Monday, December 28, 2015

Implementing VoLTE supplementary services with Radiator GBA/BSF

Generic Bootstrapping Architecture (GBA) is a technology that enables the authentication of a user. This authentication is possible if the user owns a valid identity on an HSS (Home Subscriber Server). GBA is standardised at the 3GPP. The user authentication is instantiated by a shared secret, for example, a SIM card inside the mobile phone and the other is on the HSS.

With GBA, it is possible to provide VoLTE Supplementary Services, for example, Call Forwarding in VoLTE. Call Forwarding is an example of use case that cannot be pre-configured for all the subscribers because users want to configure their own forwarding number. With Radiator GBA/BSF module, this is possible to done in your VoLTE network – without the need to drop the user from VoLTE to other network.

How this is done with Radiator?

One of our customers had a need for VoLTE Supplementary Services in their network, and as a part of product development, a new Radiator GBA/BSF module was introduced to meet their needs.

GBA_AP.png
One example architecture when using Radiator GBA/BSF module for VoLTE Supplementary Services


As it is shown in picture above, Radiator GBA/BSF module will work as a authentication proxy between the end-user UE and HSS. It will authenticate user requests, and also separate the authentication procedure and the Application Specific server (AS) specific application logic to different logical entities – such as VoLTE Supplementary Services.

After the authentication procedure has been completed, Radiator GBA/BSF module assumes the role of a reverse proxy, i.e. the AP forwards HTTP requests originating from the UE to the correct AS, and returns corresponding HTTP responses from the AS to the originating UE.

Need for VoLTE Supplementary Services in your own network?

In case you need VoLTE Supplementary Services, such as Call Forwarding, in your own network, please do not hesitate to contact our team at info(a)open.com.au. Our team of experts is happy to assist with your project.

Monday, December 7, 2015

Powered by Radiator: Verkkovieras.fi for simple and secure federated Wi-Fi authentication

Powered by Radiator: Verkkovieras.fi



This blog post is first one of the Powered by Radiator articles, where we and our agents or partners introduce products, services or solutions they have made using Radiator. If you have a product, service or solution you would like to introduce, please contact agents ( a t ) open.com.au for more information.

This time it's Arch Red's turn to introduce their cloud based authentication service -- verkkovieras.fi , Powered by Radiator.

verkkovieras.fi for simple and secure federated Wi-Fi authentication

David Bleasdale: security
Verkkovieras is a Finnish word, which means network guest. Verkkovieras.fi is Arch Red's cloud authentication service for organisation’s employee and guest network access control. The service also supports authentication roaming federations such as eduroam and roam.fi making the service an easy way to deploy and serve federated network access for employees, guests and partners.

We know that maintaining user databases and RADIUS servers for employee and guest access can be difficult, especially when there’s additional complexity such as federated roaming. With verkkovieras.fi we focused in building a service, which is easy to deploy and easy to use. We thought, designed, thought some more and improved our design to be as clean and clear as possible.

Easily deployed in any Wi-Fi network

To deploy verkkovieras.fi authenticaton service you only need RADIUS capable authenticated devices such as for example almost all Wi-Fi controllers and access points. The authenticating device, usually the Wi-Fi controller, needs to be able to communicate with our cloud based servers in Internet and that’s it -- only our server details and Wi-Fi networks need to be configured in the controller.

User account registration as easy as email


Employees manage their user accounts themselves by requesting them from WWW page and after simple email-www page confirmation they activate their email address based user account. Account’s username is their email address and password is randomly generated string. We wanted to make sure that the network password is secure and on the other hand create a separate user account for network access. This was to keep more important or sensitive passwords such as Active Directory or other service passwords separate and safe. This way the employee cannot undermine the security by changing password to less secure or more sensitive one.

Federated roaming with a flick of a switch


Roaming federations and federated user access is even simpler, just select which federations and to activate or deactivate it. Your employees or visiting roaming guests are then able to roam free within federations and networks with same profiles they use for network access in your home network.

Easy guest user access or traditional vouchers -- you choose

Howard Lake: Sainsburys Active Kids vouchers
For guest user access there are two options, a simple time-limited guest user account for automated access and possibility to create and print more traditional time-limited guest user accounts before hand. Automated access means that the user account can be integrated for example with WWW page based authentication to provide guest short Internet access with just a click of a button on the authentication page. The traditional guest user accounts can be used like vouchers, the username and password must be entered on the authentication page or system dialog to get the access to network.

