490 likes | 773 Views
Broadband Internet Access solutions powered by Nomadix ™. Presentation outline. Who is Nomadix Solution Partners and Network Architectures Nomadix Features End User provisioning features Billing Features Authentication Features Standards Compliance Nomadix Product Portfolio
E N D
Presentation outline • Who is Nomadix • Solution Partners and Network Architectures • Nomadix Features • End User provisioning features • Billing Features • Authentication Features • Standards Compliance • Nomadix Product Portfolio • Reference Sites
Who is Nomadix ? • Nomadix is the leading global Subscriber Internet Gateway company. We manufacture dedicatednetworkingdevices using the Nomadix Network Service Engine (NSE). • Quickly and inexpensively get subscribers onto their networks without requiring client side software or reconfiguration of IP settings. • Generate more revenue per broadband connection through intelligent subscriber management and delivery of IP services. • Simplify their network infrastructure and maintenance costs. • Nomadix gateways are used in almost 4,000 sites worldwide, with installations in USA, Japan, Asia and Europe. Provide Plug and Play More Revenues At Lower Cost 4,000
Nomadix’s Value proposition Patents • Nomadix have several patents on public Broadband Internet provisioning, e.g. DAT and iNAT. These patents provide true ‘plug and play’ and support a complex of VPN links on a single hot-spot site. • Nomadix, as an active member of Wi-Fi Alliance, has been instrumental in the make of the WISPr (roaming) “best current practices for WISP roaming” and Wi-Fi Zone concept. • Nomadix established “license agreements” with leading industry partners, e.g. Proxim, Hughes Networks and Rockwell Collins for integration of NSE in application specific platforms. WISPr OEM
Nomadix’s Value proposition End user provisioning • Nomadix functionality offered through the Nomadix Internet Gateways cover a rich set of features in the following main areas: • End User provisioning • Authentication (UAM, 802.1x Smart Client, 802.1x UAM) • Security (VPN, EAP) • Billing interfaces for both a centralized AAA and for local AAA • Roaming • Through a range of solution partners, Nomadix fits well in a well designed end to end solution for carriers, ISPs and stand-alone sites. • AAA partners , e.g. Picopoint, Wificom • Roaming partners, e.g. Boingo, iPASS • HLR interface partners, e.g. Adjungo Networks Authentication Billing Roaming
Datacenter Billing Information Accounting WWW, Email Nomadix Public Access Gateway Authentication Network Architecture AAA partners Credit Card Clearing INTERNET Credit Card Server RADIUS Server External Web Server Firewall + IP Router Web Server Scratchcards SMS Etc.. Wireless LAN (Wi-Fi) and Ethernet payment Servers • All PCs accepted • - DHCP • Static IP address • Web proxy settings AAA partners Hotel Billing System
Network Setup(Ethernet Switch) Backbone PMS Nomadix Internet Gateway Ethernet Switch
Network Setup (xDSL) Backbone Nomadix Internet Gateway PMS USGTM DSLAM
Network Setup(Wireless LAN + Ethernet) Backbone PMS Nomadix Internet Gateway Ethernet Switch Room 101 Room 102 Room 103 Laptop Laptop Laptop 10BASE-T 10BASE-T 10BASE-T
End User Provisioning Features • Plug and Play • No client-side software installation / reconfiguration • Dynamic Address Translation (DAT)™ • For supporting users with: static IP Addresses, has a DHCP address from another subnet, going through public-private address translation • Transparent Proxy. For supporting Browsers configured for Proxy or private DNS Server that could be behind a firewall • VPN Support (PPTP and IPSEC) • Support End-to-End security, even when user’s address is being translated. • iNAT™ supports multiple VPN sessions going to same corporate VPN Access Server, even with limited number of public IP Addresses available. iNAT uses one public IP address for multiple sessions to different VPN Access Servers. • Multiple Language Support • Pre-defined login screen in Internal Web Server
Corp #1 user 1 Public IP Address #1 Corp #2 user 2 Public IP Address #2 Corp #1 user 3 End User Provisioning iNAT™ and VPN WLAN Hot-Spot AuthenticationServer Corporate Main Headquarter #1 Nomadix HSG-25 VPN Access Point VPN Firewall ADSL Router Plus Firewall WLAN AP AuthenticationServer Corporate Main Headquarter #2 VPN Access Point VPN Firewall • iNAT™ supports multiple VPN sessions going to same corporate VPN Access Server, • even with limited number of public IP Addresses available. iNAT uses one public IP address • for multiple sessions to different VPN Access Servers.
