The Role of the 3GPP AAA

The two most important use cases for a 3GPP AAA are authentication for Wi-Fi Calling and mobile data offloading (Wi-Fi Offload). Enea offers both a stand-alone 3GPP AAA and a 3GPP AAA pre-integrated in a system for carrier Wi-Fi service management.

According to standards, a 3GPP AAA server provides authentication of the device so that an IPSec tunnel can be established for the Wi-Fi Calling service. This is a critical function of a next-generation Wi-Fi Calling solution.

One of the advantages of going with a vendor-agnostic 3GPP AAA such as the Enea Access Manager is that you can expect critical functionality which makes things work in real-world deployments—adding functionality that goes beyond the standards.

One example is when our 3GPP AAA interacts with iOS entitlement servers for onboarding individual iPhone devices to the VoLTE and VoWiFi services.

This process adds an additional authorization and security mechanism to what is specified in the 3GPP standards. Without the entitlement process in place, all SIM-enabled iOS devices would be allowed access to the VoLTE and Wi-Fi Calling (VoWiFi) services, which are often not desired. It also brings additional benefits for the mobile operator, such as end-user acceptance of terms and conditions (EULA), emergency address registration, and service activation for secondary devices associated with the subscriber’s mobile account.

Some operators may allow everything for anyone everywhere regarding their Wi-Fi Calling service. Others may want to apply some restrictions, and the best place to do this is where the user is authenticated for the Wi-Fi Calling service. The Enea 3GPP AAA features an integrated policy engine to handle these Wi-Fi Calling policies. A more granular control over who is admitted to the service can be achieved by integrating with VoWiFi / VoLTE entitlement servers.

Need to control the user experience on your own or your partner’s Wi-Fi network? The Enea Aptilo SMP allows the operator to control the user experience in their own Wi-Fi footprint. The built-in Wi-Fi Policy engine supports many vendor-specific attributes (e.g., quality of service control) that are unique to some gateway and Wi-Fi vendors. It can also handle Wi-Fi roaming and authentication with third-party Wi-Fi networks.