As the U.S. Federal Government starts to implement FirstNet — the nationwide wireless broadband network dedicated to first responders — backhaul network design is once again in the spotlight. Especially in regard to the protection of critical communications from inclement weather, natural disasters, cyberattacks, and vandals, the design of a network is imperative to its future impact. When thinking about the design of a network like FirstNet, there are three major elements to consider: network resiliency, security, and the adoption of best practices (Fig. 1). These elements will be key to FirstNet’s success, and are techniques that could potentially hold just as much impact for consumer communications as they do for first responders.
At its core, advanced networking technology based on Internet Protocol/Multiprotocol Label Switching (IP/MPLS) will be foundational to these three considerations for protecting critical public safety communications and commercial cellular networks.
Resiliency and recovery
As with any mission-critical communications network, strong resiliency will be essential for FirstNet and other public safety backhaul networks as they carry critical voice, video, and data to the appropriate receiver as reliably and securely as possible.
Although TDM-based backhaul networks have proven to be reliable and secure in the past, they are aging and need to be replaced with packet-based solutions. As with any newer technology, public safety agencies naturally have questions about the reliability and security of packet-based technology in general. However, IP/MPLS actually offers clear advantages over its predecessor, and is uniquely suited to protect critical communications from the full range of 21st Century risk factors.
For example, in case of network failure, its recovery mechanisms such as fast re-route (FRR) can be invoked to bypass the network fault at SONET-like speed — regardless of the underlying network topology and size. FRR can also distinguish and prioritize protection for critical applications, depending on the label switched path (LSP) configuration; then the originating IP/MPLS router can switch traffic to a standby LSP to go around the failure point. If a second fault then impacts the initial standby LSP, the router can also try to dynamically and immediately restore critical traffic through another path.
Network failure does not only occur in the network. Natural disasters and accidents also can affect a major site such as dispatch center. With pseudowire redundancy, IP/MPLS can switch traffic to the standby dispatch center in seconds, automatically, minimizing critical communications disruptions.
It has also been widely recognized that router control hardware failure will cause the network to re-converge and break communication paths, which is unacceptable for public safety agencies as it leaves first responders temporarily blinded. However, the advent of high availability IP/MPLS technology such as non-stop routing (NSR) and non-stop services (NSS) completely changes the paradigm. By enabling hot redundancy protection to routing and MPLS signaling sessions, as well as router’s label and forwarding information base, IP/MPLS networks are able to provide the same TDM-like availability and allow first responders to communicate without disruptions.
Security and availability
IP/MPLS-based backhaul also preserves availability through rigorous network security. Its use of an LSP tunnel is the first line of defense to stop illicit traffic being injected in the network. Additionally, IP/MPLS virtual private network (VPN) services provide segmentation of the backhaul network for different applications. In this scenario, traffic from LTE systems and applications such as CCTV and legacy land mobile radio (LMR) can be placed in different VPNs with complete isolation from one another. This segregation will frustrate attackers attempting to make a lateral move from a compromised device – such as a CCTV camera – to other critical systems.
Encryption of network and control traffic as well as stateful firewalls provided by IP/MPLS routers further safeguard critical communications from eavesdropping and man-in-the-middle (MITM) attacks. Some operators may be concerned that enabling such capabilities would lower router performance and affect the quality of service (QoS). However, the latest routing hardware eliminates the need to choose between performance and security, which is key for ensuring public safety and consumer communications meet both user expectations and their intended functions.
Design best practices
Aside from resiliency mechanisms and security technologies, adoption of network design best practices is also central to protecting communications in all situations, especially with FirstNet in mind. Whenever possible, backhaul networks should be designed for rich path diversity. For example, a multi-ring network topology powered by IP/MPLS provides diverse paths for high availability — in other words, a communication path can be found despite multiple network faults. Combined with FRR and standby LSP, this approach protects critical communications even during extreme natural disasters, cyberattacks, and other emergencies; preserving essential communications for response and recovery. This is a significant improvement from traditional access-aggregation-core ring architecture, in which simultaneous failures can affect many communication paths.
Deploying an IP/MPLS router with redundant router control hardware in backhaul networks is another key design measure. When combined with NSR and NSS high availability technologies, first responders can be assured of dependable access to information despite hardware failure.
Commercial cellular providers can benefit, too
Reliable cell connection for consumer voice and data is also becoming indispensable as the use of digital applications grows and “cord-cutting” — or skipping the traditional landline home phone service — become even more common. As a result, consumers now expect always-on, always-connected service from their providers. Fortunately, the protection measures essential to public safety communications can also be applied to commercial backhaul networks to ensure that operators can provide a high service level for their customers.
Protecting critical communications is paramount
Communications between first responders and command/dispatch centers will be greatly enhanced as FirstNet rolls out across the United States and public safety agencies upgrade their legacy land mobile radio systems. With the expanded data capabilities, first responders will benefit from enhanced situational awareness. The network resiliency and security of IP/MPLS, along with the adoption of design best practices, will ensure that new backhaul networks will be as dependable as legacy TDM/SONET platforms, but with expanded capabilities and higher agility. This will further enable first responders to save lives, help people in need, and return home safely every day.
Fai Lam is responsible for promoting Nokia’s IP/Optical Networks portfolio to enterprises and governments. Fai has been helping industries such as power utilities with their transformation projects. He has held positions in product development, product line management, business development, and marketing.
Filed Under: Infrastructure