Multiple Subnet Support • Subnets and DHCP pools assigned • Location ID (e.g. via VLAN ID) • Nomadix RADIUS VSA (‘Subnet’) • Administratively assigned • Multiple DHCP pool and IP subnet support
Multiple Subnet Support (con’t) • Save costs by using non-contiguous public DHCP pools • Example: Provide Internet access to 1,000 DHCP users and only have non-contiguous Class C pools, you can now define these separate pools in the Nomadix Gateway • Use mixed pools (public/private) for varied network topologies and customer sets (residential vs. business) • Example: All residential users can get private IP address and be address translated, all business customers can get a public IP and not be address translated • Differentiate your customers depending on their location • Example: All users in one building can be placed in the same VLAN and provision all their IP address from a dedicated pool • Allocate different lease times to different users dependent on the peak usage patterns of the network • Keep all devices (e.g. Access Points) on a separate public subnet that will not get address translated
Service Selection Console Portal Page End User Provisioning Features • Captive Portal • Pre-Authentication Home Page Redirection (HPR) • Automatically redirect nomadic user to welcome page • Multi-portal / multi-Service Provider support • Post-Authentication Page Redirection (HPR) • Automatically redirect nomadic user to post welcome page • Multi-portal / multi-Service Provider support • IP filtering / access control • White List for free/allowed sites • Black List for blocked/restricted sites • Presenting services • Up-sell Bandwidth / Public IP address • Personalizing services
Billing Features 1 – Direct connection to Hotel PMS • Fully automated system, where the charge for HSIA is a line item on the hotel bill (= local hot-spot) • Shared revenue model possible through Billing Mirror • Incentive-based Pricing. This functionality offers the opportunity to provide price incentives to preferred customer groups 2 - Credit Card Payment • Fully automated system, where the charge for HSIA is deposited via Credit Card clearing house to the hot-spot site • Shared revenue model possible through Billing Mirror • Incentive-based Pricing. 3 - Connection to RADIUS Server • RADIUS server is connected to (existing) RADIUS billing system • Supports various ways to sell the service, Subscriptions (monthly fee, fees for usage), Pre-paid cards, Vouchers, etc. • XML Application Programmers Interface supported with all billing modules Mix of Billing Options is possible
WWW, Email Authentication Billing – Stand Alone INTERNET • lowest cost implementation • Nomadix Public Access Gateway • Internal Database pre-configured with a range UN/PW • Hotel sells vouchers with UN/PW • Guest Access for the duration of the stay • Optional: graphical web interface as welcome page Broadband Connection with a minimum of 2 public IP addresses Firewall + IP Router Wireless LAN (Wi-Fi) and Ethernet • All PCs accepted • - DHCP • Static IP address • Web proxy settings
WWW, Email Authentication Billing – Hotel PMS External Web Server INTERNET Web Server Broadband Connection with a minimum of 2 public IP addresses • Nomadix Public Access Gateway • Automatic connection to hotel property management system (PMS) like Micros Fidelio • Hotel offers “bill to my room” authentication and billing • Guest Access for the selected duration (e.g. 24 hrs or 1 hr) and selected bandwidth • Optional: graphical web interface as welcome page Firewall + IP Router Wireless LAN (Wi-Fi) and Ethernet • All PCs accepted • - DHCP • Static IP address • Web proxy settings Hotel Billing System
Credit Card Clearing broker WWW, Email Nomadix Public Access Gateway Authentication Billing – Credit Card AAA partners Credit Card Clearing INTERNET Credit Card Server Web Hosting Server Broadband Connection with a minimum of 2 public IP addresses External Web Server Firewall + IP Router Web Server • Nomadix Public Access Gateway • Automatic connection to Credit Card clearing house • Hotel offers “credit card” authentication and billing • Guest Access for the selected duration (e.g. 24 hrs or 1 hr) and selected bandwidth • Optional: graphical web interface as welcome page Wireless LAN (Wi-Fi) and Ethernet • All PCs accepted • - DHCP • Static IP address • Web proxy settings
