When migrating from 3G networks to 4G LTE networks, service providers face complex needs and challenges, such as the efficient use of spectrum to address the exponential growth of smartphone usage, enhanced real-time control to maximize ROI, and sophisticated security capabilities to protect the network from malicious high volume mobile users. Some of the world’s largest providers have resolved these challenges – all in a single device, with NIKSUN. Only NIKSUN’s NetMobility monitors multiple aspects of the LTE network with the industry’s most comprehensive network insight, including in-depth visibility to all end user activities, enabling operators to optimize critical spectrum utilization. NetMobility seamlessly integrates with NIKSUN’s uniquely powerful, highly scalable cybersecurity and network performance solution, combining real-time and deep forensic analytics to deliver unprecedented ROI.

LTE ChallengesPerformance: LTE/EPC and IMS introduce new models of Quality of Experience (QoE) to service providers. Traditional circuit switched networks guaranteed QoE by reserving bandwidth. Packet switching utilizes available resources more efficiently, but preserving high QoE levels becomes increasingly challenging. To maintain QoE levels, service providers have to diligently monitor and track several new key performance metrics, like SGW and eNodeB traffic rates, failed sessions and transactions, average setup and response times, etc. Under normal operating conditions, metrics that are consistently close to threshold limits indicate potential problems that should be mitigated, perhaps by adding capacity.

Security: The fact that the LTE/EPC and IMS infrastructure natively uses IP makes it a tempting target for attackers, both from the public Internet and from subscribers that use IP-enabled smart phones. Traditional 2G and 2.5G networks never had to contend with such threats. In addition to firewall and other traditional security devices, carriers need solutions that detect specialized attacks like IMS proxy bypass, denial of service, address spoofing, and theft of service. These security concerns are all addressed in NetMobility.

NIKSUN’s Holistic SolutionsNetMobility gives service providers an integrated holistic security and performance solution to deal with the increasing threats and challenges in the new 4G environment, while still addressing 3G legacy networks. Load statistics display network utilization in real-time. Performance metrics show how the system is responding to the load. Advanced security metrics go beyond just matching signatures on packets - they include detection of anomalous usage patterns and multi-step attacks. Analytics enable

NetMobility™Monitor Performance and Security in Next Generation Mobile Networks

Features & Benefits~~ Monitoring support for EPC:

S1-U, SGi, S1- MME, S11, S5, S8, S6a & IMS: Gm, Mw, Cx, Dx

~~ Monitoring support for CDMA 2000: A10, A11, A12

~~ Monitor load and performance of network entities - eNodeB, MME, SGW, P-CSCF, S-CSCF, HSS

~~ Network layer KPIs, such as handoff latency, call set up delay, bearer set up delay

~~ Service layer KPIs, such as top talkers, registration rates, failed sessions, handoff rates

~~ End user application and device profiling to study user behavior & traffic patterns

~~ Predefined and user configurable displays, alarms and reports for EPC and IMS

~~ Drill down from EPC and IMS sessions to packet level details in order to rapidly troubleshoot performance and security problems

~~ Deep Packet Inspection support for mobile applications

~~ Network forensics for application reconstruction

DAT

ASH

EET

Know the Unknown®

Monitor all LTE/EPC, IMS & CDMA2000 components and sessions in real-time

Send alarms when performance or security thresholds are breached

Analyze and correlate security events to track down each root cause

View summaries of all key performance and

security metrics

Observe usage trends and prepare for future

capacity growth

100 Nassau Park BlvdPrinceton • NJ 08540

USAt: +1.609.936.9999

toll free: +1.888.504.3336 f: +1.609.419.4260

info@niksun.comwww.niksun.com

About NIKSUN: NIKSUN is the recognized worldwide leader in making the Unknown Known. The company develops a highly scalable array of real-time and forensics-based cyber security and performance management solutions for large enterprises, government & intelligence agencies, service providers and financial services companies. NIKSUN’s award winning enterprise solutions deliver unprecedented flexibility and packet capture power. The company’s patented real-time analysis and recording technology is the industry’s most comprehensive solution for secure and reliable network infrastructure and services. NIKSUN, headquartered in Princeton, New Jersey, has sales offices and distributors throughout the US, Europe, the Mid East and Asia-Pacific. For more information, please visit www.niksun.com.NIKSUN, NetDetector and NetVCR are either registered trademarks or trademarks of NIKSUN, Inc. in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. NIKSUN, Inc. shall not be liable for damages of any kind for use of this information. Copyright© 2013 NIKSUN, Inc. All rights reserved. NK-DS-NM-0113-1.0

Technical InformationSupported interfaces/protocols: LTE/EPC: S1-U, S1-MME, S11, S5, S8, S6A, SGi, GTP IMS: Gm, Mw, Cx, Dx, RTP, SIP, DIAMETER; CDMA2000: A10, A11, A12, MIP, RADIUS, GRE

Compatibility: Standards from 3GPP, 3GPP2, IETF, ETSI

Base Software Models: NIKSUN NetVCR, NIKSUN NetDetector, NIKSUN NetBlackBox

operators to reduce infrastructure costs by eliminating malicious traffic based on configurable security parameters.

For example, an operator that notices a security or performance anomaly while watching a summary dashboard can analyze the situation further by drilling down - all the way to the packet level. All relevant packets are preserved to provide the necessary context for “post mortem” analysis. The operator can slice the collected data in different ways to easily see complex patterns or connections between events that are not initially apparent including related data and transaction flows at the LTE/EPC, IMS, TCP, and UDP layers.

All metrics are associated with alarms that can send notifications when a defined threshold is breached. Trend reports show how indicators change over a longer period of time, which is highly insightful for capacity planning. Comprehensive, customizable weekly or nightly reports provide management with critical information - right “out-of-the-box”.

Unique NetMobility CapabilitiesNetMobility offers two product modules for LTE service providers -- NetMobility-EPC and NetMobility-IMS. NetMobility-EPC shows the most used network elements, peak and mean setup delays, error rate distributions, etc. Alarms can be generated when the network load or the number of failures on an MME, SGW or eNodeB exceeds a pre-configured threshold. Blacklisted DNS sites can be uploaded and then reported on via proactive alerts. A drill down of the failed authentication by UEs provides the root cause for the failure. Network load data on a specific interface (for example, S1-U) facilitates capacity planning and load balancing. IMSI correlation provides the information for operators to hone their network based on user traffic.

For IMS based systems, NetMobility-IMS shows the peak rates of SIP methods (REGISTER, INVITE, etc.), the most heavily used network components (P-CSCF, S-CSCF, etc.), and identifies the most talkative users (IMs and INVITEs). It monitors rates of failed authentication and reports the corresponding NAIs. Excessive user registration alarms can be researched through ad hoc investigative methods to pinpoint the faulty network component or components that are causing network congestion.

Similar metrics are provided for CDMA2000 networks. NetMobility provides a summary of top applications, top domains, top NAIs, and other key statistics that provide a comprehensive view of CDMA2000 network activity in order to provide details on network loads, usage profiles, and other key performance metrics. Out-of the-box signaling views display metrics related to the A11 and A12 (RADIUS) interfaces for deep insight to activity in 3G cellular networks.