Category: Education
Home / Education /

Upgraded Network Creates Seamless Wi-Fi Experience Campus-Wide

In today’s world, college students are looking for seamless wired and wireless connectivity in dorms, in classrooms, and on campus. Many revered higher education environments were built far before wired or wireless networks were even a concept. And for many, keeping up with the technological demands of today’s hyper-connected world is challenging from both a budgetary and staffing standpoint. Marywood University, a Scranton-based Catholic university, is a perfect example. In late 2018, the university was experiencing the constraints of an aging infrastructure at the same time its leadership was contemplating the expansion of wireless network.

CNI, an HPE Aruba Networking Platinum Partner, has extensive experience in the higher education space, supporting the networking, infrastructure and cybersecurity needs of colleges and universities throughout the Northeast part of the country. HPE Aruba Networking was already working with Marywood on several smaller projects and knew CNI would be a perfect fit in tackling the expansion and upgrade of Maywood’s entire wireless and wired infrastructure.

The combined Aruba/CNI team worked closely with the internal Marywood staff to construct a multi-phase approach to the network upgrade, allowing the university to level out its annual IT spend and have a logical sequence of initiatives that would support their ongoing mission and priorities. Check out the video case study to learn more.

To learn how CNI helped Marywood achieve this goal, check out the entire case study here CNI-Aruba CaseStudy_Marywood-U 2023.

If you are interested in discussing a network upgrade, wired or wireless infrastructure, HPE Aruba Networking solutions, or how CNI helps many other colleges and universities every day, contact CNI at communication@cnisalesinc.com or 610-584-8040.

CNI & Fortinet Bring You Adaptive Cloud Security

Looking for a more trusted cloud strategy?  Let CNI Sales and Fortinet bring you Adaptive Cloud Security.  These solutions provide the necessary visibility and control across cloud cybersecurity infrastructures, enabling secure applications and connectivity from data center to cloud.  CNI brings you Fortinet’s Adaptive Cloud Security to deliver integrated networking, application, and platform security solutions to support and enhance digital innovation.

To learn more about our solutions, check out Fortinet’s Solution Brief today.  If you want to discuss how to adopt a trusted cloud strategy using Fortinet, contact CNI at communication@cnisalesinc.com or 610-584-8040.

This information was originally published on Fortinet’s website. It has been used here with permission from the provider.

Location Services – Friend or Foe for Higher Education?

Enriching the on-campus experience for students and faculty with actionable insights and assured access, while respecting data privacy fundamentals.

Location Services on mobile deviceLocation services and the benefits of deploying them are not a new concept to higher education communities. In fact, higher education institutions already understand and recognize the value they will gain from a location adoption. But in reality, Bluetooth® Low Energy (BLE) battery beacon deployment at scale has never been practical and held firm as the barrier blocking the technology benefits. Technology innovation is now virtualizing this BLE network layer, opening the door to more engaging, experience-first services and an unsurpassed level of data insight and intelligence informing strategies and steering investments. Juniper is the industry pioneer of virtualization of BLE beacons and stands alone in enabling customers to remove boundaries, embrace location at scale and reap the benefits that have been nothing more than a broken promise for so long.

One Virtual BLE (vBLE) Solution, Multiple Benefits

Today, location services can help universities deliver strategic objectives, including:

  • Enhancing recruitment: Integrating virtual BLE (vBLE) navigation and mobile engagement with the university’s mobile app to create interactive, guided tours that will enrich campus open days and ensure the university puts on its best face when attracting new students.
  • Supporting student retention: Analyzing footfall data to understand student engagement, enabling universities to identify those consistently engaging in campus life, and those not.
  • Monitoring student health and wellbeing: Analyzing footfall data and student activity to identify withdrawn behavior potentially caused by health and wellbeing issues.
  • Driving student engagement: Improving university to student communications in real-time through location and BLE technology to proactively engage with students, based on who they are, where they are and the time of day.
  • Understanding attendance: Harvesting accurate footfall analytics to understand class attendance, flagging trends and anomalies to help drive attendance improvements and student success.
  • Managing study space: Using BLE and footfall analytics to enable students and staff to effectively identify and book study spaces; saving time, enhancing the student experience and ensuring efficient use of available space (and especially relevant in the context of COVID-19 guidelines, below).
  • Steering incident management: Using footfall analytics and mobile engagement to effectively identify and manage incidents to positive conclusion.
  • Supporting COVID-19 guidelines: Using contact tracing, journey planning and congestion alerting to create a safer, secure environment for students and staff to return.

The Elephant in the Room: The Data Privacy Challenge

The contract between a university and the student is a non-negotiable foundation that underpins every education and research partnership. Higher education institutions are no different than any other organization when it comes to personal data and privacy legislation (i.e., GDPR).

