Here is my Publisher’s outlook from the December 2006 issue of IMS Magazine. Nortel has such a broad product line from the enterprise to the service provider market it isn’t always apparent they play in the IP multimedia subsystem place. As Bezille tells me, Nortel has been in this space for a while.
I had a chance recently to talk about Nortel’s IMS strategy with Eric Bezille, Nortel’s IMS product marketing manager for Europe and Asia.
“From our standpoint,” says Bezille, “IMS is an evolution for us rather than a brand new thing, given the fact that we are already involved in multiple technologies involving convergence such as SIP and we’re involved in all kinds of services on top of voice that serve the end user across many different contexts using different devices and working across different access networks.”
“So for us it’s really a matter of simplifying the end user’s life,” says Bezille, “and simplifying our customer the operator’s life, and also enriching their experience with innovative services. It sounds very ‘high-level’ but it’s really the cornerstone for a successful services delivery. I mean, we are not talking purely about technology, we are talking about a kind of architecture to be leveraged by operators to quickly launch new services and simplify and enrich the life of the subscribers, which is a guarantee for success.”
“So our strategy in IMS is really to make sure that what we have deployed already in the market based on Voice over IP will work okay in an IMS world,” says Bezille, “since we are Number One in the world in Voice-over-IP in various areas [Note: For example, Nortel ranked number one in the global markets for service provider softswitches and gateways for the entire year of 2004 and for the first quarter of 2005, according to Synergy Research Group.] So we have many IP-related things in the market already and running IMS services on top of that is one key strategy to evolve; another aspect is repeat customers who install newer equipment and who will be able to access IMS services as well. So I would say that our IMS strategy centers on evolution and interoperability.”
“The last piece of the puzzle is probably important as well.” says Bezille. “It’s the development and deployment of the Fixed-Mobile Convergence [FMC]. Sometimes people associate IMS with FMC and say, ‘This is the same thing,’ or whatever, but from our perspective, FMC is really a driver for IMS, since there already exists some fixed-mobile convergence deployments without IMS, right? So we believe that, from an operator perspective, having FMC plans and strategic plans actually convinces an operator to adopt IMS — instead of the other way around — since it offers some ‘convergence opportunities’ as we say, which are concrete plans for converging and offering services to an end user base across both wireless and wireline environments. So, for us, FMC has been a driver for IMS rather than the reverse.”
In France, Neuf Cegetel uses an IMS-ready Nortel solution (in particular the Multimedia Communication Server 5200, or MCS 5200, which integrates voice with video, collaboration, and presence services) to deliver TWIN, an affordable FMC service. The GSM/WiFi-based TWIN service enables a TWIN phone to connect over WiFi to a “Neuf box” or WiFi community access point at landline rates, which saves subscribers up to 30% on their mobile phone bills. TWIN also provides an 11 Mbps broadband Internet connection. Subscribers receive a single, consolidated bill. It’s expected that the TWIN service will be enthusiastically adopted for use at home or for working remotely with high-speed broadband Internet connections.
Instead of “IMS-ready” solutions, we’ll be seeing more full-blown IMS solutions as the MCS 5200 is supplanted by its evolutionary successor, the Application Server 5200 that provides select integrated voice, multimedia, and mobility services over SIP. It’s part of Nortel’s IMS-based Converged Mobility solution for such voice and multimedia services as personalized routing lists, corporate directories, meet-me conferencing, presence, calling picture delivery and network call logs — across cellular (3GPP/2 SIP), WLAN and other IP domains (IETF SIP), with compatibility with an IMS / MMD (Multimedia Domain) solution deployment. Nortel’s deployment solutions encompass both enterprise-owned services as well as carrier-hosted services for both consumers and enterprises.
“So, FMC services exist today and there is a strong evolution and growth that we see driving operators to deploy pre-IMS solutions and to evolve them into IMS as well,” says Bezille.
As IMS becomes a more important part of service provider networks it is crucial that security in IMS networks is as good as it can be. Achieving real security in IMS (IP Multimedia Subsystem) networks is very complicated and relies on passing secure data between network partners. I asked Eric Bezille about Nortel’s approach to managing security on IMS networks.
“There are different aspects of this,” said Bezille, “but the best aspect is the value of IMS providing a kind of separation between the control layer and the application layer. There is a definite benefit from IMS in the sense that it simplifies the way the network is organized. It also simplifies the way you manage security across the board because it is a standardized environment rather than having people managing applications any way they want, with all different kinds of protocols, user databases scattered everywhere, managing access security everywhere and having application downloads occur everywhere. With IMS you have an organized core network, an ordered way to manage user identification, authorization and application access. So in this sense, just having things standardized is helpful in terms of security.”
Bezille elaborates: “Therefore, our approach is first to accept the standards. It’s very important. We saw an initiative three years ago about converging things and easing access to call resources and so on. But the fact is that it was not really standardized across the board. It was not even standardized for one type of access, to be honest. Now you see that standardization is ongoing for the core network and not for one type access only but for multiple types of access. You have IMS 3GPP in wireless and you have TISPAN for fixed networks, but the TISPAN next-gen architecture incorporates IMS concepts but does not use them exclusively, so in a sense you can say that those different standards are converging. You see that as well in cable networks, where the standard is called PacketCable MultiMedia [PCMM]. This standard is also converging withTISPAN and IMS 3GPP. For the first time you see a real convergence in the standardization of these architectures, so one of Nortel’s main strategies is to provide standards compliancy and interoperability proof points.”
