How a carrier-grade AAA optimizes the network

How a carrier-grade AAA optimizes the network

How a carrier-grade AAA optimizes the network

 

April 12, 2021

 

 

 

Introduction

Customer experience is the key differentiator for operators today, and while there are several other contributing factors such as automated support and digital engagement, one of the best ways to boost CX is by providing a superior network experience. Though often overlooked, successfully modernizing your network means recognizing the role of upgrading the AAA helps alleviate a host of challenges to boost network performance.

Key carrier-grade AAA features that optimize network performance

A modern and robust AAA and policy framework provides features that optimize network resource utilization and boost performance, even with dynamically changing traffic load. These include: 

High availability

A highly responsive AAA server with failover support helps maximize efficiency and ensure 99.999% availability for carrier-grade performance as the network grows.

Powerful scripting engine

A high-performing scripting engine ensures high performance and sub-millisecond latency, and enables operators to write and implement custom authentication and authorization rules in-house.

Noise management

AAA signaling noise is often produced on wireline networks by repeated authentication failures and errors. A robust AAA efficiently mitigates noise issues, instructing disturbing devices to take corrective measures, keeping network performance high. In addition, an intelligent system also enables service providers to easily identify and block malicious attempts to disturb or overburden the network.

Real-time policy control

A modern AAA lets service providers ensure zero revenue leakage, implement mid-session policy changes, deliver bandwidth on demand, and instantly communicate with customers.

Scalability

A stateless AAA stores sessions and data in a centralized database, ensuring that another AAA node takes over if one is down and enabling dynamic vertical as well as horizontal scaling without network downtime.

Rerouting and offloading traffic

A next-gen carrier-grade AAA enables service providers to alleviate network traffic by authenticating and authorizing mobile subscribers who connect from 3G, LTE, or 5G networks and seamlessly offloading them to services such as WiFi for calling or data sessions.

Emergency mode

The AAA can provide a fail-proof backup system to authenticate users if database connectivity is lost by automatically switching to emergency mode, helping prevent service disruption caused by single points of failure.

Automated service restoration

A AAA that enables rapid recovery from system failures or outages helps minimize strain on resources and optimize performance.

Web-based administrative portal

Operators can monitor and troubleshoot issues from a single interface. They can also automatically redirect customers to a self-care portal.

Interoperability

A carrier-grade AAA server that is interoperable with other networks lets operators deploy a multi-vendor network, not only lowering network costs but also boosting performance.

How Alepo AAA transformation optimizes networks

Ensuring a seamless migration is a major consideration for operators when undertaking a AAA transformation. Alepo provides a proven and scalable integration framework with provisioning support using API Gateway, ensuring a zero-downtime migration that does not impact existing integrations or IT systems. Alepo’s NFV-compliant AAA is stateless, enabling five-nines availability, and has an industry-leading benchmark of 36,000 transactions per second (TPS), supporting horizontal and vertical scaling. The highly stable system increases operational efficiency, with centralized monitoring to reduce on-ground staff dependence. Further, centralized configuration management minimizes errors by enabling operators to rapidly and easily configure changes across all AAA nodes. With automated workflows and web-based interfaces, Alepo’s carrier-grade AAA Server enables service providers to create, launch, deliver, and manage services within hours.

 

Begin your AAA transformation journey now: book a demo.

Gayatri Sarang

Gayatri Sarang

Lead Content and Engagement Specialist – Marketing

Gayatri is part of the content and communications brigade at Alepo. Having locked focus on the telecom domain in recent years, she has vast and diverse experience in writing for leading publications. She moonlights as a volunteer urban wildlife rehabber and is a passionate baker.

Subscribe to the Alepo Newsletter

How the AAA server ensures security in telecom networks

How the AAA server ensures security in telecom networks

How the AAA server ensures security in telecom networks

April 5, 2021

Introduction

In 2020, around 22 billion internet of things (IoT) connected devices were in use worldwide, a number that’s expected to reach 50 billion by 2030, according to Statista. As networks become more complex and vast, configuring and controlling access to ensure security in the absence of Authentication, Authorization, and Accounting (AAA) is virtually impossible. Put simply, AAA is one of the gatekeepers of the modern telecommunications network. And while we all know that it is integral to every network today, it deserves more credit than its usually given in ensuring the security of a modern network.