Personal data protection is a fundamental citizens’ right. Yet, in a rapidly changing world where living with COVID-19 in our communities is now a fact of life, has the acceptability needle moved with students and faculty alike needing an assured safe and secure campus to which to return?

This isn’t to suggest that tracking student footfall with an ability to identify specific students is, or should be, compulsory: it is everyone’s human right to opt in or opt out and every strategy should adhere to that. However, we also know that embracing location services can create a safer campus environment and help to reduce the impact significantly if someone tests positive.

When integrated into a university’s app, BLE location services can provide sub-1 meter location accuracy and the ability to harvest footfall analytics for contact tracing, journey mapping, congestion alerting and dwell times. These are all essential elements to protect and keep students and faculty safe.

It is recognized that COVID-19 alone may not support a business case as justification for campus-wide location services, but it should be positioned as one significant and advantageous benefit among many.

Those who embrace vBLE technology and adopt location services within their core network strategy will benefit from new analytics, gaining access to an unprecedented level of intelligence and insight to drive new services and better experiences, reduce operational overheads and create a safer environment. Collectively, these powerful benefits build a compelling case for universities to consider embracing and adopting network-enabled location technology in the near term.

Location Services – What’s Changed and Why Now?

Technology evolves as manufacturers innovate. BLE virtualization (vBLE) from Juniper is a giant leap for location enablement, opening the door to practical location deployment at scale. It’s time to realize the long list of operational, financial and end user benefits and dump those physical BLE beacons that hinder the potential of this long-awaited technology.

 

More Information

To learn how Juniper can help your university, please visit our Higher Education Solutions page.

Gartner has named Juniper Networks as a Visionary in the 2021 Magic Quadrant for Indoor Location Services, Global. Download the report here.

The blog was originally published on Juniper’s website. It has been used here with permission from the provider.

Secure the Edge With A10 Networks and Garland Technology

Provide Visibility and Secure Blind Spots With SSL Decryption

When trying to support network continuity, mitigating the risk of scheduled or unscheduled downtime is an issue for any operation. The need for a secure layer to identify and actively block hidden threats can be difficult and costly, especially while also keeping your network resilient. Deploying inline appliances on mission-critical network segments requires active-passive flows to decrypt data for network security.

A10 Networks has partnered with Garland Technology to provide an inline security layer without compromising network uptime. A10 Networks Thunder SSLi eliminates blind spots within your network for efficiency within your security device. Garland Technology’s Inline Edge Security solutions, which provides bypass technology mirrors the SSL decrypted traffic from A10 Networks to application performance monitoring tools, adding seamless SSL decryption to necessary workflows.

Simple Inline Bypass

For a single source deployment, traffic is sent from the router through the A10 Networks’ Thunder SSLi CFW 5840 for data decryption. The decrypted traffic is directed back to the Garland Technology EdgeSafe™ Network Bypass TAP, exiting the daisy-chained network port to the next bypass segment.

Once the network data is sent through the DPI and into a second network port, the traffic travels through the second A10 device for re-encryption. The simplicity of this connection allows a single point of decryption throughout the network to eliminate blind spots, ensuring compliance and privacy.

Seamless Integration Within Multiple Networks

When deploying in multiple networks, traffic from each network link is brought into the Edgelens® inline security packet broker and VLAN tagged. Once tagged, the traffic is aggregated and load-balanced through the two A10 Thunder SSLi devices. The data is decrypted and routed to the DPI appliances in reverse order back to the A10 devices for re-encryption. This seamless integration throughout your infrastructure allows comprehensive, real-time and actionable insights with application-level visibility.

The joint solution provides visibility to all security devices, including inline, out-of-band and ICAP- enabled devices. Together, A10 Networks and Garland Technology detect advanced threats with low impact and load-balance to distribute traffic across multiple networks.

Garland Technology Network TAPs and Packet Brokers

Garland Technology provides a full platform of network access products including a range of network TAPs and Network Packet Broker devices, supporting the entire wire spectrum from 10/100M copper to 1G/10G/40G/100G.

Key Capabilities

  • Complete network visibility by passing all live wire data
  • Ensure no dropped packets for out-of-band tools
  • Quality standard, all TAPs are tested with live network data and validated
  • 100% failsafe packet capture – all network TAPs are tested and validated, and have built-in failsafe and/or heartbeat technology
  • Reliable traffic aggregation, load balancing, and filtering – full control over traffic behavior and flexibility for aggregation and regeneration

A10 Networks Thunder SSLi CFW

A10 Networks believes the future of cyber security for 5G and multi-cloud rests on Intelligent Automation coupled with machine learning, ensuring that business critical applications are protected, reliable, and always available.

