How ‘The Right AAA’ Can Conquer Network Complexities for Operators


By Zia Askari

At a time when telecom operators and communication service providers are coping with a number of challenges including creation and management of a number of policies and auditing processes – incorporating the right Authentication, Authorization, and Accounting (AAA) tools can conquer network complexities for the operator community and help in creation of a profitable platform for them.

According to Johan Terve, VP Marketing, Aptilo Networks, the AAA is really the component that makes the network into a usable and billable service. It’s all about control really. Controlling the user access, controlling the user experience and controlling the billing of the user.


“The AAA has its given place in fixed, Wi-Fi and CDMA networks using the RADIUS protocol, but in 3GPP (GSM and LTE) there have been other nodes taking care of the typical AAA functions using the Diameter protocol. The authentication is handled by the HLR/HSS, the authorization by the PCRF and the accounting is a cooperation between the packet gateways / DPI and the online / offline charging systems. Driven by Wi-Fi Offload and Wi-Fi Calling, the 3GPP standard has come up with a so-called 3GPP AAA to take care of an automatic and seamless authentication and authorization of users coming in to the mobile core via Wi-Fi access. The 3GPP AAA is designed for these specific use cases. The Aptilo Service Management Platform™ (SMP) can act as a standalone 3GPP AAA, but what we have found is that operators often need functions that go beyond this,” he explains.

Expressing her views on AAA Siobhan Ryley, Director, Product Marketing, CSG International, says that AAA has evolved from the days of dial-in to the innovation of smartphones, with Diameter supplanting Radius in the protocol stakes. Diameter is, after all, bidirectional, secure, very efficient, extremely reliable and highly available. It is also backwardly compatible with Radius. For these reasons, Diameter has almost exclusively been chosen as the AAA protocol in all next generation fixed and mobile IP-based networks, via 3GPP’s IMS standards. But as we see convergence between networks and access types, and given that 3GPP is still very mobile-centric, our view is that Radius’ broader integration options will continue to be important. This is also the case with the latest Wi-Fi standards, where AAA is a key component.


“As networks evolved, effective policy control through the deployment of Diameter or Radius-based signaling became essential to guarantee cost-effective and efficient delivery of data services, and to manage and minimize risk from increasing traffic. Having developed efficient delivery mechanisms, operators then turned to addressing customer satisfaction. Policy 2.0 – the tight integration of policy and charging – was needed. Coupling charging with policy management is a fundamental business enabler, as it allows CSPs to both control and monetize subscribers’ use of data services. Once coupled, the ability to access common product and service definitions helps to streamline time-to-market and enables a single holistic and intimate view of the subscriber, including their service entitlements, location, device type and usage behavior,” she adds on.

Speaking about the importance of AAA, Vani Manian, Director of Technical Sales, Alepo Technologies says that Carrier-grade AAA infrastructure is a cornerstone of wireless and fixed broadband networks. AAA functions as an important service and policy control framework, enabling service providers to control how their subscribers access and consume data services over Wi-Fi, ADSL, and other IP-based broadband networks. In this area, AAA touches a number of areas within the core network and back office, from security to provisioning to billing and – very importantly – the customer experience.

“While the core functions of AAA have remained, for the most part, unchanged since its inception in dialup and, later in DSL internet networks over a decade ago, today’s rapid growth in subscriber numbers and data usage, not to mention new customer expectations, has placed new demands on the AAA infrastructure, not only in terms of network capacity and performance, but also in the creation and delivery of innovative, differentiated services that heighten the customer experience.


Today, carrier-grade AAA infrastructure is helping operators to deliver a more holistic customer experience by enabling such use cases as multi-play services, prepaid data plans, fixed-mobile convergence, Wi-Fi offload, real-time notifications, and more. In short, the recent advancements in AAA give operators much more flexibility and functionality to innovate their data offerings and experiences,” she explains.

Alepo participated at the recently held CommunicAsia 2015 in Singapore, where the company showcased its latest product offerings including the AAA solutions to its potential customers.