Device use continues to surge as 5G and the IoT ecosystem become more widespread. Plus, operators now offer more granular and contextual plans for different customers, as well as advanced billing and charging plans for an ever-increasing array of services. As the number of devices connected to a network as well as the services available to them proliferate, networks are more susceptible not only to accounting errors but also to security breaches and threats such as identity theft. AAA assumes a significant role in ensuring security for these dynamically changing network needs.

How AAA works

The AAA server does just as its name suggests: it authenticates or validates subscribers and their credentials, verifies what services and QoS each subscriber is authorized to access, and ensures proper accounting so that customers are accurately billed for the services they use.

Authentication

The first step in AAA security is Authentication. It serves as the first line of defense in protecting network resources against fraud and identity theft, employing multimodal authentication methods.

Whenever anyone tries to access the network, the job of the Authentication function is identifying whether they are meant to be granted access, and also ensuring that the user is in fact who they claim to be. It does so by ensuring the user enters valid credentials, such as username, password, biometrics, or any other security measures that have been implemented by the operator. These credentials are stored in the operator’s database, against which the Auth server verifies the input given by the user. This database is constantly updated and monitored by network and system administrators.

If the user’s credentials are valid, they are granted access. Those with fraudulent or erroneous credentials are denied access. All network use of verified users is monitored and logged for future reference.

Authorization

Once authenticated, the next step for the AAA is determining what policies apply to the user. These policies will govern the user’s authorization levels, defining what resources, services, and QoS the user can access.

AAA policies can be defined on a host of parameters, such as the time or day, the user’s location, how often they’ve logged in, how much bandwidth they’ve consumed, fair usage, and so on. These policies can also restrict certain actions, such as retrieving and/or changing passwords.

Accounting

The final step for the AAA server is to take stock of the network resources accessed by the user, such as data consumption and duration of their session.

These usage details serve two purposes. One, they ensure the user is accurately invoiced for their consumption. Another important aspect of accounting is to enable administrators to access audit logs to review how and by whom the network was accessed. This usage data is useful to gain valuable insights into customer behavior, usage patterns, and more. These business intelligence (BI) insights help operators create more contextual offerings and enable them to anticipate network use.

Benefits of AAA security

AAA offers a host of technical benefits for operators in implementing network security:

  • AAA forms a multi-layered security barrier to secure, measure, and monitor how the network is accessed and by whom, thwarting malicious attempts by cybercriminals to steal and misuse data.
  • As cases of data breaches such as identity theft continue to increase, telecom AAA assumes a vital role in strengthening a telco’s data assets by enabling sound practices in identity and access management.
  • With AAA, controlling access does not require a statically configured network, pre-defined connectivity modes, fixed or immovable systems, or even fixed IP addresses by enabling operators to secure the network using more granular techniques such as integrating user directories to provide access to specific groups of users. This dynamic approach is especially relevant given the growing number of devices accessing the network through various means.
  • It grants operators more control and flexibility in configuring network access, and also lets operators implement multiple standardized authentication methods.
  • It employs several back-up systems to ensure redundancy if one security server is down or there is excessive network congestion.
  • A centralized security database grants specific access to each user using their unique credentials, enabling easy and swift access termination for inactive or banned users.

How Alepo AAA can help mitigate network risks

Alepo’s modern and scalable AAA Server enables flexible configuration and control over how network resources are used. It provides failsafe systems to ensure that there are no lapses in security even during network outages.

The NFV- and 5G-compliant AAA overcomes the previous limitations of physical hardware. With its evolved architecture, Alepo’s future-proof virtualized AAA (vAAA) helps operators optimize infrastructural resources and ensure the network remains secure even when traffic increases. (Also read the whitepaper: The Evolution of AAA Infrastructure For NFVi Compliance.)

The stateless AAA stores sessions and application states in a centralized database, distributing the transaction load for faster response times while ensuring high levels of security.

The dual-stack AAA supports RADIUS and Diameter protocols for full convergence, enabling a single system to enable secure access to services across all networks (fixed, wireless, and mobile). This includes modern services such as IoT, WiFi calling and offload, and more.

