Fire up your network! With MulteFire

February 17, 2016

Screen Shot 2016-02-17 at 11.58.55 AMRecently, SpiderCloud joined the MulteFire Alliance. MulteFire extends the benefits of LTE to unlicensed spectrum, with a simple, secure and seamless network architecture, offering services providers of all stripes – big and small – an alternative to Wi-Fi. At SpiderCloud, we are really excited about the possibilities of MulteFire and would like to share why.

Wireless technology for all service providers – big and small

Since MulteFire is based on LTE, it is a technology designed for wireless service providers. Broadly defined, a service provider is anyone who needs to provide wireless connectivity to its users. This includes not only today’s massive mobile network operators, but also malls that need to provide wireless access to shoppers, stadiums that need to make sure that fans have a fantastic experience, hospitals where guests want to connect, and IT departments of large corporations. All of them face the same challenge that big mobile operators face: How to provide robust high speed wireless connectivity? How to keep the network secure? How to ensure quality of service? How to manage the cost of delivering service per user? Basically, how to be a good, trusted service provider?

Why MulteFire is good for mobile network operators

Subscribers judge mobile network operators by the quality of their network (as can be seen by Verizon’s recent ads about network quality, and T-Mobile and Sprint’s spirited response!). Numerous studies show that 70-80% of mobile data usage is indoors. And case studies shared by many, (including SpiderCloud) demonstrate that – building indoor networks actually improves the quality of the outdoor experience.

We firmly believe that LTE small cells operating in licensed spectrum, supplemented by LTE-U/LAA, enable mobile operators to deliver the best possible indoor user experience. Major operators own 40-100 MHz of spectrum (sometimes more), and deploying small cells in licensed spectrum is the best way to guarantee quality of service.

However, deploying licensed spectrum small cells is not always possible. There are tens of thousands of buildings where it makes business sense for operators to share small cell infrastructure with each other. Further, many venues insist on shared wireless systems for space and aesthetics. This is where MulteFire comes in, allowing operators to share small cells, and potentially leverage neutral host providers.

MulteFire will also allow mobile operators to partner with enterprises to deploy mobile connectivity solutions. Over the years, SpiderCloud has met many enterprises that are willing to purchase affordably priced small cell systems that leverage their existing LAN. However, network departments of mobile operators are rarely eager to let enterprise IT own and operate small cells that may, if improperly used, degrade the macro network. By using unlicensed spectrum, MulteFire takes that concern away, and makes it easier for able and willing enterprises to invest in LTE small cells.

Creating new opportunities for wireline operators, large enterprises, retailers and sports venues

MulteFire also offers opportunities for those who want to offer wireless service, but do not own licensed spectrum. Today, the only choice for such service providers is Wi-Fi. Unfortunately, Wi-Fi comes with several limitations:

  1. Wi-Fi throughput degrades rapidly as the number of active users per access point exceeds approximately twenty – a big problem in dense venues.
  2. Wi-Fi network authentication methods remain fragmented. Captive portals still remain the most popular form of authentication, adding friction to on-boarding process.
  3. Wi-Fi does not offer a standardized end-to-end architecture. Service providers often have to buy end-to-end proprietary systems from Wi-Fi equipment suppliers.
  4. Wi-Fi is perceived to be free. As a result, service providers have little option but to collect and trade in end-user information.

MulteFire addresses most of Wi-Fi’s shortcomings. MulteFire APs will be able to support as many as 64-128 simultaneous active connections (like current generation LTE small cells do). Authentication will be seamless. End-to-end QoS and support for high-quality voice will be built in.

Since MulteFire will not be perceived as Wi-Fi, service providers will have the ability to experiment with new business models. For instance, since it will be relatively straightforward to integrate a MulteFire network with the LTE core networks of mobile operators, third-parties who build MulteFire networks, can act as “neutral hosts” and easily sell capacity to mobile operators.

SpiderCloud and MulteFire

SpiderCloud believes that distributed small cell technology (in contrast to centralized baseband units connected to remote radio heads) is the only viable way to implement any LTE technology that requires co-existence with Wi-Fi, whether it is LTE-U/LAA or MulteFire (supporting document). Each small cell should be able to independently pick the unlicensed channel that it uses, just like Wi-Fi systems do. Further, systems operating in unlicensed spectrum must decide within microseconds if a channel is available, inform other users of their intent to transmit, and then to use the channel.

Of course, the challenge with using distributed small cells in large high-density venues – where the greatest benefit of MulteFire will be – is small cell coordination. SpiderCloud E-RAN architecture has been solving this problem since 2011, and we look forward to extending the E-RAN architecture to MulteFire.