All this as a cloud service, ready to be deployed today

verkkovieras.fi architecture

We packaged all this in a redundant Amazon cloud based service distributed across two geographical regions, where we handle the difficult details such as scaling, server certificates, EAP methods (EAP-PEAP, EAP-TTLS, EAP-PWD) leaving you as a customer time to focus to your business and core functions.

If you are interested, contact Arch Red sales ( sales <at> archred.com ) for more details.



Monday, November 30, 2015

Enhance your voice coverage and get back in control - doing VoWiFi with Radiator

Since Wi-Fi calling (VoWiFi) has been introduced into the market, operators are
increasing their indoor coverage overnight to provide better voice coverage to their subscribers and offer new voice models (both domestic and roaming). With new generation devices and automatic SIM authentication, end-users will never have to consider are they connected to LTE- or WiFi network.

Doing with seamless call transfer support between WiFi and VoLTE provides new opportunities for operators. For years, voice calls have been transmitted over Wi-Fi in the form of OTT applications such as Skype. The problem with OTT applications from an operator’s perspective is that the operator loses control and revenue. With VoWiFi voice calls and messaging work seamlessly for the end-user - and operator retains control.

Benefits for VoWiFi solution

For operator, several benefits are the same as for the end-user - for example better indoor coverage. Additional benefits come from getting the control back for the calls, making OTT players such as skype less important. WiFi is also low-cost solution to enhance voice service coverage and at the same time offload traffic from the core network. After all, VoWiFi is using sharing similar infrastructure as VoLTE.

For end-user, the benefits come from seamless voice and messaging solution between WiFi and LTE networks - provided that their smartphone will support the solution. At the same time WiFi calling will provide better indoor coverage as it will complement LTE network. Also, the operator can offer atttractive solutions that can for example minimise roaming charges when using VoWiFi.

How to do this with Radiator?





Radiator products provide the essential components for VoWifi authentication. Authentication is done with our Radiator SIM Pack that also includes 3GPP AAA Server - providing all the interfaces for 3GPP and non-3GPP authentication. When combined with Radiator Telco Pack Diameter support for policy control and authentication, your network will be ready for Wifi calling. Radiator integrates with all your evolved packet core and WiFi network elements via 3GPP interfaces.


Please contact our team at info(a)open.com.au - we are happy to provide you more information.

Monday, November 9, 2015

Using Radiator for Wi-Fi offloading: how to make savings in mobile packet core network

With Wi-Fi offloading, mobile operators can transfer traffic from their Evolved Packet Core network to Wi-Fi networks. One of the key reasons for this is cost savings - as an example from Radiator customer can demonstrate.Our customer has currently 50,000 public hotspots in their country - the best Wi-Fi coverage in the nation.

Hotspots in the country by operator

In order to get the most out of their Wi-Fi network, a solution was needed for automatic SIM authentication for mobile users. For this, our regional partner implemented a solution with Radiator SIM Pack for the customer. This enabled them to increase the network usage from 1 M usages  per month to over 70 million usages per month. A key component, in addition to Radiator SIM Pack, was iPhone Carrier Bundle with auto connect - that provides automatic authentication to the end-user.

After the initial surge, customer still sees growth of 13 % per month.

The current progress of WiFi Auto Connect usage
Because of the solution, customer is now offloading almost 600 TBytes of data from evolved mobile packet core (EPC) each month - and the amount is still growing. If cost of each GByte to the EPC is around USD $4, the customer is saving over USD $2M per month - and over $24M per year!

Amount of offloaded data by month

Interested in Wi-Fi offloading?

If you have interest in Radiator solutions for Wi-Fi offloading - please do not hesitate to contact our sales team at info@open.com.au

Thursday, October 29, 2015

Radiator version 4.16 released!

We are pleased to announce that Radiator version 4.16 is now released! As always, a new version contains a new set of features. We wish also thank all those active Radiator users who have given us feedback and ideas for new features.

