Gateways - The Road to the All-IP Home
Multi-service home gateways light the path to a simpler life.
Service providers are moving toward the use of gateways, but the gateway model is still evolving, and there remain questions about the mix of features and functions gateways should have. That means extra thought has to be put into provisioning and maintaining gateways.
Subscribers have more options for getting service, and bypassing their cable operator entirely for over-the-top (OTT) content remains an option. Service providers are responding by evolving toward integrated all-IP networks that will allow them to more efficiently blend the highvalue content they currently distribute with access to OTT content.
Residential home gateways are a key part of the evolution toward an all-IP subscriber experience. This integrated approach will more reliably support the delivery of traditional home services, plus value-added applications such as IP video content, energy management and home security. By deploying home gateways now, MSOs will be able to generate new service revenues and reduce their operational and support costs. A key criterion for a successful evolution is their implementation of an associated device provisioning system.
But if multi-service home gateways are to become vital to the delivery of bundled services, there are challenges that MSOs must overcome in order to generate new revenue streams using these new devices:
- Provisioning, managing and troubleshooting home gateway devices is more complex than deploying traditional and individual CPE devices.
- MSOs will launch a variety of new and more complex types and classes of services, which will require more effective management and provisioning of services – and service levels – to embedded devices in the gateway.
- The home network demands a multifaceted and integrated approach to IP addressability and management for both IPv4 and IPv6 protocols.
- As residential gateways mature and more services are added, upgrades to deployed equipment will likely be frequent, making automated software/firmware upgrade management a top priority.
Given all of that, it is clear that the following best practices must be employed by MSOs to ensure the timely and automated rollout of IP residential home gateways:
- Flexible provisioning strategies for IP addressability
- Effective upgrade processes for deployed gateway devices
- Managing device and service-level security
- Robust and automated troubleshooting.
As MSOs expand from individually installed CPE devices to integrated multiservice gateways, they must adopt a single platform to centrally provision and manage multiple IP-enabled devices. This unified gateway will actually increase IP networking complexity, yet operational costs can be significantly curtailed when accompanied with automated device provisioning that incorporates IP address management. What’s more, MSOs will require deeper visibility into devices and services in the home, allowing them to more effectively provision, upgrade and troubleshoot new services.
Device provisioning must ensure that IP addresses are dynamically assigned based on the required quality of service (QoS) and class of service (CoS). Also, both private and public addresses must be assigned and managed. MSOs should adopt a flexible IP addressing methodology with their device provisioning system that encompasses both IPv4 and IPv6 addressing.
In order to deliver bundled services throughout the home, MSOs must have the ability to identify and manage all home network devices and elements. Depending on the service it provides - VoIP, IP video, ISP, home networking, etc. - each device and related service will have different QoS/CoS settings and address assignments. As a result, device provisioning systems must be able to define, provision and manage a varied array of QoS/CoS combinations for services offered.
Before assigning IP addresses, MSOs need to identify upfront the types of services they want to offer their subscribers and match those services to the appropriate bandwidth and service-level quality. Some services, such as the delivery of IP video, may require a big pipe and lots of speed, whereas other services – like home monitoring and security - will have lower bandwidth requirements. In relation, a myriad of device configuration files will need to be automatically constructed and downloaded to these IP addressable devices, a significant operational requirement for device provisioning to ensure deployment scale and flexibility.
EFFECTIVE UPGRADE PROCESSES
MSOs need systematic methods to upgrade their gateways. They may be based on specific services offered, identified regions, current firmware levels for a gateway, specific customers, etc.
Today, software/firmware upgrades are essentially a many-to-one process, requiring upgrade profiles for each individually deployed device. With the residential gateway, however, MSOs are faced with a far more complex many-tomany upgrade process. In this case, many different gateway upgrade profiles need to exist. Furthermore, many subtending devices behind the gateway may also need to be updated. The device provisioning system must also house the intelligence to know what subtending CPE devices should get updated.
To effectively position for the future, MSOs should look for gateways that can be dynamically and remotely upgraded in terms of onboard device software/firmware. Remote device provisioning must support a flexible upgrade program – done automatically by any combination of individual gateways – by network segment and on a network-wide basis. All upgrade configuration profiles should be readily managed via a device provisioning system and easily selected and assigned based on the upgrade methodology deployed. To achieve deployment scale, manual device upgrades must be replaced with automated procedures that are controlled and managed through a device provisioning system.
Home gateways are, by definition, designed to support many services. Some services are already defined, while others may still be in development. Due to competitive pressures and market demands, the programming of the devices for all services may not be completed when gateways are first shipped to customers. What’s more, all service testing may not be completely performed before the device is shipped. This means that MSOs need a way to remotely upgrade existing gateways and related devices without costly truck rolls.
MSOs have to manage the software and/or firmware upgrade process for the individual devices that are integrated in that gateway. Gateways on the network may need to be upgraded every time a new service is added. An MSO may find itself with a network with many integrated CPE devices at different revision levels. Some gateways and subtending CPE devices may not support certain services. Being able to identify what each gateway supports and what upgrades each may need is critical for effective device provisioning management.
Let’s take a look at possible best practices for managing the gateway upgrade process. Typically, a vendor will issue new software/firmware to address a new service offering. Under this scenario, MSOs will need to be able to search the device provisioning database to identify which customers are to be offered the service and which need to have this upgrade performed. Service readiness prior to customer orders being taken is paramount to ensuring the smooth and automated rollout of new services.
