge can foresee a path to so-called seamless MPLS, which promises the benefits of a fully automated single label switched path (LSP) from the access right the way through the core, and its associated potential for reduced opex. Those operators that are behind that curve today will neverthe-less be encouraged by GUI-based IP/MPLS provisioning and management solutions for operations personnel that aren't sufficiently familiar with CLI.

(13)

Network Intelligence & a Path to SDN

As already discussed, operators will need to scale capacity with increasing flexibility and frequency as LTE starts to penetrate the subscriber base. More than simply capacity will be required as workloads will need to be shifted geograph-ically to different points in the network to optimize resources.

As the mobile network transforms into something that increasingly takes on many of the characteristics of an all-IP network the kinds of dynamic changes and susceptibility to bottlenecks will require increasingly intelligent systems to note, log and make automated decisions.

As the LTE network becomes larger with more network elements, with convention-al demarcation lines in the network becoming more porous, the case for centrconvention-al- central-ized management as a means of controlling opex will become compelling, driving a roadmap for the introduction of software-defined networking (SDN) principles into the mobile network.

Increasingly intensive usage of real-time multimedia voice and video services creates new challenges with respect to congestion control, for example. In 3G, congestion control is managed by the RNC so a new means of supporting congestion control will be required with LTE. Congested IP networks don't differen-tiate according to traffic type so mobile operators will be faced with a choice of throwing more bandwidth at the problem at significant cost or embedding congestion control intelligence in other backhaul network elements. Backhaul infrastructure vendors can obviously deliver this capability themselves, but open-ing their products up to value added resource-optimizopen-ing applications from third parties via standard software development kits (SDKs) will drive innovation in keeping network costs down.

Over time SDN will become a critical enabler of leveraging greater intelligence into the backhaul network. In order to control the end-to-end delivery of every service, a much finer granularity is required. Loading all of that computing and memory-intensive control functionality onto backhaul routing elements would deplete their core user plane forwarding function so centralizing control accord-ing to the SDN model will become increasaccord-ingly advantageous. That said, strippaccord-ing all of the control plane functionality out of these network elements risks rendering them entirely dumb in terms of application and network awareness. So while SDN will clearly drive greater centralization, care will also need to be taken to strike the optimal balance between centralization and decentralization of control functions.

(14)

Critical New Security Requirements

The architectural changes from 3G to LTE drive tremendous upside for the opera-tor in terms of performance, cost efficiency and new business models. But they also have an important downside from a security perspective.

 IP backhaul – which is inherently vulnerable to hacker attacks – is manda-tory rather than optional as an alternative or compliment to TDM back-haul.

 The distribution of the radio resource control to the eNodeB and EPC means that in LTE the 3GPP encryption terminates in the eNodeB at the edge of the mobile network rather than deeper in the network in the RNC.

 Establishing a great many more signaling and bearer paths between net-work elements via the X2 and S1 Flex interfaces allows many more ele-ments at one time to be subject to a cyber-attack.

 The elimination of the RNC node means that an attacker that is able to access a cell site can potentially gain direct access to the mobile opera-tor's core for the very first time.

 Public access small cells deployed at street or low roof level are inherently more vulnerable to physical tampering by attackers than macro-cells, which have much greater physical protection.

These exposures need closing off to protect the operator's conventional business model. But risk mitigation is just as critical if operators are to leverage the new capabilities of LTE to drive new business models based on commerce and m-health, many of which will not be viable unless the network is fully bullet-proofed from a security standpoint.

As recommended by 3GPP, one of the key solutions for mitigating these new risks is the use of IPsec for both authentication of eNodeBs and encryption of traffic across the S1 and X2 interfaces. Operators such as T-Mobile in Germany, Every-thing Everywhere in the U.K. and Telecom Italia are leading the way with a policy of implementing IPsec at their LTE cell sites.

Because it is new to the backhaul network, some network planners tend to view IPsec with an element of trepidation. The encapsulation and encryption features of IPsec are computationally intensive; it creates an overhead; it adds to capex; and the management of a lot of IPsec tunnels requires close attention to opex, especially in a highly dynamic network environment.

