IoT Connectivity and Security

Enea Aptilo SMP IoT Connectivity Control Function

Unified and Secure IoT Connectivity

multiple radio technologies

Unified IoT Connectivity Control Function

The Enea Aptilo IoT SMP (SMPIoT) provides a unified IoT Connectivity Control Function (ICCF) across multiple radio technologies. It is based on the same Enea Aptilo Service Management Platform™ (SMP)  as the award-winning Enea Aptilo SMP for Wi-Fi and features a scalable and flexible architecture. The Enea Aptilo SMP has been proven in over 100 demanding carrier Wi-Fi deployments and works as a policy control function (PCRF/PCF) for cellular services at mobile operators such as 3Scandinavia.

Enea Aptilo IoT SMP Unified IoT Connectivity management platform

There are many good IoT application enablement platforms in the market today. They all need to onboard and communicate with devices using different IoT connectivity radio technologies. Low-power wide-area network (LPWAN) radio technologies such as LoRa and Sigfox. 3GPP-based LPWAN such as NB-IoT. Mesh-based IoT radio technologies such as Wi-SUN. And more than anything else, short-range IoT connectivity such as Wi-Fi, Bluetooth, and ZigBee. In fact, according to Ericsson’s November 2023 mobility report, an astonishing 83% (or 32.3 billion devices) of all IoT devices in 2029 will use short-range radio technologies such as Wi-Fi. No wonder, as most things are not moving.

Cellular IoT Connectivity Control Function in the Cloud

Although service providers can host the Enea Aptilo SMPIoT in their data centers, we primarily offer it as a service hosted on Amazon Web Services (AWS). The Enea IoT Connectivity Control Service™ (IoT CCS) is a groundbreaking cellular IoT connectivity control service for mobile operators that want to innovate in the IoT era. They can leave their Mobile Core untouched and create cellular IoT connectivity services previously considered unthinkable. With Enea IoT CCS, service providers can cost-effectively deliver value adding secure IoT connectivity to different enterprise verticals solving two long-standing challenges; automation of Enterprise VPN setup and delivery of unified global connectivity where devices can keep their IP address and security policy across partner mobile network operator’s (MNO) networks.

Note that Enea IoT CCS is a new type of IoT connectivity function working in concert with IoT connectivity management platforms (CMP). While the CMPs are focusing on SIM subscription, life-cycle, and eSIM management, e.t.c, the Enea IoT CCS is a IoT Connectivity Control Function (ICCF) providing the follwing functionality to you as a IoT communication service provider (IoT CSP):

  • Policy-based IP assignment.
  • Traffic protected by a next-generation firewall that can have individual settings for each Enterprise customer.
  • Management of all Enterprise customers and their IoT device connectivity on a single APN, while still deliver private connections through Enterprise VPNs, we call this invention Multitenancy Private APN. Enterprise VPNs can be setup in minutes rather than weeks as a enterprise self-service.
  • Enables a unified Global Connectivity, where devices can keep their IP address and security policies also after beeing localized to a MNO partner’s cellular network.
  • In practice, your Enterprise customers will get a secure global SD-WAN rather than Private APN.

Explore in our FAQ section how Enea IoT CCS solves many of the most cruicial pain points facing IoT CSPs today.

Robust High Performance IoT Connectivity Control

Enea’s IoT connectivity control function is designed to meet service providers’ requirements for a carrier-grade, scalable architecture with high availability. This includes geographical redundancy and disaster recovery. Whether you are a service provider with extremely high traffic volumes or an organization with lower use, you can always trust that Enea Aptilo SMPIoT will deliver.

Future-Proof Your IoT Connectivity Needs

B2B or B2C or B2B2C, we do not care. Enea’s IoT connectivity control function works for every business model, and the flexibility will support your business regardless of your end customers. It is built around our API-adapter concept and our service logic engine, which we call Aptilo ServiceGlue. It features a powerful rules engine with configurable logic, helping you intelligently enable IoT connectivity for different IoT applications for yourself or your customers.

Multitenant Platform

The Enea Aptilo SMPIoT is designed from the ground up to provide a multitenant solution to the service provider. A tenant represents the highest level of an organization utilizing the platform. Many tenants, e.g., the operator’s business customers, can share the platform and get access to their private functions and analytics.

The operator can scale our IoT connectivity control function to support thousands of tenants and many different services, reducing installation and operations costs and shortening timelines when onboarding new users and new devices.

Multitenancy means that:

  • Multiple tenants share the same device database, with the data kept separated.
  • Policy rules can be defined to apply to specific tenants only.
  • Analytics are hierarchically provided per tenant to give each tenant a complete view of their events and services at any given level in the organization.
  • The device onboarding maps into the tenant structure.
  • Our IoT connectivity control function intelligently connects “things” with IoT applications.

A Deeper Dive into Enea Aptilo SMPIoT

The keyword here is “unified.” Our IoT connectivity control function serves as a glue between IoT devices using different radio technologies, currently Cellular and Wi-Fi, IoT connectivity management platforms, and IoT application enablement platforms. If you are a service provider, we can “glue in” your core systems as well. We do that over standard interfaces such as RADIUS, SIGTRAN, and Diameter or through our flexible REST API and can then connect to your own or third-party IoT platforms. The REST API can also be used to integrate different enterprise systems.

For Wi-Fi IoT connectivity, we recommend the secure and seamless EAP authentication methods EAP-SIM/AKA, EAP-TLS, and EAP-TTLS. These are one of the cornerstones in Passpoint (Hotspot 2.0) but also work with older Wi-Fi networks supporting 802.1x. This provides a Wi-Fi connectivity as secure as any cellular connection, as 802.1x encrypts the Wi-Fi radio network. MAC authentication is also possible, which provides a seamless connection, although less secure and without encryption. We have taken initiative in the Wireless Broadband Alliance (WBA) to make Wi-Fi-based IoT onboarding just as seamless as cellular IoT, learn more about this project in this insights article.

After having connected hundreds of millions of people and devices since 2001, our experience is that it is often not enough with a standard authentication. Many times you need intelligent connectivity. A connectivity that can look up policies in other subsystems to connect the device in the desired way. This is, in particular, true for IoT devices. Using the flexibility in our advanced policy engine, the Aptilo ServiceGlue™, we can do magic beyond the standards. We can, for instance, make a halt during the authentication and authorization process. Then look up policy information from multiple sources, form a new connectivity policy based on this information, and connect the device according to this policy.

Enea Aptilo SMP unified IoT connectivity management platform