What’s the Word?
— Meet Bill Word —
Hi. My name is Bill Word, a sales engineer with our carrier account team. My job is to provide pre-sales technical assistance with wireless WAN carriers (a.k.a. cellular data networks) in North America. I have been in this role for over six years, and have been with Digi® since 1992.
The iDigi Applications Team asked me to write a little article on how private WAN plans work in conjunction with the iDigi® Device Cloud™.
Traffic from remote Digi M2M gateways, like our ConnectPort® X products, to the iDigi Device Cloud normally routes over the Internet. While these connections can be secured using SSL, this can pose problems for devices using private wireless WAN plans that do not allow traffic over the Internet.
A private carrier plan is where IP traffic does not traverse the Internet or it is tunneled and encrypted via VPN. Private plans provide maximum data security for wireless WAN connections. Many carriers offer private plans.
On GSM networks, a wireless WAN plan is often called a private or custom APN. An APN (for Access Point Name) is a term specific to GSM. An APN defines the IP addresses assigned to the wireless WAN (a.k.a. mobile) interface, how the traffic is routed between the carrier and the customers and other related items. Even though many people use the term “APN” to refer to custom/private APNs, all GSM plans use an APN.
Instead of IP data traversing the carrier network via the Internet to the customer network, a private APN from the carrier provides a private connection from their network direct to the customer network using MPLS, IPSec VPN or similar private connection. Firewalls, VLANs, RADIUS authentication and other security measures authenticate users and devices and segregate your traffic away from other customers’ traffic.
Customers can chose one of two methods to get around this issue.
The first solution is to allow device-to-iDigi traffic to flow over the private wireless WAN network to the customer’s network and then out their Internet connection. However, many companies’ security policies do not allow any Internet access – even for SSL secured traffic.
A more secure mechanism is a direct VPN connection between the iDigi Device Cloud and the customer’s network. Here Digi places a VPN appliance at the customer premise to secure the iDigi application traffic.
The iDigi Applications Team is blogging about interesting applications and projects, sharing implementation advice and writing about some exciting ways to connect your devices to the Internet of Things.
Are you on the east coast and still sad you missed our WaveForum conference in San Diego? Well, there’s still time to attend the Toronto conference on October 19-20, 2011. We will be offering 20 different technical sessions covering a variety of topics.
WaveForum 2011 Latin America
Dates: November 15-17, 2011
Location: San Jose, Costa Rica
Some of the topics to be covered include:
- Smart energy solutions
- Cloud computing for M2M networks
- Selecting the right wireless protocol
- Long-range wireless backhaul via cellular and satellite