Revision 4.16 includes among others:

  • Compatibility update for EAP-based TLS methods for clients that support TLS 1.2. Examples are the future Apple iOS and OS X releases and Android 6 Marshmallow.
  • Two important security fixes. OSC recommends all users to review OSC security advisory OSC-SEC-2015-02 
  • Radiator now supports new module AddressAllocator DHCPv6 for IPv6 address allocation and prefix delegation
Full history of revisions can also be found from Radiator website

Interested in Radiator?

Please contact our team at info(a)open.com.au for more info.

Friday, September 18, 2015

Radiator goes NFV

Network Functions Virtualization (NFV) is a network architecture concept that uses IT virtualization technologies to virtualize entire classes of network node functions into building blocks that may be connected or chained to create communication services. NFV provides opportunities to decrease costs because of use of generic hardware platforms and virtual machines within data centers. Another key issue with NFV is that you can do development more easily in your or your customers network.

For Radiator products NFV is a natural way to go. Just as Radiator is known as the “Swiss Army Knife of AAA Servers”, Radiator is also highly flexible and adjustable component in different NFV solutions. With our partners and customers, we constantly develop our products to meet the newest demands of telco industry - and have now made all Radiator key components NFV capable.

Radiator NFV benefits for operators

Typical NFV benefits for operators include high availability and performance for different needs. NFV also provides better scalability for both small and large networks and ensures better cost-effectiveness. 

With Radiator NFV solutions, you can also reduce time to market for your services to your customers. In our NFV solutions, like in all Radiator products, adjustability one of the key benefits that helps building your network. In many of our customer cases, business requirements and ideas turned into operational logic in a matter of hours - with NFV, this can be done even more efficiently. This is needed for example when you are developing new data plans in your network.

Radiator NFV benefits for integrators

Since all the Radiator products are NFV capable, you can use them as adjustable and scalable component when delivering NFV solutions to your customers. With the help of our consultants, Radiator can be used with products from multiple vendors. Radiator can be used also as an OEM component - as innovative and disruptive solution for your portfolio.

Interested?

If you are interested in Radiator NFV solutions, please contact our sales team at info(a)archred.com and keep in touch with our Radiator NFV solutions.

Thursday, August 20, 2015

SIM Authentication and Charging with Radiator - expand your data coverage with Wifi

In many cases operators and telcos have a need to expand their mobile data coverage with Wifi. In many cases, the main requirements common to many network service providers are:


  1. One authentication method need for both Wifi- and LTE-networks. This way the authentication and charging of clients would be easy no matter which network the client uses.
  2. Both mobile and laptop users need to have common charging and policy method


In addition to this, common requirement is to provide prepaid data plans for their clients. The clients must not exceed the prepaid plan, no matter which device they use or how they authenticate.


The solution - SIM Authentication, Policy and Charging control with Radiator.


Our solution for our customers behind this is Radiator EAP-AKA - a standard for authenticating wireless LAN access with SIM cards and the existing worldwide 3G/LTE mobile network. Support for EAP-AKA is now included in a number of smart phones, tablets and other devices. In addition to this, laptop users can use the same authentication service with username/password (PEAP) authentication.


In order to provide additional requirement for our customers, how to provide a prepaid data plan for their clients, we used another Radiator server with charging and policy functionality.


One of the perks include novel functionality for the end user when his data quota has been used. End user is not logged off from the network at any time - for example during the session when rest of the data quota is used. However, when end user tries to log on next time after the quota has been used, his network access speed is restricted only to support renewal of data plan.

This solution provides flexibility for data plans of end users - whether you want to provide them access based on data quota, time spent your network, or both.


Examples of different data plans for different customer needs - all can be done with Radiator


How we did it?


During the configuration process, our experts have been working side by side with customers' personnel, to provide support where needed. Together with our customers, mostly telcos, we have been creating solutions in which Wifi- and LTE-networks can be authenticated with single SIM. With this kind of solution, both the Wifi- and LTE-networks use the same data plan. Our expert team is happy to help you in this kind of configuration and integration projects - solutions can be done in various network vendor environments.

Same need in your own network?

The right solution for your needs is Radiator EAP-SIM Pack, Radiator Policy and Charging Support or combination of these two. Please contact our sales team info@open.com.au with your plans.

Thursday, July 16, 2015

Radiator version 4.15 released!