With five-nines availability, Alepo AAA Server ensures network performance is always high while keeping the network safe from external security threats.

Alepo has regarded AAA as a crucial network function and has been at the forefront of AAA innovation from its inception. Today, Alepo AAA Server is at the heart of operations for some of the largest telcos in the world, with millions of subscribers benefiting from its capabilities. The cutting-edge solution is high-performance, self-healing, open (via REST and API gateway), and highly configurable, serving diverse use cases. Its AAA Transformation enables even large operators to seamlessly replace the core network functionality without impacting existing systems, ensuring transparent integration with other core components such as BSS and CRM.

Gayatri Sarang

Gayatri Sarang

Lead Content and Engagement Specialist – Marketing

Gayatri is part of the content and communications brigade at Alepo. Having locked focus on the telecom domain in recent years, she has vast and diverse experience in writing for leading publications. She moonlights as a volunteer urban wildlife rehabber and is a passionate baker.

Subscribe to the Alepo Newsletter

Eiasa enters high-speed FTTx market in Colombia using Alepo’s Broadband AAA

Eiasa enters high-speed FTTx market in Colombia using Alepo’s Broadband AAA

  • Called Megaya, the high-speed internet service has been launched in response to increasing demand for affordable high-quality internet services in Medellín
  • Alepo completed the deployment remotely, in partnership with system integrator Italtel, working around pandemic-related travel restrictions
  • Alepo’s solution, which includes its highly scalable AAA, DNS, and EMS, enabled Eiasa to introduce unlimited data plans, specific validity capped plans with email notifications, and more
  • Customers trying to access the network are redirected to the captive portal to purchase and renew their plans
  • The solution offers BI insights and data usage reports, enabling sound business decisions

Wednesday, March 31, 2021, Medellín, Colombia – Colombian energy company and ISP Energía Integral Andina SA (Eiasa) has introduced a high-speed internet service called Megaya to meet increasing demand in the city of Medellín. The greenfield fiber broadband network has been implemented using digital enablement solutions provider Alepo’s Broadband AAA solution, in partnership with local system integrator Italtel.

The deployment, which is partially funded by the government, provides high-quality FTTx services to underserved locations. Its affordable price point makes it especially beneficial to strata 1 and 2 populations.

As part of its standard-based solution, Alepo has deployed its AAA, DNS, and EMS to meet Eiasa’s requirements of a high-performance, reliable, hardware- and network-agnostic system. The AAA helped Eiasa introduce unlimited data plans with and without speed caps, as well as specific validity capped plans with email notifications to send customers expiration alerts. Customers trying to access the network are redirected to the captive portal to purchase and renew their plans.

Alepo’s AAA infrastructure is highly scalable, supporting Eiasa’s plans for future growth. It is geographically and locally redundant with disaster recovery to ensure high availability (99.999%). It grants full control over session speed and plans, enables advanced subscriber management, and lets Eiasa block forbidden sites. A high-performing scripting engine enables the service provider to write, implement, and run custom authentication and authorization rules in-house.

The zero-revenue-leakage system also provides BI insights and usage reports to help monitor subscriber data consumption patterns to enable Eiasa to make statistically sound business decisions.

Alepo remotely managed the entire deployment, including network configuration and all project-related communication, overcoming global travel restrictions in place due to the pandemic.

“There’s been a global shift to working from home and Medellín has been no exception to this digital evolution, considerably increasing demand for an affordable high-quality broadband network. With the launch of Megaya, we are already helping connect the unconnected and underserved with cost-effective high-speed high-QoS offerings. Alepo’s AAA offers us the flexibility to offer contextual plans and ensure customer satisfaction while maximizing ROI,” said Jeyfer Rojas, Director of Operations, Eiasa.

Juan Espinosa, Director LATAM Alepo, said, “Alepo’s AAA has enabled Eiasa to provide quality broadband services and help bridge the digital divide in Medellín. Its reporting capabilities will ensure that Eiasa is able to fully monetize the service. The scalable solution will ensure high QoS even as traffic load increases, enabling Eiasa to rapidly expand its broadband presence in Colombia.”

Myriam Ortega Angulo, Project Manager, Italtel, said, “Alepo has a rich track record in delivering innovative broadband solutions around the globe, and we are pleased to have partnered with them in helping Eiasa connect the unconnected in underserved markets in Medellín.”

