Cisco Cisco Packet Data Gateway (PDG)
SaMOG Gateway Overview
▀ Product Description
▄ SaMOG Administration Guide, StarOS Release 19
12
Product Description
Until recently, Wireless LAN (WLAN) security was considered poor in strength and ease-of-use compared with that of
LTE networks and devices, and operators used their core networks to add security layers such as IKEv2 for UE
authentication and authorization and IPSec for network security between the UEs and the core network gateways. With
the deployment of 802.1x, 802.11u, 802.11i, and Hotspot 2.0, operators now consider WLAN security strength and
ease-of-use to be as acceptable as LTE security.
LTE networks and devices, and operators used their core networks to add security layers such as IKEv2 for UE
authentication and authorization and IPSec for network security between the UEs and the core network gateways. With
the deployment of 802.1x, 802.11u, 802.11i, and Hotspot 2.0, operators now consider WLAN security strength and
ease-of-use to be as acceptable as LTE security.
The Cisco® S2a Mobility Over GTP (SaMOG) Gateway addresses this next step in network evolution by enabling
mobile operators to provide IP access from trusted non-3GPP access networks to the 3GPP EPC (Evolved Packet Core)
network via. the S2a interface, including traffic from trusted WiFi, femtocell, metrocell, and small cell access networks.
The SaMOG Gateway allows operators to provide services to 3G subscribers using GGSN (GTPv1) and 4G subscribers
using P-GW (GTPv2, PMIPv6) via. PMIPv6, EoGRE or L3IP access-types.
mobile operators to provide IP access from trusted non-3GPP access networks to the 3GPP EPC (Evolved Packet Core)
network via. the S2a interface, including traffic from trusted WiFi, femtocell, metrocell, and small cell access networks.
The SaMOG Gateway allows operators to provide services to 3G subscribers using GGSN (GTPv1) and 4G subscribers
using P-GW (GTPv2, PMIPv6) via. PMIPv6, EoGRE or L3IP access-types.
The SaMOG Gateway has the following key features:
Provides seamless mobility between the 3GPP EPC network and WLANs for EPS (Evolved Packet System)
services via. the GTPv1 based Gn interface, or GTPv2/PMIPv6-based S2a interface.
Functions as a 3GPP Trusted WLAN Access Gateway (TWAG) as the Convergence Gateway (CGW) service.
The CGW service terminates the S2a interface to the GGSN/P-GW and acts as the default router for the
WLAN UEs on its access link.
WLAN UEs on its access link.
Functions as a 3GPP Trusted WLAN AAA Proxy (TWAP) as the Multi Radio Management Entity (MRME)
service. The MRME service terminates the STa interface to the 3GPP AAA server and relays the AAA
information between the WLAN IP access network and the AAA server, or AAA proxy in the case of roaming.
information between the WLAN IP access network and the AAA server, or AAA proxy in the case of roaming.
The following figure provides the network architecture of the SaMOG Gateway:
Figure 1. SaMOG Gateway Network Architecture