We are pleased to announce that Radiator version 4.15 is now released! As always, a new version contains a new set of features for even better Radiator performance. These include:

  • Support for Gossip when communicating next hop proxy failures between Radiator instances
  • Shared duplicate cache for a more simple server farm configuration 
  • Windows Event log support 
  • Custom format support for logs, authentication logs and accounting logs. CEF and JSON included
  • And many things more, please see Radiator revision history
Interested in Radiator?

Please contact our sales team at info(a)open.com.au

Monday, July 6, 2015

Announcement: Radiator certification testbed for easy Wi-Fi® authentication verification

Open System Consultant’s (OSC) Radiator is now available as “Radiator RADIUS virtual image for Wi-Fi Alliance® certification testbed”. With this testbed, the authorized test laboratories and vendors of user equipment can verify that their products support different authentication EAP methods - and gain Wi-Fi CERTIFIED™ status from Wi-Fi Alliance.

 The authentication methods in the testbed include EAP-TLS, EAP-TTLS, EAP-FAST, EAP-PEAP and, as new addition, EAP-pwd. The testbed is configured as a single virtual image that can be easily installed and includes all required test cases.

Radiator testbed has made this process easy. There is no need for time consuming configuration work when setting up the testbed. “We’re proud to provide this ready-to-use testbed for the benefit of the all Wi-Fi Alliance members”, says Sami Keski-Kasari, Head of Certification at OSC.

More info from our team at info(a)open.com.au


About Radiator and OSC: Open System Consultants (OSC) designs and develops innovative authentication software for internet service providers, telcos, enterprises and other organisations. OSC has customers in over 180 countries, including over 50% of top 25 mobile operators. OSC's flagship product, Radiator AAA server software is reliable, extensible, flexible, configurable and portable across any platform. It has been described as the "Swiss Army knife of RADIUS Servers". 

About Wi-Fi Alliance: Wi-Fi Alliance® is a global non-profit industry association – our members are the worldwide network of companies that brings you Wi-Fi®. The members of our collaboration forum come from across the Wi-Fi ecosystem and share a common vision of connecting everyone and everything, everywhere. Since 2000, the Wi-Fi CERTIFIED™ seal of approval designates products with proven interoperability, industry-standard security protections, and the latest technology. Wi-Fi Alliance has certified more than 25,000 products, delivering the best user experience and encouraging the expanded use of Wi-Fi products and services in new and established markets. Today, billions of Wi-Fi products carry a significant portion of the world’s data traffic in an ever-expanding variety of applications.

Wednesday, June 17, 2015

Radiator Interoperating with Hotel Management Systems

One of the widely seen use cases for Radiator is interoperating with different hotel property management systems (PMS). Radiator is used between the hotel’s PMS and the network equipment that controls internet access in hotel rooms. One of the commonly used systems is Micros Opera that is used by both independent hotels and hotel chains.

For Opera, we have implemented support in Radiator that is easy to deploy with your own team or with the help of our experts. When Radiator starts up, it will receive hotel customer information from Opera. This information is used for Wifi network authentication. The basic information received from Opera is name, room and customer id of the guest. When the hotel guests check in or check out, the information Radiator maintains is updated by Opera. Radiator support is not limited to Opera: it supports any PMS that provides a FIAS interface.

Many hotels require guests to log in with their name and room number. Radiator then gives access based on customer information it has received from Opera. This functionality is shown in the picture below.


In addition to simply offering unpoliced, complimentary internet access, Radiator provides you more advanced options for revenue generating services. Radiator can, for example, give policy instructions, such as the speed given to the customer - based on the price customer is willing to pay for the internet access. Also, Radiator can pass information to network equipment (such as Mikrotik controllers) about how long the customer can use the internet with their current login without having go through the login process again.

Same need in your own hotel or hotel chain?

If you need a smart and flexible internet access service for your business, just contact our sales team at info(a)open.com.au. Our experts at Open System Consultants can provide you with competitive service package suited just for your needs.

Tuesday, June 9, 2015

Radiator logging features - have a better understanding of your network

A proper logbook keeps the world in order. Photo by vxla.