Alepo has been a pioneer in building and developing AAA and virtualized AAA (vAAA) infrastructure for nearly two decades, with its solutions powering operations at several Tier-1 operators globally.

About Eiasa

Energía Integral Andina SA (Eiasa) is a technology integrator dedicated to the commercialization of energy equipment and industrial battery production, the development of engineering projects focused on electrical services, telecommunications, and civil works. Eiasa sets new standards of excellence and innovation in engineering services and solutions. The company has a presence in Colombia, Ecuador, Peru, Panama, the United States, and China. The launch of its high-speed internet service, Megaya, marks its foray into the fiber broadband market in Colombia.

For more information on Megaya, please visit https://megaya.com.co

For more information on Eiasa, please visit https://www.eiasa.com.co/

About Italtel

Italtel is a multinational information and communication technology company that combines the traditional positioning in networks and communications services with the ability to innovate and develop solutions and applications for digital transformation.

Italtel designs end-to-end solutions that address key issues for productivity and business success as well as for the evolution and simplification of network infrastructures.

Its know-how on cutting-edge technologies and the ability to innovate are the outcome of a constant commitment to industrial research projects at the European, national, and regional levels in the sectors of software, telecommunications, and IT.

For more information, please visit https://www.italtel.com/about/about-italtel/

About Alepo

Subscribe to the Alepo Newsletter

Alsard Fiber and Cellnet partner with Alepo for digital BSS and affiliate management

Alsard Fiber and Cellnet partner with Alepo for digital BSS and affiliate management

  • The project will benefit the two service providers’ ADSL, FTTH, WiFi broadband networks
  • Alepo will deploy a billing system with advanced security and automation features to stop existing revenue leaks
  • The billing system will include centralized affiliate management to streamline processes
  • Customers will have access to web and mobile self-care, reducing their dependence on physical stores and points of sale
  • The solution will also support Alsard Fiber in launching and monetizing public WiFi services, which it intends to introduce in the near future

Thursday, December 17, 2020, AUSTIN – Alsard Fiber and its subsidiary Cellnet are set to modernize their networks using a multi-tenant solution from digital enablement and revenue management software provider Alepo. The solution will include a centralized billing system with automated security features for zero revenue leakage, centralized affiliate management, and web and mobile self-care, as well as the capability to launch and monetize public WiFi services in the future.

Simplifying and streamlining the management of affiliates, Alepo’s digital BSS will benefit wholesale service provider Alsard Fiber’s growing list of broadband clients, which currently includes 15 affiliates and over 1,000 resellers. The same benefit will also be extended to its sister company Cellnet’s FTTH and ADSL resellers. While affiliates will enjoy a faster and more seamless digital experience, the service providers will be able to lower operational costs, improve revenue, and optimize resource utilization.

The two companies will be able to prevent revenue loss caused by erroneous billing through enhanced security features that their existing system is unable to provide. Alepo’s system offers increased security against hacking and eliminates manual data inputs to minimize errors.

Cellnet’s subscribers will have access to web and mobile self-care to recharge their accounts, change their plans, log complaints about any issues they face, and more.

Alepo will deploy its Digital Business Support System (BSS) with billing, CRM, affiliate management, and mobile and web self-care, as well as its scalable AAA application to enable the service providers top performance with growing subscriber counts and usage demands.

Alsard Fiber also plans to introduce public WiFi in the near future. Alepo is deploying its WiFi Service Management Platform (SMP) to launch and monetize these public hotspots with various paid and free use-cases such as bundled ISP packages and sponsored data with advertisements.

“We knew we needed to upgrade our system when we pinpointed certain discrepancies in billing that were causing revenue loss. Further, we currently maintain each of our affiliates in a different server. Alepo’s centralized billing system will ensure more secure and efficient processes and streamline affiliate management, helping us meet our true revenue potential. Alepo’s digital self-care platform will enable us to empower our customers with web and mobile options, so they no longer need to visit resellers or points of sale in person,” said Firya M. Ali, Chairman and Owner of Alsard and Cellnet.