Key Capabilities

  • Delivers the performance, scalability, and agility for the largest multi-cloud and 4G/5G networks
  • Leverage built-in connected intelligence and analytics for smarter protection throughout your mission critical network
  • Use artificial intelligence, machine learning, and predictive analytics to protect against threats, today and in the future
  • With automation and open API’s, seamlessly strengthen your security posture while optimizing IT resources

About A10 Networks

A10 Networks provides Reliable Security Always™, with a range of high-performance application networking solutions that help organizations ensure that their data center applications and networks remain highly available, accelerated and secure. Founded in 2004, A10 Networks is based in San Jose, Calif., and serves customers globally with offices worldwide. For more information, visit: www.a10networks.com and @A10Networks.

This blog was originally published on Garland Technology’s websiteIt has been used here with permission from the provider.

Garland & ExtraHop Team Up To Provide Real-time Data Capture for End-to-End Visibility

Garland Technology recently partnered with ExtraHop, a leader in real-time IT Analytics, which gives IT Operations, Network, and Security teams comprehensive visibility across everything from network performance to website user experience.

The Garland and ExtraHop platform partnership provides 100% network visibility with an end-to-end infrastructure that eliminates network blind spots. Garland’s network TAPs and packet brokers tap at the live wire for 100% packet capture. By securing the data at the physical layer through reliable network TAPs, the ExtraHop platform provides real-time application visibility to monitor, protect, block, and analyze traffic in real time, all the time.

Implement a Scalable and Reliable Data Monitoring Solution

Scalable network TAPs and packet brokers enable future network growth, from 1G/10G today to 25G/40G/100G tomorrow, with the most reliable data capture available. Purpose-built network packet brokers filter, aggregate, and load balance to one or many monitoring ports.

Complete Visibility

Real-time Data Capture Starts with the Foundation of Visibility

Upon receiving a copy of network traffic from Garland, the stream processor performs line-rate decryption, protocol decoding, and full-stream reassembly for every transaction, up to a sustained 40 Gbps. The result: Customers get deeper and more meaningful insight at a fraction of the cost compared to other real-time analytics solutions.

Foundation of visibility

This solution delivers data-driven, real-time application (L2-L7) network monitoring and security solutions based on wire data, and guarantee no dropped or distorted packets as well as accurate relationships of frames, spacing, and response times with Garland’s passive fiber TAPs and network packet brokers.

This blog was originally published on Garland Technology’s websiteIt has been used here with permission from the provider.

Best Practices for Cloud Infrastructure: Zero Trust Microsegmentation

Zero Trust has become a widely adopted cybersecurity strategy, and organizations are learning to operate under the assumption that no user, endpoint, workload, application or content can be trusted within their networks, no matter what’s been previously checked or what will be checked later on. In other words, each device, application and microservice must be responsible for its own security.

There’s a learning curve, however, to understanding how to apply that principle throughout your infrastructure. In the case of cloud native technologies, infrastructure and development processes often don’t look the same as in traditional environments. The way we apply Zero Trust must shift as well. In constantly changing cloud environments, Zero Trust microsegmentation is a technique that can help enforce cloud security policies that follow Zero Trust best practices.

Developers and DevOps teams continue to use cloud native technologies like microservices and containers to scale development and speed up releases, along with multi-cloud architectures to optimize efficiency. However, it’s these same core components of cloud native development that are causing fundamental shifts in the way network security policies are administered in the cloud. Zero Trust microsegmentation can help solve issues where environments are constantly changing and the IP addresses that were traditionally used for managing and defining security policies are no longer sufficient.

Why Cloud Security Policies Can’t Be Based on IP Addresses

Cloud native development can present a challenge to traditional enterprise policies, partially due to the nature of constant change within the environments. Cloud workloads move across locations, and instances within an application can scale dynamically as demands fluctuate and containers come and go in seconds – making validation a serious concern.

In these environments, the IP-based security that many enterprises are used to can quickly become unmanageable. Hybrid and multi-cloud environments introduce shifting IP domains as containerized workloads can be replicated, rescheduled and rehosted within the scope of an hour. And microservices are exposed through APIs accessible via HTTP/gRPC, making IP address irrelevant. In order to achieve end-to-end visibility, administrators would have to stitch together IP flows across the multitude of environments, which becomes unworkable at scale.

Because IP addresses are no longer as persistent as they once were, they cannot be relied upon to accurately identify workloads in the cloud, thereby making them unusable for security policies following Zero Trust best practices.