As networks are the most business critical components of telco and ISP business, it is important to know what is happening on them. For this the network needs AAA and SIEM (Security information and event management) services. The SIEM services are often provided by different vendors with different requirements for message format. For example, some use CEF while the others can accept free format text. We are proud that Radiator already provides interoperability that our customers can rely on. We also welcome your requests for new features.

Radiator 4.14 introduces LogFormatHook that provides a new way to handle logs. The main use of LogFormatHook is to create Radiator logs in different formats such as JSON and CEF. After this the formatted log message can be transmitted to an external log server or SIEM system for further processing, visualisation and archiving. Examples of these servers and systems are Splunk, Elasticsearch and RSA enVision and Security Analytics.

Especially with SIEM systems this functionality provides Radiator users many opportunities for log analysis. The SIEM systems can process log data for forensic analysis, compliance, dashboards and alerting - everything you or your customers need to know about status of their network.

Considering updates to your logging configuration?

If you have a network environment that needs this kind of interoperability with their log or SIEM systems, please contact our sales team at info(a)open.com.au . Also, if you have questions about interoperability concerning Radiator or some other AAA server solution - we just may have a solution for you.

Monday, June 1, 2015

Improving Clustering Support in Radiator with Gossip Protocol

 Our Radiator is deployed in various operating environments, ranging from single server instances to large clusters, sometimes called server farms. Recently, we have developed Radiator support for Gossip protocol framework and Redis based Gossip implementation. The Gossip framework allows clustered Radiator instances to share information and event notifications. The instances can be standalone or part of a Radiator server farm.

One use case for the Gossip framework is co-ordinated detection of unreachable next hop proxies. Multiple Radiator instances can now signal next hop proxy unreachability and reachability information with Gossip messages. The instances may be part of server farm, completely separate processes running on the same or different hosts or any combination of thereof - depending on the customer’s network architecture.

Radiator 1 informs Radiator 2 via Gossip
This allows, for example, one server farm worker to run Status-Server queries when the FarmSize configuration parameter is set. When the member notices that the next hop has become unreachable, it can quickly alert the other members to immediately switch over to an alternate next hop. This provides a method to quickly recover from failures - and also switch back when the failure condition has been resolved.

In general, when the instances can share information, co-operating Radiator instances as a whole can function more efficiently and respond more quickly to configuration and other changes.

As our product development continues, we are planning to develop more clustering functionality to Radiator. Our aim is to provide even more performance to network environment with large amount of end users.

How can I use them as a Radiator customer

If you already use Radiator, see goodies/farmsize.cfg for a configuration example with shared duplicate cache and Gossip and Redis configuration. As our development work continues, more modules will be added and upgraded to use the Gossip framework.

If you are not yet a Radiator customer, please contact our sales team at sales(a)open.com.au with your question about. We are happy to help you with your issues.

Friday, May 22, 2015

Reduce the time to market of your products with Radiator

 
Photo by Egan Snow

Time to market is one of the key issues when you want to provide new services and products to your customers. When competition is though, new ideas should be easy implement in your customer’s operating environment.

One of the strengths of Radiator charging and policy pack is its flexibility in order to test and create new products. As a policy controller, Radiator is often much more flexible than many options on the market.

Flexibility for authentication or database testing

One example of this flexibility are the SIM cards that can be used to create and fully test new products.  In some of our projects, our customers have at first used the dedicated Radiator SIM cards (available freely from us) before switching over to the production environment. Piloting the customer experience for SIM authentication was made as realistic as it gets.

And it doesn't end here: in a similar way telcos or other operators can first test their new services, for example, new data plans, in a safe environment before going live.

Another example where flexibility comes in handy are the different types of databases. Since Radiator Policy charging and rules function (PCRF) and Online charging system (OCS) have been tested against sqlite, MySQL, PostgreSQL and Oracle SQL Database, it is possible for you or your customer to choose from different options that fit best to your needs and existing environments and the data within.

How to speed up your product and service development with Radiator?

Our team has gained experience with Radiator for different use cases over multiple years. We have wide experience of different kind of product solutions. When you are thinking about use cases, such as SIM authentication or policy and charging issues, please do not hesitate to contact our sales team at sales@open.com.au

Tuesday, May 19, 2015

Scaling and using Radiator in the cloud just became even easier


Infinite Lights, a photo by Jesus Solana (Creative Commons)
Infinite Lights, a photo by Jesus Solana (Creative Commons)


Radiator has long supported scaling with features such as server farm (FarmSize) and multiple load balancing algorithms. In the latest Radiator patches we introduce the first features in the series of new improvements aimed to make Radiator a perfect RADIUS/Diameter AAA component from private and telco clouds to public clouds such as Amazon.