Implementing IPsec across the S1 and X2 in a manner that supports the operator's end-to-end network latency target for LTE is extremely important. Consistent with that, the implementation also needs to support the low packet delay variation requirements of synchronization standards like IEEE 1588v2, for example by enabling synchronization packets to be excluded from the IPsec tunnel and transmitted along an express path, marked up with the highest prioritization so that they bypass standard queuing mechanisms. Leaving just the synchronization traffic unencrypted in this way still counts as a security vulnerability of sorts, albeit a very minor one compared with the far greater risk of leaving all the traffic unencrypted. Conversely care must also be taken to ensure that latency requirements don't negatively impact security in the LTE network. For example, verification of protocol

(15)

negotiations to ensure that malicious traffic cannot insert itself into the packet stream during the handshake and connection set up are an important part of the way some operators want to build security into the LTE network. Operators that lack the ability or the right support to reduce latency elsewhere in the network may be tempted to cut corners with respect to the verification of these protocol negotiations, and hence leave the network needlessly exposed.

Besides encryption, the other enabling function provided by IPsec in the LTE backhaul consists of leveraging Internet Key Exchange v2 (IKEv2) and a Public Key Infrastructure (PKI) for authentication of eNodeBs to protect against so-called base station spoofing or man-in the middle attacks.

3GPP does allow an extension of the manually administered "shared-secret" model from 2G and 3G into LTE rather than leveraging IPsec for authentication. This consists of a field engineer manually entering a cryptographic key at each cell site in the initial setup process. But it's nevertheless increasingly clear to leading operators that with the rollout of LTE the manual shared secret model of base station authentication will no longer be fit for purpose.

 Manual inputting of shared secret keys into each eNodeB by an operative while preserving its secrecy is prone to human error.

 In the interests of security, shared secret keys should be changed regular-ly. Managing that program of key renewal manually without affecting operational stability, together with the necessary site visits to carry out changes, is also potentially expensive from an opex perspective.

 The introduction of public access small cells and machine-to-machine applications will result in an acceleration in the rate of deployment of end-points in the network. As a result, the operational challenges of a manual shared secret key model will become increasingly acute.

Going forward, eNodeB authentication based on IKEv2 can therefore expect to see greater adoption. Leading UTRAN vendors have also put significant develop-ment resources into automated certificate enrolldevelop-ment and certificate manage-ment through the use of Certificate Managemanage-ment Protocol (CMP) as recom-mended in the 3GPP specifications. These enable eNodeBs to be securely auto-configured and have their certificate managed over their lifetime.

(16)

Conclusion

People that use LTE almost always remark on how much better it is than 3G. This assures that wherever it is launched user demand for LTE is likely to match and then exceed demand for 3G a lot more quickly than might have been expected. Driving network efficiency to support increased volume and diversity of LTE traffic types while keeping tight control of costs will require a fundamental re-think in the way that network capacity and networking intelligence are architected and provisioned. Boundaries between network domains must become less rigid and more porous. Architectures and networking capabilities need to become less static and more dynamic. Provisioning needs to become less manual and more automated or self-organizing. Operators need a roadmap for incorporating the cost-saving and revenue generating potential of SDN into the backhaul network. In pursuit of these objectives, MPLS becomes an increasingly important protocol for enabling this transformation across the core and backhaul domains.

LTE also drives the need for a fundamentally different outlook in regard to end-to-end latency, synchronization and security throughout the backhaul, as well as across the network end-to-end. All in all, LTE necessarily triggers fundamental change in the backhaul network that needs to be planned for today.

Background to This Paper

About Juniper Networks

Juniper Networks is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Juniper Networks delivers the soft-ware, silicon and systems that transform the experience and economics of networking. Additional information can be found at www.juniper.net.

About NSN

Nokia Solutions and Networks (www.nsn.com) is the world's specialist in mobile broadband. From the first ever call on GSM, to the first call on LTE, we operate at the forefront of each generation of mobile technology. Our global experts invent the new capabilities our customers need in their networks. We provide the world's most efficient mobile networks, the intelligence to maximize the value of those networks, and the services to make it all work seamlessly. With headquarters in Espoo, Finland, we operate in more than 120 countries and had net sales of