If the search results indicate a large number of devices (say, 10,000 or more), then the MSO may want to refine the upgrade to a specific region and/or perform rolling upgrades across different regions. In the case where a customer calls to complain about a specific problem, the customer service representative (CSR), via the device provisioning system, will be able to identify whether the firmware within the customer’s gateway or device has an older firmware version. If this is the case, the CSR would perform an on-demand firmware upgrade for that individual device.
The upgrade process is typically defined by the amount of devices to be upgraded. If it is small enough (and the definition of small can vary based on the operator’s capabilities), then a network-wide upgrade can be done at once. However, if it is larger, then the upgrade is refined based on the functionality required within the upgrade, as well as specific service or regional demands.
Theft of service – from external or internal hackers – is the greatest security threat faced by MSOs today. To justify the high cost of gateway devices, all application services and content must be delivered securely.
Typically, operators tend to focus on external threats, where there may be issues of certificate authentication between the device and the provisioning system. There are some basic methods MSOs use to protect against theft of service from snooping; for example, the wellknown HTTPS protocol is frequently used. Encryption of the device configuration file is another effective procedure to protect against theft of service.
More advanced internal security mechanisms may be considered that include user password authentication to access the provisioning system or restricted user access to only specific services or service regions. Automatic auditing can also tell who is doing what to the system. External security mechanisms include validation of the device-type request against paid service (or services) and dynamic encryption of the file name to thwart potential hacking.
Simple file transfer protocol via TFTP without encryption is probably the leastprotected security area, whereas HTTPS with encryption is probably the most complex. With complexity comes additional performance overhead for provisioning, not to mention re-provisioning in the case of a network-wide outage. Consequently, the device provisioning deployment needs to offer flexibility that accommodates different file transfer mechanisms.
A service-level agreement (SLA) typically involves a specific amount of planned and unplanned service downtime. Downtime can be caused by a lack of access to devices or elements within the network that support a specific service. Consequently, tight integration between the operations support system (OSS) and the device provisioning system is extremely important. It is the only way to ensure always-on reliability of the device and network elements and to troubleshoot problems, including upgrades, device connectivity/reachability and the occasional reboot of the system to reset devices when they hang.
Troubleshooting of home gateways is likely to be more complex than traditional troubleshooting of individually deployed CPE devices. This is because numerous devices are embedded in one master device. All subtending devices within the gateway box must talk to each other, as well as to other devices or elements on the network.
Basic troubleshooting may require looking at the network access element (e.g., the CMTS) to determine if the entire element has failed or if the customer-specific port is bad. In addition to troubleshooting the gateway by performing address verification (e.g., ping), the system should identify interface status, be able to upgrade firmware or reboot the gateway if necessary.
Troubleshooting service- and device-level problems must be resolved fast and in an automated fashion. From a device perspective, this means that any device on the network may ask for new addresses or a new configuration at any time. When customers call in problems, the customer and technical support must be able to isolate which device is causing the issue.
The ability to automatically troubleshoot the gateway’s configuration, while identifying the associated network elements involved in service delivery, is paramount to keeping services online. When customers call, customer service representatives cannot manually weed through the troubleshooting process while the customer is on the line. Instead, a device provisioning system should be used as a trusted source device and to provide service-level health and configuration data directly from the integrated multi-service home gateway. Technical/customer support systems that are directly integrated to device provisioning systems in this manner can dramatically speed the troubleshooting process, enabling issues to be isolated, and often resolved in near real time.
Advanced diagnostic procedures should also be considered by MSOs when assessing a device provisioning system. Some essential diagnostic triage could include: Has the service actually been fully delivered/provisioned? Is the device itself healthy and operating? Does the device have the latest firmware? Is it on the appropriate service level? Is it possible that the problem is not the fault of the box but of the network element? Are there connectivity problems with a certain device? Are there interface problems preventing the device from driving enough information to the network?
The device provisioning system is a key source of truth to answer these questions so that problem isolation and resolution is timely and accurate.
Once the initial triage is performed on the issue, the ability to quickly segment the problem to a specific element and/or customer-specific device is required. Network monitoring systems can identify the status of the elements and devices. However, the device provisioning system needs to identify the elements used to offer services to specific customers. In addition, the ability to troubleshoot problems – whether it’s a ping to identify network reachability, software/firmware updating to address a specific problem or rebooting – is an essential feature for the device provisioning system to have.
WHAT TO DO NOW?
Even though the rollout of residential home gateways is in its early stages for many MSOs, best practices for device provisioning are emerging that will enable the MSO to cost-effectively deploy the bundled services of today and the personalized services of tomorrow. Utilizing the best practices discussed above, forwardthinking MSOs can successfully launch, provision, manage and troubleshoot the integrated entertainment and communications services sought by their subscribers.
When launching home gateway initiatives, MSOs should keep the following best practices checklist in mind:
- MSOs’ OSS, service fulfillment and device provisioning systems must be integrated together with effective definition and mapping of QoS/CoS to provisioned services.
- All reservation, assignment and provisioning of IP addresses must be automated to ensure optimal operational scale and cost efficiency.
- Device provisioning systems and related best practices must support a dual track of both IPv4 and IPv6 addressability.
- To map, store and manage various options for software/firmware upgrades, a comprehensive list of residential gateway vendors and model types must be inventoried in a device provisioning system.
Network and technical support systems, as well as processes for serviceand device-level troubleshooting, should utilize a device provisioning system as an informative source of truth to effectively isolate and triage service degradation and outage scenarios.