Cellular IoT Connectivity Control

Automotive – Multiple VPN Connections and Advanced Routing

A modern car is a hub of multiple IoT devices. These devices come from subcontractors of suspension, batteries, brakes, security systems, entertainment systems, and more. They need private connectivity for firmware upgrades, sensitive data, and predictive maintenance.

There’s a wide variety of different needs and use cases:

Car-2-car communication requires low latency. Upload of extensive real-time analytics requires high upstream data capacity. The download of software or passenger entertainment needs high downstream data capacity. They may also need geographical routing rules determined by device profile settings. Furthermore, there may be a need to have localized Internet. The service must be able to route the Internet traffic to the home country’s Internet breakout to enable users to, e.g., watch their local streaming content while abroad.

There’s a need to secure the transport of sensitive data, such as analytics, software upgrades, and data for predictive maintenance. The best way to secure this data is to establish connectivity through Enterprise VPN tunnels. The service provider must support a one-to-many VPN connectivity controlled by the car manufacturer so they can include their sub-contractors in their own secure global SD-WAN.

Car manufacturers also have high-security requirements, end-to-end security, DDoS protection, anomaly detection, etc.

Utilities – Huge volumes of simple devices

In the utilities market, a customer may need to connect hundreds of thousands, maybe millions, of “dumb” IoT devices such as electrical meters. They are dumb in the sense that they are simple and cheap, so they often lack security features such as VPN connectivity.

These devices have a vulnerable position in people’s homes. Thus, they need to be protected by firewalls. Some traffic may also need to be delivered through Enterprise VPN from the Enea IoT CCS.

Small Medium Enterprise – Limited IT Skills

A small local taxi and transport company is part of the small and medium-sized enterprise (SME) customer segment. The SME segment is the direct opposite of a car manufacturer because they have limited IT resources and only have a handful of devices.

They may run a few legacy systems that must have contact with the cars at all times. These systems have minimal security functions, as they were established before the Internet’s birth. So, they need operator-managed security. VPN tunnels are not an option for this customer because they can’t set up and manage VPN connections.

From the operator’s perspective, they need this type of customer to handle their settings. In this mass market, it is just not profitable if the customer needs too much assistance from the operator. There’s an enormous volume of potential customers in the SME segment, but each customer does not contribute much revenue. The SME market is a volume game. For self-management to work, an easy-to-use web GUI or app with basic settings is a must.

Rental of e-scooters – Location and Private IP

Companies offering app-based short-time rental of e-scooters are popping up like mushrooms in larger cities globally.

They have tens of thousands of relatively low-end devices in the form of e-scooters. This industry needs to secure the traffic from their e-scooters to the receiving servers.

The scooters are exposed to potential user manipulations, so they need to be protected by firewalls. Furthermore, e-scooter rental companies commission and decommission e-scooters regularly, and an average lifespan of a scooter is just a few months.

Scooters must only be mobile within a pre-defined area in the city, so they need to:

• Limit usage outside of defined localities.
• Allow for easy and instant blocking of lost devices or those taken out of service.

Forestry Industry – VPNs and Open Internet

The forestry Industry needs complex domestic IoT connectivity. They need secure connectivity over a Private APN to their headquarters for services such as:

• Location tracking of vehicles.
• Report quantity of cut timber.
• Report machinery operation hours.

Moreover, they need secure connections (VPN) to other destinations:

• Upgrade of vehicle firmware with the truck vendor.
• Data exchange with the forestry machinery vendor to enable predictive maintenance.

They may also want to enable Internet connection for the integrated tablet device available in many forestry machines. A firewall must protect this traffic, and they need to control this connection according to corporate policies.

Transportation – Unified Experience Internationally

Let’s explore how IoT CSPs can combine a connectivity control service such as IoT CCS with their ability to do dynamic eSIM localization. They can provision and upgrade settings in the eSIM, using their over-the-air (OTA) systems and the latest eUICC technology, and change the profile to the local operator on the fly.

This is excellent news for a transport company operating all over North- and Central America. They can turn to one mobile operator in Canada to solve all their connectivity needs both domestically and abroad under one contract.

By connecting all partner MNOs to the Enea IoT CCS, the mobile operator can offer a unified global APN+VPN connectivity without roaming. The truck will, for instance, maintain its IP address, security, and policies across borders.

Let’s see what happens as the truck passes different countries. We start in Canada. When the vehicle enters the United States, this enables the profile for the US partner MNO over the air. The truck continues to Mexico, and the OTA system ensures that the eSIM switches to the local MNO partner in Mexico.

If needed, the Enea IoT CCS service can offer policy-based breakout for all or parts of the traffic to the nearest AWS point-of-presence.

Global Logistics – Unified Experience and Less Tied-Up Capital

The need for global connectivity can also just be a matter of logistics. Take a manufacturer of coffee machines rented out to coffee shops worldwide.

Just imagine the benefits of less tied-up capital in stock by storing only one version of the machine instead of individual versions for each country. Doing this under one operator contract and still applying the same security and policies through Enea IoT CCS while allowing some traffic to break out in the local region and some routed home in secure Enterprise VPNs.