As operators gradually move away from physical servers and appliances to architectures like telco clouds, network functions virtualisation (NFV) and software defined networking (SDN), the need for software components capable of scaling and communicating between each other increases. A modern AAA (authentication, authorisation, accounting) software component must have features for communication, organising cooperation (orchestration) and dynamic load balancing and that is where we started.

The current Radiator patches now include Gossip framework with an implementation built on top of Redis. Proxying and load balancing were enhanced to use Gossip for sharing information about next hop proxy reachability and unreachability. This provides fast detection and recovery from proxy failures for cooperating Radiator instances across several, even separate, servers. In addition to sharing information about network events, Gossip based duplicate cache is now available for server farm instances. This is, however, only the beginning. Moving towards Radiator 5.0, we are adding more features supporting new and future operator cloud functionalities. As always, patches will include these coming features first.

We fully recognise that we cannot do and figure out everything by ourselves and welcome your feedback. This helps us to continue developing Radiator to the component you want to use when building your services and products.


Interested in participating?


If you are an existing customer interested in these new features, please download the newest Radiator version and patches and try them. If you need help or want to give feedback, please use your existing support contract contact or send feedback via evaluation-support ( a ) open.com.au.

If you are interested in evaluating Radiator, please fill out our evaluation form and mention your interest in testing the cloud features. Our evaluation support team will contact you shortly.

Tuesday, May 12, 2015

Scalable customer data plan - customize with Radiator

Different customers have different needs. Photo by Jenny Downing (cc)
As different uses of data roaming are still expanding rapidly, telecommunications companies (telcos) and other operators need different ways to provide the best value to their customers. Price and the maximum data quota offered are not the best or the only ways to compete. Customer loyalty can be achieved with customized offers that make the customer feel that this service is provided just to him or her. Because of this, customers want to optimize their data roaming use with flexible pricing and a telco needs to address these demands.

Radiator can be used to create these kind of solutions with data plans - a monthly subscription to a service that delivers database content, real-time data, news or other information. For different kind of data plans, advanced policy and charging support is needed. In this blog Radiator is being used to create different kind of data plans for different kind of customers.

Different data plan settings for different customers

In the basic setup, the customer’s device interacts with operator’s border network gateway (BNG) - for example a router. The BNG interacts in it’s with Radiator Radius that gets customer’s data plan from operator’s other systems. This is how we have done things for our customers many times over.

However, there are more modern ways to do create data plans for customers. Another advantage that is gained with Radiator, is possibility for deep packet inspection (DPI). With DPI it is possible to create advanced data plans. Advanced data plans can for example include reserved quota for certain services (such as Spotify or others) that you can market to your customers. Another typical use for advanced data plans is dividing data quota between different SIMs - then the data can be divided between different members of family.

For telco or other service provider the advantage is scalability - differentiated data plans can be done with greater ease. See the picture below for the configuration that can be adjusted to your needs.

 
Same need in your own network?

The right solutions for you is Radiator Policy and Charging Support. Please contact our sales team sales ( a t ) open.com.au.

Friday, May 8, 2015

Radiator Connects - from Machine to Machine to the Internet of Things

Our customer, a telecommunication company, had a pressing need in their network. They needed to replace their outdated Radius solution with a new design that allowed their M2M (Machine-to-Machine) network to function automatically as a integrating solution between the network controlled devices and the operator’s network.

In addition to telcos, the same kind of solution can be provided for power companies, logistical companies and others who have a need for an IoT-solution where devices interact with each other. Devices can be either pre-provisioned in batches (such as contactless electricity meters) or they can be uploaded to the system one device at a time via the user portal operated by the company. The basic functionality is shown below.


 
In this kind of operating environment, it is essential that the Radius server used for authentication and provisioning is compatible with and able to adapt different systems and devices - some dated while back. You may have, for example, a need to use database of some specific vendor (Oracle etc) in the future as well. From Radius server you then need interoperability and flexibility - and Radiator can be easily integrated to your operating environment. 