WWW, Email Nomadix Public Access Gateway Authentication Billing – RADIUS AAA partners External Web Server INTERNET RADIUS Server Web Server Scratchcards SMS Mobile No. Broadband Connection with a minimum of 2 public IP addresses Firewall + IP Router payment Servers • Nomadix Public Access Gateway • Automatic connection to RADIUS server. External Billing S/W to offer various payment methods • Optional: graphical web interface as welcome page • Optional: WISP roaming Wireless LAN (Wi-Fi) and Ethernet • All PCs accepted • - DHCP • Static IP address • Web proxy settings
Billing Features - RADIUS • Vendor Specific Attributes (VSA) supported • Max. Bandwidth up / per user • Max. Bandwidth down / per user • Home Page Redirect (URL redirection) / per user • IP Upsell / per user • Subnet / user (to allocate a specific IP subnet to a user) • Time based Billing / per user • Time-Based Session Timeout : Allows the termination of a session per a specified time period allowing a service provider to introduce service plans that limit the session time • Volume based Billing/ per user • Volume-Based Session Timeout : Allows the termination of a session per a specified data volume allowing a service provider to introduce service plans that limit the data transfer volume
Port 1 Port 2 VLAN Switch Location Identification • Determines physical location (port) of subscriber • Enables: • Automated provisioning/billing based on location • Customization of portal page based on subscriber’s location • Could use: • 802.1Q VLAN tags • Integrated SNMP Manager • Custom SNMP MIB Queries • RFC 1493 Compliant Bridge MIB Queries
End User AuthenticationFeatures • Universal Access Method (UAM) • Web Browser Based initiated Authentication utilizing SSL • No special client-side software to install • Compatible with existing standard networking protocols and components (any Wi-Fi compliant NIC or AP) • IEEE 802.1x / Smart Clients and SIM Smart Client • Provides user with directory of approved hotspots • Could prevent against rogue AP’s • Automates authentication process for the user • Can automatically establish remote VPN tunnel (end-to-end IPSEC tunnel) • IEEE 802.1x / UAM • IETF EAP (Extensible Authentication Protocol) • End-to-end security association (support multiple EAP types such as MD5, TLS, TTLS, strong authentication tokens, etc.)
Service Selection Console Portal Page Login Page Nomadic or Mobile User Universal Access Method (UAM): User Experience 2) Opening Browser automatically presents “Captive Portal Page” with local content/services 3) User can authenticate (login) at hotspot via any Internet Browser (utilizing SSL) 1) User associates with “open mode” Access Point at hotspot 4) User gets profile-driven, personalized Internet access 5) User gets automatically redirected to their Internet Start Page Public Access Control Gateway
HomeVPN Server Remote VPN Client –GatewayAccess Protocol UAM SSL-based RADIUSAuth & Acctg Smart Client 802.1x Smart Client Authentication • User Steps: • Start Smart Client 2) Select access type and find locations using phonebook 3) Click “Connect” to automatically login to Network 4) Remote VPN (IPSEC tunnel) may automatically load to their corporation Auth/BillingServer & Services Public Access Control Gateway Access Point
802.1x / UAM Authentication • IEEE 802.1x = Port-Based Network Access Control • Uses EAP = Extensible Authentication Protocol (Advanced Security) • Driven by 802.11, overcomes security (WEP key mgmt) issues, but can be used in Ethernet • Official Standard as of Q2, 2001 • 1x clients and enabled APs coming to market (currently focused on Enterprise) • Can be used with: • MD5 (hashed Username and Password), Certificates (TLS, TTLS), Strong Authentication Tokens (Vasco DigiPass), etc. EAP EAP Hotspot Auth Server RADIUS 802.1x Home Auth.Server 802.1x Client (Supplicant)
Multi-Service Provider Support • Wi-Fi Zone support • Nomadix is fully Wi-Fi Zone compliant • Nomadix supports a multi-service provider (ISP) model through extensive set of roaming features • Portal page / Service provider support • Nomadix supports pre-authentication Home page redirect (HPR) and post-authentication HPR. • 802.1x UAM and 802.1x Smart Clients could provide a 3rd party ISP specific user experience