“Okay, you could say that this is all just marketing,: says Bezille, “but we sponsored and participated in the GMI 2006 [Global MultiService Forum Interoperability 2006] event, which conducts tests of multi-vendor interoperability to make sure they can achieve Fixed Mobile Convergence [FMC] and support the IMS service framework. With five Internet operators and multiple IMS vendors, it was the biggest IMS interoperability testing event for years, providing close to 100 different interoperability testing scenarios involving IMS applications, such as IMS with non-IMS users, IMS users on one network with IMS users from another network, It was very broad. Nortel actually funded a large part of it, and it involved Acme Packet, BT, Cisco, Empirix, ETRI, KT Technology Labs, NTT, Sonus, Verizon, Vodafone and others. But the point I’m making is that the first aspect of an IMS security strategy really involves standardization because that is a cornerstone for things being secured, talking the same language, respecting the same set of interfaces and the same mode of protection and security. So one important aspect of IMS is bringing a centralized way to authenticate and authorize end users.”
“From the HSS [Home Subscriber Server] you can really manage subscriber identity and make everyone is authenticated and authorized in the same way,” says Bezille. “At the same time it simplifies the end user’s life, but it’s also ensuring a higher level of security.”
That sounded good, since there could be concern about the actual security of being automatically logged on when a person moves from one device to the next.
I then asked Bezille how an equipment vendor could ensure security within the core network.
“There are different aspects of that,” says Bezille. “There’s a capability of going from one type of access to another, yet staying on the same call. So, you might first use your laptop and then the fixed phone or perhaps your cellular phone. These are not brand new scenarios for us, we doing that today, such as the Orange Business Together service that integrates your mobile phones into your office network. Our technology is such that business people can access a set of services from their laptop, but they can also access them from their mobile phone in a consistent way too. Or, when they receive a ring tone when they receive a call, for instance, they can get their devices to ring at the same time everything or to ring in sequence. People can program the way they want to be reached and the way the service should behave. But most importantly, all of their access is secured. For instance, one of the basic principles for security on 3GPP IMS allows for different levels of possibilities to authenticate the end user. You can do it with a sim card. You can also do it with a username and password, and so you can ensure security and the authentication across different devices and different forms of access.”
“For us it’s not that much of a debate because our expertise originated with our work in the enterprise space where IP’s already all over the place,” says Bezille. “We are coming with wirelineVoIP expertise where, again, the plateau has been very strong and we have grabbed a strong market share. So for us it’s more of, say, ‘Hey, with our VoIP experience and IP services know-how, we can propagate advanced services through converged networks, organize our own IMS solutions that can deal with wireless access, as well as wireline and cable’. So it’s not a matter of trying to extend mobile expertise into an IP world. We already have expertise, technology and very specific functionalities we have created and tested in theVoIP market. And we have devised some innovative functionalities in this domain relating to security. For instance, in theVoIP network we can already intelligently evolve both end users and the network. Say that they started with a non-secure network for some reason; our solutions have specific features where we can migrate the users and the whole network into a fully secure network without service interruption. It’s important to be able to evolve your customer and enable a smooth migration into a higher-level security architecture. There are some ways to maintain ease of use from the end user’s perspective, but at the same time to improve security and standards compliancy, such as using an IPsec-based VPN.”
I was curious as to whether this security solution is automatically implemented in newly-deployed IMS networks.
“It depends,” said Bezille. “IPsec normally yes, if your system is compliant. There’s a functionality we call Flex Mode which can be used to move some nodes or end users from non-secured behavior to secured behavior. This is a function of IT that we put in place on our own solutions.”
“Of course,there are some situations where network operators realize they need specific functionalities that are not yet offered and so they contribute to the standard for the next versions,” says Bezille. “So you’ll see an initiative like A-IMS [Advances to IMS], made by Verizon and a couple of other contributors, where they recommend a kind of improvement to the standards and one part of this improvement is linked to the security aspects of IMS. And you see some other initiatives from other vendors as well as many operators. So you can expect that the security aspect is evolving into the standard for IMS as well. Much of this security is not just linked to the core itself but is linked to the end user. Everyone must work hard to ensure that the end user, going from one type of access to another, still enjoys secure communications. Consider the multiple devices that can now be used by one user to connect to an IMS network. It increases the complexity and difficulty of network security and so on. But, having laptops and all kinds of devices trying to connect to the network is forces providers and enterprises to be much more careful with what they use and to determine if they are protected at the end user device as well. There are ways to assess VPNs and do security so we can ultimately have some policy enforcement for the end user device. We can have it accept and work with specific firewall software that we want to see on their device and so on. Technology originally used by enterprises to make sure that all their laptops were fully secure has led the way to service provider and enterprise solutions that allow for an additional level of control, security-wise, for various other end user devices.”