Same need in your own network?

For this kind of configuration, the right solution for you is Radiator, possibly with Radiator EAP-SIM Pack  - with an IoT-solution it is often convenient to use SIM authentication. To complement Radiator capabilities, our team of Radiator experts, making it easy for you to just deploy Radiator as the solution or the replacement for less flexible system. Please contact our sales team sales@open.com.au,  when figuring out the best solution for your needs.

Wednesday, May 6, 2015

Preventing Bill Shock with Radiator

Photo by Thomas Fano
Unexpected bill shock - a huge bill accumulated from roaming - can be a nasty surprise for your customers. It is also one that can be avoided, bot in domestic and in global use. One of the most known use cases is based on EU roaming regulations.

When your client uses mobile phone in other EU countries to go online, there's a limit on what an operator can charge them. The limit is based on EU regulations. To protect the client against excessive data roaming bills, the monthly cost of downloaded data on mobile device is capped, worldwide, at €50, unless something else has been agreed on. Following the EU regulations, a warning is sent when the usage reaches 80 % of the quota.

In addition to EU regulations, a system for warning and limiting data use is needed for global roaming to ensure that your clients will not have a bill shock from their worldwide data usage.

With Radiator, we have already done these kind of solutions for our operator customers who have in turn provided it for their virtual operators. In this post, we will tell you how to do it.

How to use Radiator to prevent Bill Shock

The basic layout of operator infrastructure

Radiator keeps track on the data used by the customer. To do so, Radiator interacts with the billing system where the data plans and client information is stored.

Customer's SIM is used to lookup information about the customer’s current quota usage, data plan, phone number for SMS alerts and possible other information, such as custom limit for data usage. One data plan is typically used for most of the customers, another for enterprise customers and another for customers of a virtual operator.

The client’s updated quota is then stored in the database. When the quota limit is reached, an automated SMS message is sent to the customer. After each month, the data quota is reset in the database and the usage monitoring will start from the beginning.

Customers are happy when their roaming quota is monitored reliably, and operator does not have to allocate any resources to this task. 

What do you need?

The functionality can be done with Radiator Policy and Charging Support. Contact our sales team at sales (a.t) open.com.au.

Monday, January 26, 2015

What do Internet of Things and Industrial Internet mean?

The Internet of Things and Industrial Internet are generating a lot of buzz nowadays. Almost everything is marketed as a Internet of Things or Industrial Internet solution or somehow connected to without really describing exactly how. I wrote earlier in Arch Red's blog What Internet means for service providers, but in this Radiator Cookbook I will focus more on what is the Radiator AAA server software's relation to the Internet of Things and Industrial Internet and how you can start utilising Radiator as a part of future Internet of Things and Industrial Internet already now.

The point of Internet of Things or Industrial Internet can be abstracted like so many other things to the following familiar cycle: Measurement, Decision Making and Action.


In Internet of Things or Industrial Internet one objective is to try to monitor and measure everything from physical things to customer satisfaction and collect that data to be utilised in decision making. Decision Making of course relies on data visualisation, analysis, predictions like trends and so on. These decisions can be made manually, but one major point in Internet of Things or Industrial Internet is also automate everything, even decision making in cases where it is possible. Actually if we look at the chart above we can claim that this is not anything new, this is just automation and that is what Internet of Things and Industrial Internet mainly is -- just automation taken further and extended beyond its old borders now that we are able to measure more, store more data, make quicker analysis and decisions, as well as able to actualise the decisions by remote control and provisioning.

Radiator AAA server software can be used in every step of the cycle. Radiator can be used to collect more data from network infrastructure components, users, traffic amounts, capacity, sessions etc. In Decision Making Radiator can be used to combine data and policies from several sources to make automated intelligent decisions without having to go through manual process. This can be something like identifying badly behaving end nodes, limiting their resources or quarantining and separating them from other nodes. The data and the policies can be retrieved for example via LDAP, SQL, Diameter interfaces and orders can be communicated to network infrastructure via RADIUS and Diameter automatically. With the help of Radiator AAA server and RADIUS, Diameter and TACACS+ protocols the network infrastructure components can retrieve their updated configurations, policies and security authorisations automatically without having to do manual configuration for each network component separately.