Billing Roaming Revenue IPSEC or PPTP VPN Login as Nomad@HomeEntity.com Cell 2 Wireless Access Point Multi-Service Provider support MobileGate Server + AAA ROAMing Server Optional Roaming Intermediary Broker or Settlement Services Mobile Operator Hotspot Operator’s Network Operations Center Billing Relationship Global Roaming AAAServices Network Roaming RADIUS NETwork Server Corp. Enterprise Home Entity (such as User’s Corporation or Service Provider) VPN / AAAServer AAA / RADIUS Proxy Server Firewall & VPN Server NomadicUser Hotspot 2 Hotspot 1 Cell 1 Cell 2 Cell 1 Wireless Access Point Wireless Access Point Wireless Access Point
Welcome Page #1 Welcome Page #2 Welcome Page #3 Multi-portal / multi-Service Provider support PC #1 Launch iPass Smart Client: Ipass/Hstevens@nomadix.com Proxy Auth/BillingServer & Services PC #2 Start 802.1x Authentication: Hstevens@vodafone.com Public Access Control Gateway PC #3 Web browser (UAM) Username : Hstevens Password : xxxxxxx iPASS Auth/Billing+ Web Server & Services Vodafone Auth/Billing+ Web Server & Services
NomadixStandards Compliance • Nomadix is fully network agnostic, i.e. is successfully tested against major network equipment suppliers like Cisco, Avaya, Proxim, Symbol, Intel, 3COM, etc.. • Nomadix supports both wired (Ethernet) and Wireless (802.11a, 802.11b, 802.11g, Bluetooth) access • Nomadix supports Security Standards like 802.1x , SSL, IPsec and PPTP for VPN • Nomadix supports RADIUS standard • Nomadix supports XML application programmers interface • European CE and Safety Standards compliance
Today’s Business Travelers want Broadband Access Market Statistics
Market Statistics • Market Research shows: • 70% of business travelers carry laptops • 68% expressed interest in Internet access in hotels, on planes and in airports • Customers value higher productivity and better, faster connections Quote: "As an investor, I focus on cost per bit," says Chris Brookfield, general partner with Northwest Venture Associates. "In wireless LANs, it is incredibly inexpensive to move data, compared with other wireless technologies like [Cellular Digital Packet Data], [General Packet Radio Service] and 3G."
Market Opportunity-1 Hotels and Conference Centers • Business Traveler on the road wants to connect his Notebook PC to the Internet and download e-mails, fast and without hassle. • Does not want to reconfigure his/her Notebook PC • Needs a fast connection to reduce time loading large attachments • Hotels want to make money, and maintain many happy guests • Hotel needs to offer a value-package to business travelers, i.e. offer fast internet connections in both the conference center and hotel rooms • Prevent cost to deploy the value-package, i.e. no need to set-up help-desk, or hire IT manager to help configure PCs
Market Opportunity -2 Wireless Hot-Spots • Business Traveler in Wireless Hot-Spots (e.g. an Airport) wants to efficiently use his wait time to connect his laptop PC to the Internet and download e-mails, fast and without hassle. • Does not want to reconfigure his/her Notebook PC • Needs a fast connection to reduce time loading large attachments • Airports want to make money and keep passengers happy • Airports need to offer a value-package to business travelers, i.e. offer fast internet connections in both airline lounges and passengers areas • Prevent cost to deploy the value-package, i.e. no need to set-up help-desk, or to hire IT manager to help configure PCs
Market Opportunity -3 Residential Users • Residential users that are connected through either wired (xDSL, CATV) or Wireless (IEEE 802.l1b, LMDS) to ISPs in small communities and apartment complexes. • Needs an easy way to log-on, i.e. no client software, and does not want to re-configure their (Notebook) PC • Needs fast connection and dynamic bandwidth selection service plan • ISPs want to make money and sign on as many happy subscribers, at zero incremental cost, as possible • ISP’s need to offer a value-package to residential users, i.e. fast internet connections • Prevent cost to deploy the value-package, i.e. no need to set-up help-desk, or send out support people to help configure PCs
Pre-connection Initial Connection On-line connection Advertisement, e-Commerce and info display revenues as offered through Walled garden. Subscriber revenue and /or time-based revenue, Conference Center service plan, Meeting Room Scheduler (MRS) IP Up-sell (public IP address), Self-service plans, advertisements and info display through ICC How to make €€€ Hotels, Conference Centers, Airports and Airlines A San Jose hotel made 250 K$ revenues from Nomadix USG in their Conference Center in yr 2000