Talking about the importance of AAA, Dhaval Vora, VP, Product Management, Elitecore Technologies says that AAA server plays an important function in the operator core network for authentication, authorization and accounting, however with the advancement of technologies, devices and customer expectations has placed new demands on AAA servers to evolve beyond authentication and authorization.

“AAA has not only become a critical component for improved scalability and performance, but also in enabling innovative differentiated services that heighten the customer experience. Service providers worldwide are evaluating Next Generation AAA to meet new age demands of customer experience through a smooth authorization and authentication process, ability to add multiple checks, ease of configurability , standards based designed and scalability to handle millions of request per second. In addition to that AAA systems for WiFi and other fixed services need a carrier grade multi-access authentication platform. As more and more users move online for their day to day activities like banking, emails, chatting etc, they need a secure network which cannot be spoofed. A robust AAA with MSCHAP V2 & EAP Authentication would be critical for a secure communication.” He explains.


Enabling Better Customer Management

A robust AAA server is key to improving the subscriber experience and essential to supporting data services growth and new opportunities in fixed-mobile convergence and this can surely lead to better customer management as well as increase customer bonding on the long run.

As mentioned by Johan Terve from Aptilo Networks, “We have a love-hate relationship to the term AAA because for us it is so much more than just handling a large number of standard RADIUS requests per second. Since our focus is within the Carrier Wi-Fi, Venue Wi-Fi, Wi-Fi Offload and Wi-Fi Calling areas, we prefer to use the term “Wi-Fi service management” instead. We do not feel it is fair to compare our Aptilo Service Management Platform™ (SMP) with a standard AAA server. If we have to use that term we regard ourselves as a AAA+ / PCRF+ solution with a high performance AAA/PCRF in the core. The reason to add the PCRF is that we have full-fledged 3GPP PCRF functionality in our Aptilo SMP. Some customers are using us as just a PCRF. This is not a market we are actively focusing on though, but the PCRF component with both RADIUS and Diameter support adds a new level of flexibility for our customers. Their existing PCRF solution often has deficiencies when it comes to handling Wi-Fi policies. The plus is because we provide additional Wi-Fi-specific values derived from our 100+ carrier Wi-Fi deployments in more than 70 countries. Some of these additions include:

  • Predefined support for leading gateways from e.g. Alcatel-Lucent, Cisco, Ericsson and Ruckus and the ability to send vendor-specific attributes to leading Wi-Fi vendors.
  • Ability to apply policies, dynamically in real-time, based on information retrieved from multiple sources such as CRM systems and policy management systems (PCRF).
  • With our Aptilo ServiceGlue™, advanced logic for an improved user experience can be added to the authentication and authorization flows through ruleset-based functions.
  • Built-in 3GPP AAA with support for EAP-SIM/AKA.
  • Checkout quota from existing prepaid systems and handle this quota locally.
  • Intelligent Wi-Fi roaming and support for location-based services.
  • Policy-based IP assignment and IP routing.
  • One-time password through SMS and social media login.” He explains.

Siobhan Ryley from CSG International, says that AAA is one of the control mechanisms offered by CSG’s Integrated Charging and Policy (ICP) for the implementation of policy decisions. ICP combines charging flexibility with control mechanisms, in effect harnessing the intelligence and customer context held within the charging platform to drive real-time, subscriber-aware policy decisions into the network.

Vani Manian, from Alepo Technologies says that Alepo’s carrier-grade AAA infrastructure offers greater performance, reliability, and endless scalability as the demand for data continues to surge upward. “Alepo’s AAA solution does not sacrifice flexibility or feature-richness either. Rather, it allows service providers to readily create new business plans and to bring innovative products to market sooner, keeping them competitive and profitable. What’s more, its open, flexible architecture allows for a rapid and cost-efficient deployment, including robust integration with third-party legacy systems,” she adds on.

Dhaval Vora, VP, Product Management, Elitecore

Dhaval Vora from Elitecore Technologies, explains that Service Providers need a flexible underlying access control infrastructure that provides carrier-grade performance and scalability, enabling them to take full advantage of these opportunities — across multiple networks simultaneously.