Vishal Mathur, VP-Solution Integration, Alepo, said, “We’re pleased to partner with Alsard Fiber and Cellnet to help improve their network as they digitize their self-care to empower customers. From the network aspect, our solution is designed to iron out the existing system’s vulnerabilities and will result in improved revenue. The centralized platform will enable Alsard Fiber and Cellnet to streamline affiliate management, ensuring faster and more efficient processes that will lower operational costs.”

The project is underway and is expected to be complete within an accelerated timeframe.

About Alsard Fiber

Founded in 2007, Alsard Fiber is a leading wholesaler of IP services in all regions and provinces of Iraq. Working with leading IP providers in Europe and using fiber optic technology, Alsard Fiber delivers the highest possible quality of service. The IP from Europe is delivered via two separate redundant routes. Customers are offered a dedicated symmetrical bandwidth, not shared capacity. Alsard Fiber has a team of IT experts who provide 24/7 technical support. All Alsard Fiber’s customers can benefit from Dedicated Internet Access (DIA), Dedicated Redundant Line for backup purposes, 24/7 technical support, and no filtering, monitoring, or censorship.

For more information, please visit http://www.alsardfiber.com/

About Cellnet

Cellnet was founded in 2006 as the first commercial Internet Service Provider (ISP) in Iraq-North/Sulimanyah city. It played a major role in building internet infrastructure in Iraq/North, earning the company a reputation for providing fast and stable internet access and innovative solutions for their individual as well as corporate customers.

For more information, please visit http://cell-net.net/

 

About Alepo

Subscribe to the Alepo Newsletter

Telecom Vanuatu Limited begins network modernization with Alepo solutions

Telecom Vanuatu Limited begins network modernization with Alepo solutions

  • Alepo has upgraded the legacy system to its Digital BSS and the latest version of AAA for the operator’s fixed data services
  • The upgraded system supports offers based on fair usage policies, as well as happy hours enabling Telecom Vanuatu to implement free nighttime browsing
  • Telecom Vanuatu’s customers can now easily purchase data add-ons

Friday, October 16, 2020, Vanuatu – Telecom Vanuatu Limited (TVL) has begun modernizing its network using solutions by digital enablement firm Alepo, making significant improvements to its billing, charging, and authentication systems.

The modernization will be carried out in phases, through which TVL intends to digitize and automate its data service offerings on Alepo’s advanced platform. So far, the operator has upgraded from Alepo’s legacy business support systems (BSS) to its Digital BSS, as well as upgrading to the latest version of AAA, for its fixed data services.

The upgraded system supports fair usage policy offers and Telecom Vanuatu has implemented happy hours allowing free nighttime browsing. The operator has also introduced web support using Alepo’s Omnichannel Self-Care for its data-service customers. These customers can now easily purchase data add-ons.

“In our longstanding association with Alepo, they have always proven their reliability as a solutions provider. We were confident in their ability to rapidly deliver key requirements for this upgrade, and they have surpassed our expectations. We are equally excited about their systematic approach to fully digitize our service offerings,” said Thomas Bruce, CTO of TVL.

Vishal Mathur, Vice President – Solution Integration, Alepo, said, “We often recommend phased digitalization to our customers. First, we validate key use cases, allowing the customer to introduce new offers and build digital engagement channels. Then we perform a full transformation, providing advanced capabilities to automate all service offerings across the system.”

This modernization project adds to Alepo’s growing list of deployments in the Pacific Islands. The revenue management software provider has helped transform the telecommunications landscape for several nations in the region, including enabling the launch of LTE in three countries. In addition to digital BSS transformation, its key Pacific deployments extend to carrier WiFi, LTE enablement, data charging, and AAA transformation, among others.

About TVL

Telecom Vanuatu Limited (TVL) was created in 1978 and is Vanuatu’s first provider for landline, GSM, internet, and 4G+ (mobile internet).

TVL is the largest corporate contributor to Vanuatu’s national economy – since 2002, it has paid more than 1.8 billion vatus to the government in fees, charges and taxes. A World Bank study shows that telecommunication prices in Vanuatu are among the cheapest in the region.

TVL has fixed lines on four main islands; Efate, Santo, Malakula, and Tanna, and 85 percent of the population is covered by their mobile network.

For more information, visit tvl.vu

About Alepo

Subscribe to the Alepo Newsletter