Market Opportunity -4 Universities and Schools • Students on University Campus and Dormitories want to connect PC’s to the Internet and download e-mails, fast and without hassle. • Does not want to reconfigure his/her (Notebook) PC • Needs fast connection to reduce time downloading large attachments • Universities want to facilitate network access, however prevent un-authorized access to the University Network • Universities need to offer an access-package to students, visitors and staff, i.e. offer fast internet connections in and around the campus • Be able to facilitate access for many students in a very short time • Prevent cost to deploy the access-package, i.e. no need to set-up help-desks, or to hire IT managers to help configure PCs • Increase Network Access security
Market Opportunity -5 • Enterprise Roaming staff (Nomadic employees) and visitors create challenges for the Enterprise network administrator • Nomadix can solve these issues: • Increased security concerns • Allow visitors to access pre-determined network resources, depending on their access level. • Mobility management • Roaming between subnets is an issue as users cannot connect automatically • Traffic shaping • Profile-driven bandwidth allocation is key
Enterprise Application Examples Head Office (e.g. Consulting firm ABC) Client Office (e.g. Company XYZ) • Professional Services Company (Nomadic employees) • Meeting Room/Lobby (“Enterprise Hot Spot”) Network setup: DHCP, no proxy, Universal Subscriber Gateway Network setup: Static IP (e.g. 192.168.x.x) HTTP Proxy Random Office (e.g. Company XYZ) VIP • Web-based presentations • Real-time inventory checks • Email synchronization • Corporate File Retrieval (VPN) Customer Various PC configurations Supplier
Standard features Plug and Play Home Page Redirect pre-Authen. Home Page Redirect post-Authen. Walled Garden Standard Mgmt. Language Support SNMP Support Multi-Level Admin Access Control List Bridge Mode CMS enabled support Internal Web Server External Web Server Intf. Billing Mirror XML - API Optional features Radius client Interface Credit Card interface PMS interface SSL Support iPASS smart client 802.1x IPSec Port Location Self Service Console Bandwidth Management IP Up-sell Proxy ARP URL Filtering iNAT Multi-Subnet Support Features List USG / HSG
EUROPE: Hilton Antwerp (Belgium) 71 Nyhavn Hotel (Denmark) Copenhagen Strand (Denmark) Grand Hotel (Denmark) Phoenix Hotel (Denmark) Torve Hallerne Hotel (Denmark) West-Inn (Denmark) Hotel Avion, Helsinki (Finland) Hotel Haikon Kartano, Porvoo (Finland) Hotel Krapihovi, Tuusula (Finland) Hotel Musta Kissa, Lahti (Finland) Ikaalisten Kylpylä, Ikaalinen (Finland) Millennium Hotel Stuttgart (Germany) Hotel Kurfuerstendamm 101 (Germany) Ritz Hotel (Spain) NH Hotels (Spain) And many more……. Hotel reference List - Europeall use the Nomadix solution EUROPE: • NH / Golden Tulip FiGi (Holland) • Van der Valk-Assen & Vianen (Holland) • Hotel Du Lac (Italy) • Conf. Center and Hotel Affi (Italy) • HolidayInn & Crowne Plaza (Italy) • Sunborn Yacht Hotel (UK) • Chelsea Village Hotel London (UK) • Great Eastern Hotels (UK) Middle East & Africa: • Sheraton – Amman (Jordan) • Four Seasons – Amman (Jordan) • Four-seasons – Cairo (Egypt) • Hilton – Cairo (Egypt) • Meridian – Cairo (Egypt) • Four seasons – Riyadh (Saudi Arabia)
Reference List - Europeall use the Nomadix solution EUROPE - Events: • Cannes Film festival ’02 in France • Foire de International Luxembourg • Dorn Birner Messe (Austria) • Norges Varemesse(Norway) • Munich Messe (Germany) EUROPE - Airports: • Oslo Airport (Norway) • Schiphol Airport (Amsterdam) • Koln/Bonn Airport (Germany) • Birmingham Airport (UK) EUROPE - Universities: • Warrick Univerisity – UK • Uni Erlangen, Germany • TU Wien, Austria • Uni Leipzig, Germany • Universität Köln, Germany EUROPE – WISPs / Hotel solution providers: • Aervik (the Netherlands) • WinQ (the Netherlands) • Attingo (the Netherlands) • MyCall (the Netherlands) • HubHob (the Netherlands) • Kubi Wireless (Spain) • Inntouch (UK) • Liberty SNL (UK) • Swisscom Europort (UK) • X2.internet (Germany) • Teleport (Austria) • HiPort (Italy) • Menacom (Egypt) • Wi-TEL (South Africa)
Summary Nomadix is the global leading Internet Gateway supplier that addresses the various market segments: • Public Visitor Based Networks • Multi-Tenant Units • Private Visitor Based Networks. THANK YOU !