“EliteAAA is a part of EliteCSM –Core Session Management platform that offers a flexible framework to services providers for Diameter and RADIUS stack. It offers a pre-integrated platform that allows operators with a wider choice, greater flexibility, and facilitates tighter product integration and addresses a wide range of access networks. EliteAAA is compliant to the latest 3GPP/3GPP2, IPV4 & IPV6, Wi-FI, WiMAX NWG specifications with approved standards of IETF, ETSI, ANSI and other governing communication standards. EliteAAA offers an access agnostic carrier grade AAA. It It can be deployed as a centralized AAA for Multiple Networks or as standalone for each services. EliteAAA centrally manages the authentication of subscribers, devices & authorizes them for appropriate level of service and ensures reliable accounting of usage. EliteAAA competently manages the busiest of networks, easily scales to accommodate growing business needs and new customer. The solution provides a secure, sign-on experience between the user equipment and Wi-Fi network.” he adds on.

Big Benefits of AAA

As mentioned by Johan Terve from Aptilo Networks, operators are realizing that they must GO Wi-Fi in order to stay relevant in a Wi-Fi-centric world. Most mobile data traffic is already going over Wi-Fi. Analysts predict that this will increase to 85% by 2018.

“The direct monetization of Wi-Fi is just the icing on the cake, the cake itself is customer retention. Real personalization of services, also depending on location, is becoming crucial for operators. This is why they will need a solution with tightly coupled AAA and PCRF functionality for Wi-Fi with the ability to retrieve policy information from multiple sources and not just from the 3GPP PCRF. What we have found in our many deployments is that you often need to go beyond the standards to make things work in real-world deployments,” he explains.

Talking about the benefits of AAA, Siobhan Ryley from CSG International, says that moving forward, operators are continuing to innovate.

“We see the pace of change increase as they adopt an entrepreneurial approach to new policy enabled use-cases and business models. This approach is driven at least in part by the advent of Over the Top (OTT) offerings. As operators increasingly decide that they need to partner with and attract strong OTT players, they are realising that guaranteeing sufficient and quality assured access to their services is an attractive proposition. And OTT is not the only acronym driving operators’ new business models. The Internet of Things (IoT) is equally prevalent in the press and in the minds of executives. The need to deliver efficient, appropriately managed network access is at the heart of IoT offerings, from vending machine monitors to quality-critical services such as heart monitors.

Operators need to invest to ensure they have the right systems in place to support their business drivers. From CSG’s perspective, flexibility, performance and openness are key characteristics. Operators must choose the most effective way to deliver policies to the network whether this is over AAA, PCRF or some other mechanism. AAA or policy decisions that are based on the subscriber’s context – including their services, preferences and balances – are the only paths for delivering a quality of experience to ensure that the subscriber values the services provided by the operator. Thus the ability to tightly integrate the system managing the subscriber (charging system) with the systems delivering policies (PCRF and AAA) is the only way to safeguard success. Operators must ensure their software and platform providers are aligned with their goals and capable of delivering on this vision,“ she adds on.

Dhaval Vora from Elitecore Technologies says that operators have been investing in developing piecemeal solutions with adjunct modules to meet the newer technology and use case requirements. These changing requirements have led to a complicated mess (complications) in the operator network, with the inflexible and rigid design structure unable to meet the new standards, scalability requirements and customer experience use cases.

“With transformation to a next generation AAA, Operators will be able to address the New Age data requirements more flexibly with feature like shared data for Residential Broadband, password less authentication no hassles of remembering the user name and password, Single authentication method for multiple access networks, Fixedline DSL, WIFI, LTE, WIFI calling, Interworking with trusted and untrusted networks. AAA vendors must have a clear 3 year roadmap on how they can enable service provider with their future objectives. The Robust and scalable Next Generation AAA should support a convergent architecture with a unified AAA for all networks and address complex solution flow requirements with ease,” he adds on.


A highly scalable, extendable, Interoperable AAA solution is the need of the hour and telecom operators should go for a AAA solution that has both Radius and Diameter capabilities, as future technologies are added to the network the time needed to make the system up and running are minimal.

In such a scenario, next generation ready AAA solution can catapult operators to get advantage of being faster to market with new services and plans for their customers.

Picture Courtesy: