IP Zones

IP Zones


        

Contents:

1.        Introduction        

1.1.        The Partners        

2.2.1.        Unique features        

3.5.        Summing up security        

 


  1. Introduction

Telenor Mobil is currently deploying Public Wireless Internet Zones. Telenor Mobil is one of the two largest Mobile providers in Norway. The company is represented in Eastern Europe and Asia, but this installation is so far a test for Norway.

Telenor Mobile is represented in the countries marked in red.

Telenor Mobile is part of Telenor that had a monopoly on the fixed telephone network in Norway until 2000. It is now possible for any company to compete on the Norwegian market. The mobile telephone market has been open for competition from the beginning, but the years of monopoly that Telenor had gives Telenor Mobile a lot of resources that their competitors do not have. All mobile telephone providers must cover entire Norway to be able to get licensed.

In 2002 Telenor Mobile worked expensively to make it possible to pay using your mobile telephone. You can now pay for services like parking you car, log on to the internet, use your phone as your wallet, integrated to you debit, credit card and SmartCash.  

This makes it possible for any user with a WLan (Wireless local area network) card to log on to the internet. The intention is to offer Wireless access to existing and non existing customers. Wireless zones have been installed in public places and companies that want to provide that service for visitors or their own company 

The purpose of the Public Wireless Internet Zones is that someone comes to a place covered by the IP zones and starts the browser and can then browse web pages the provider makes available. This can be the local shop, part of the intranet and so on. If the person tries to browse outside the intended web pages available, a start page will bee pushed on the browser and that home page can have links to more free pages or just a logon page.

If the user then wants to log in, they fill in their telephone number which is then sent to the radius server. The radius generates a password and sends a SMS to the user mobile telephone. The user fills in the password given and can start browsing the internet.

The charge for browsing is invoiced on the user’s mobile telephone bill. In certain cases companies are using this as identification and not to make revenue.

As the IP address has to be issued to all possible users, hackers could take advantage of this. Therefore, system security has been an issue that is needed to be addressed.

The solution proposed is “a world-class wireless access solution” based on world-leading products and services from mentioned partners.  The joint efforts of the leading expertise team, enables Telenor Mobile to extend its market leading position also into the Wireless LAN market place, and in turn to provide a strong combined service offering based on GSM/GPRS and WLAN access technologies.

The IP Zone will provide internet access, and use of payable and non payable services as shown in the picture.

  1. The Partners

This system design represents a joint effort between Birdstep Technology, Hewlett Packard and Cisco Systems, headed and lead by Eterra as the system integrator.

The solution proposed is “a world-class wireless access solution” based on world-leading products and services from mentioned partners.  The joint efforts of our leading expertise team, enables Telenor Mobile to extend its market leading position also into the Wireless LAN market place, and in turn to provide a strong combined service offering based on GSM/GPRS and WLAN access technologies.

The solution is based on solutions from our “best-of-breed” products and solutions. The following criteria’s has been our guidance and priorities for the proposed solution:

  • Open standards
  • Scalability
  • Flexibility
  • Simplicity
  • Security
  • Ease of management
  • Turnkey solution  

Taking the best from all team members, Telenor Mobile will achieve great business benefit in providing secure and cost effective services to the Telenor Mobile wireless LAN customers. The partners of this proposal represent the following value-add to Telenor Mobile:

Eterra

  • Broad and widely experienced in delivering complex roll-outs as a value add system integrator in the Nordic market scene
  • Benefiting from long term relationship with Telenor
  • Covers Norway and the Nordic region with 2200 skilled and dedicated employees

Birdstep Technology

  • Development strategy in Birdstep aligned with Telenor Mobile wireless access strategies
  • Birdstep Wireless Access solution features a “Close to 100% compliant” Access Control Device solution for Telenor Mobile
  • A solution extendable, through Birdstep Mobile IP client software, to deploy roaming services between various access technologies such as Wireless LAN, GSM/GPRS, ADSL, Bluetooth and IrDA.

Cisco Systems

  • Market leader communication product portfolio
  • A non-debatable competence-profile
  • Enjoys a substantial and comprehensive legacy of exciting Cisco-base within Telenor since `94

Hewlett Packard

  • Market leader ICT-product portfolio
  • Industry-leading performance with multi-technology based on scalability, availability and manageability
  • HP OpenView is key for this case’s operation and maintenance solution
  1. Aim of report

In this report the main focus will be on security issues within areas of the project

  1. Limitations

We will not have the possibility to go through all details of the project as we have been limited by the maximum word count for this assignment.


  1. The big picture

To give an overview of the complexity of the system, we have illustrated the installation as it looks with the DMZ (demilitarized zone). There is one firewall Titanic1 standing in front of this zone and one in the back Titanic2 stopping all communication coming from outside Titanic1. It is thought impossible to get any communication from the outside and into the network without a server expecting and processing the data.

Join now!

This is in correlation with the theory given in this course; Turban Page 567, the reason why a DMZ is used,  ‘the idea behind the screened subnet is that there is no way for outside traffic to gain access to any other hosts on the internal network’

The servers and program used for the IP zone configuration is from Birdstep run on Linux servers.

  1. The ACD

This is the first server giving the functionality.

When the user wants to access the internet he will have to go through the ACD (Access Controlling ...

This is a preview of the whole essay