Just as in the case of international transportation, the mobile IoT CSP must go beyond roaming and instead localize eSIMs over-the-air (OTA) to local subscriptions. This will eliminate the issue of blocking IoT devices due to breaches of regulations and commercial agreements prohibiting permanent roaming. To maintain control, IoT CSPs can use the unified global connectivity functionality built into Enea IoT CCS.

Let’s start with stating the obvious. Using hyperscalers such as Amazon AWS makes an IoT connectivity management solution inherently scalable and global.

Now we will dig into how Enea IoT CCS helps IoT CSPs scale their value-added IoT services with profit.

The matrix above shows two perspectives IoT CSPs need to consider when creating IoT connectivity management services. On the X-axis, we have the business value the IoT connectivity service brings to the enterprise IoT customer. On the Y-axis, you find the profit the IoT connectivity service brings to the operator.

IoT CSPs will end up in the bottom left corner If they just re-package an existing consumer service for IoT.

Most operators also add SIM-management and offer private connections on top of this. The keyword here is ‘most.’ They will deliver a commodity with little value-add. They will only compete on price, and the lowest bidder will replace them. These mobile operators are in the “churn zone” colored red in the matrix.

In the left half of the matrix, operators will only be able to create a profitable IoT business if they become the price and volume leader in their market.

The further you move towards the right, adding value-added services, the stickier customers become. Higher revenues come with value-added services such as Analytics, Managed Security, Global Connectivity, and Granular policies.

But, for most operators, the profit will not follow. Every new customer that needs value-added services becomes an expensive development project.

There’s only one way to scale value-added IoT services with high profit: to automate the customization as much as possible. Mobile operators should also add a web interface for customer self-management. Automation and self-management serve two purposes. First, they will get a lower cost of operation. Second, customers will be less price-sensitive, as the service feels like their own when integrated with their business processes.

So, the green zone, which we call the high-profit zone, is where you want to be as an IoT CSP. The question is if even a dedicated mobile core for IoT and your current organizational processes will take you there? One of Enea’s mobile operator customers answered no to that question. And so, the award-winning Enea IoT CCS was born.

Automation is Key for a Profitable IoT Service

As discussed initially, most IoT CSPs offer basic IoT connectivity management. The next step up is a customized IoT connectivity service. With each customer deployment carried out as a costly project, operators are missing out on a mass market with customers prepared to pay for value-added services but not for bespoke development.

What’s more, many bespoke deployments are very similar, which shows the potential to deliver those projects more cost-effectively.

This is where Enea IoT CCS comes in.

We believe there is enormous potential in stopping making customizations as soon as a customer wants something beyond a standard service.

With a IoT Connectivity Control Function (ICCF), such as IoT CCS, it is easy to be agile and create new value-added services that fit multiple customers. As a result, it will be possible to move the bulk of customization projects to a scalable IoT service instantly deployed to any customer. This is an auto-customization approach where the customer can make the last few customization steps themselves and maintain the service through self-management.

Just the automation of Enterprise VPNs and only having to handle one APN to serve all customers is reasons enough to go with a IoT connectivity management solution. Such a solution will free up resources to do bespoke developments for the very few who need it. But IoT CCS is also relevant for custom development. The logic and security part of a bespoke project can also benefit from being handled in the cloud. It is faster to deploy new server or firewall nodes, and operations can isolate and tailor specific nodes for the customer if needed.

Operational Enterprise Benefits

There are four significant benefits of a hyperscale IoT connectivity control function from the enterprise customers’ point of view:

• They can demand more advanced IoT connectivity services that fit their use case.
• They can include partner companies in their global SD-WAN.
• They can control their global connectivity, security, and policy settings.
• They can get a unified global IoT connectivity maintaining IP address, security and policies for each device.

Using only one common APN, as we do in our Multitenancy Private APN concept, is also beneficial for enterprise customers. If the customer needs to change the APN, the IoT device logic may need updating. Updating thousands of devices is not a straightforward operation, especially if they are in remote locations. The IoT CCS service reduces the need for these critical updates because the one shared APN can point to multiple VPN connections, there is no need to change any APN names in the devices.

Cost-Saving When Choosing an Operator That Has Gone Hyperscale

Analyst firm Transforma Insights estimates that customers using a hyperscale IoT connectivity service can save the equivalent of 27.8 percent of the cost of global IoT connectivity.

That equates to an astonishing 117 billion USD globally between 2020 and 2030.

Source: Transforma Insights’ White Paper

As you can see the domain of Enea IoT CCS, architecture and integration, stands for the vast majority of the cost-savings.

The largest cost-saving is in Device-to-Cloud Integration (7.5%), closely followed by faster Time-to-Market (6.4%) and lower costs of providing the equivalent levels of security (5.3%).

Enterprises can also save a lot (5.9%) by using eSIM/eUICC and localizing the connectivity onto a domestic network, avoiding regulatory or commercial compliance issues.