We look forward to offering systems to both mobile network operators and non-traditional service providers. SpiderCloud’s mobile operator customers will get a MulteFire system that integrates with their core network just like SpiderCloud’s licensed spectrum systems do. Non-traditional operators, particularly those who wish to partner with mobile operators as neutral hosts, will be able to use a scalable small cell system that mobile operators already trust. Both kinds of operators will be able to use SpiderCloud’s Mobile Edge Computing capabilities to offer value added services to subscribers, and deploy innovative business models.

– Amit Jain, Vice President of Marketing & Product Management

Blurring of the Lines of Networks (Enterprise Wi-Fi)

April 1, 2013

In a recent post, Blurring the Lines of Networks (Enterprise & Mobile), the enterprise’s trust boundary is proposed to move closer to the Data Center(s) as an enabler of adoption of mobile operator delivered network infrastructure and devices. To illustrate how moving the trust boundary can enable adoption, mobile operator delivered enterprise Wi-Fi will be explored.

Decomposing Enterprise Wi-Fi:

  • Enterprise Wi-Fi has traditionally been viewed as an authenticated SSID that grants you access to the internal network with two functional components of 802.1X authentication and transport access to the internal network (behind the firewall).
  • 802.1X authentication, via one of the EAP types, connects to an enterprise directory via RADIUS. This class of authentication is required to provide scalable authentication, logging, and ties identities to IP addresses for security and forensic purposes.
  • Transport access to internal network is just that, it’s the same internal network that the other computers in the enterprise use.

To illustrate the boundary diagram and the present situation, the simple drawing below will be used.

This is the model most widely deployed inside enterprise offices to allow an iPad to be attached to Wi-Fi as a full citizen and connect to business applications behind the firewall. This strategy assumes that the iPad (regardless of ownership: COPE or BYOD) is a managed part of the computing environment. If COPE is a new acronym to the reader, it’s philosophy and definition can be found at the EMF here.

For a mobile operator who wants to offer Wi-Fi as a Service, this approach subjects the operator to intense scrutiny about not only operating the Wi-Fi, but also data security. The enterprise will have concerns because the majority of the data traffic inside the network is unencrypted and the Wi-Fi attached devices, depending on network design, can have visibility to all other hosts and servers anywhere in the network and Data Center(s).

To illustrate the benefits of blurring the lines to the enterprise, the drawing below shows moving the trust boundary to the edge of the Data Center(s), and assuming the internal private networks are untrusted (like the Internet).

With this approach, the mobile operator’s Wi-Fi infrastructure can be easily joined to the enterprise because all managed devices use a remote access strategy where the devices behave the same at work, home, or coffee shop. The mobile operator doesn’t have an ability to see enterprise data, and 802.1X is reduced to a secure and scalable way to allow devices onto an enterprise network. Security and forensics teams will be happy because trust is not extended to the mobile operator and the RADIUS logs can still be saved and processed with processes developed for yesterday’s architecture.

How does this help Enterprise IT with the BYOD problem? 

  • It levels the playing field by keeping all mobile devices (laptop, tablet, or smartphone) on the outside of the Data Center(s) such that the BYOD problem space becomes a Mobile IT issue along with all company issued mobile devices.
  • IT has to solve for secure data and access, once, for all classes of devices.
  • Mobile devices behave consistently at work, home, or coffee shop.

For enterprise architects, consider extending this strategy to the wired network and desktop computers. The concerns of security people around hackers or employees with unknown machines and direct access to an enterprise Ethernet jack can also be mitigated.

Recommendation to Enterprise IT professionals (As a former Enterprise Infrastructure Architect for a global brand)

1. Move the trust boundary for Wi-Fi closer to the enterprise Data Center(s) with a long term solution that can address performance and capacity needs of your organization. There are a variety of technologies available that can solve for moving the trust boundary (contact me, if you’re interested in my candidates).

The opportunities exist for mobile operators to help address enterprise BYOD and mobility challenges for enterprise IT departments and cultivate value-added services beyond coverage and capacity in the Enterprise space — built upon strong customer relationships, and a proven technical foundation. Positive mindshare and perceptions in the eyes of the enterprise buyers will create invitations to future opportunities.

A new and more important role is emerging for mobile operators, where enterprise mobility and value-added IP services is part of the ‘package.’ Mobile is the heartbeat of any organization, and wireless is the digital oxygen that our devices breathe at home and on the road.

Innovation in mobile, and the increasing need for IT to deliver against more mobile requirements while reducing cost and complexities, and move items from the Capex side to the Opex side of the budget, is blurring the lines between mobile and Enterprise networks, and creating value on both sides.

– Art King, SpiderCloud Wireless, Director of Enterprise Services & Technologies

Twitter: @EMobilityInside
Visit our Enterprise IT site @