Identity-Based Microsegmentation

Identity-Based Microsegmentation in Prisma Cloud gives users the ability to base security policies on strong, machine-generated identity for individual workloads instead of broad IP addresses. This makes it possible to track a workload as it moves through your environment, even if IP addresses and other traditional identifiers change. Development risk posture is improved while managing the needs of dynamic cloud native environments.

Once workload identities are assigned, Prisma Cloud can automatically discover and learn application communication behaviors inside and across clouds. These flows can then be monitored in real time using a visualized map of the network.

Application dependency mapping with Identity-Based Microsegmentation in Prisma Cloud.
Application dependency mapping with Identity-Based Microsegmentation in Prisma Cloud.

Users can set policies to authenticate and authorize connection requests among these generated identities, and they can automatically deny unknown requests. Compliance teams, for example, can create policies to isolate systems that may be subject to specific regulations.

Microsegmentation for Zero Trust

Microsegmentation gives organizations a way to implement Zero Trust best practices for cloud native application development. A trusted identity can be used for security policy enforcement while allowing the seamless use of technology like containers and microservices. You can learn more in our e-book, “Identity-Powered Microsegmentation with Prisma Cloud.”

Microsegmentation is just one aspect of an enterprise Zero Trust strategy. Watch as Palo Alto Networks Founder and CTO Nir Zuk explains how it all fits together. And be sure to check out the rest of the blogs in our Zero Trust series.

This blog was originally published on Palo Alto’s websiteIt has been used here with permission from the provider.

Expanding From 4G LTE to 5G Plus

Discover how networks have evolved from 4G LTE to 5G Plus, and exactly what that means for the future of wireless communications in enterprise environments.

‍Check out Episode 1 of Office Hours to get answers to questions like:

  • How has the 5G standard evolved over time?
  • How can private enterprises benefit from 5G NR-U?
  • What is the biggest difference between 5G and 5G Plus?
  • What are the most significant differences between public and private LTE networks?

Key Takeaways

  • 5G takes advantage of two frequency ranges to provide 5G and 5G plus. While there are many different variations of 5G, the overall technology is a large leap forward.
  • Private enterprises will be able to use 5G NR-U to deploy networks for IoT, driverless vehicles, and dozens of other widespread applications.
  • Private LTE networks give companies granular control over their networks, base stations, and geographic coverage.
  • 5G brings improved data rates, increased reliability, and significantly lower latency than the current 4G standard.
This blog was originally published on Celona’s websiteIt has been used here with permission from the provider.

How Do LTE and 5G Enhance Network Failover and Redundancy for Business Continuity?

Wireless strategies for business continuity gain importance as enterprise expand IoT, cloud, and other technologies

Our evolving world has seen uninterrupted connectivity become a business requirement. With cloud services, IoT devices, and increasing mobility putting a strain on wired network architecture, more organizations are looking to adopt a wireless wide-area network (WAN) to keep a competitive edge.

An enterprise needs to be proactive about network failover. It is no longer enough to solely rely on wired lines for backup connectivity and redundancy. Today availability, reliability, and bandwidth are the three mandatory capabilities for any network failover solution.

Network Availability

Historically, enterprises added multiple wired connections for network failover. This might seem like a good way to ensure internet uptime, but it doesn’t always provide the guaranteed connectivity that organizations now require.

When adding a failover wired connection to a fixed location, typically the new secondary link enters the facility through the same trench as the primary connection. The enterprise is putting itself at risk of network interruption due to accidents during construction or other maintenance.

Another option is to install a new wire through a different entrance, but that costs time and money that enterprises often can ill afford. A more effective and economical solution is a high-performance wireless failover connection. This ensures diversity by providing a secondary connection that can’t be physically interrupted.

Network Reliability

When network service is interrupted, reliable management access is required to securely diagnose and fix any problems. To alleviate the need for an onsite IT team, Cradlepoint’s NetCloud Service and endpoints enable Out-of-Band Management (OOBM) so IT teams can troubleshoot issues remotely. Having a direct connection from an LTE adapter’s console port to the primary router at a branch location enables network managers to diagnose and sometimes fix problems even if the wired link is not available.

Life Storage, with hundreds of self-storage locations across the U.S., struggled with reliable connectivity. Its third-party-managed, USB-based modems could not handle the growing number of connected devices that helped drive business. After deploying Cradlepoint’s NetCloud Service and branch routers, Life Storage’s IT team has been able to remotely control all devices and connections.

Network Bandwidth

Even when a network failover link kicks in, businesses still require sufficient bandwidth to support the transfer of all required company data. With an all-in-one branch networking solution, you can switch between a wired and wireless connections without degrading bandwidth, ensuring business continuity.

Software-Defined WAN (SD-WAN) technologies support bandwidth aggregation and traffic segregation between both wired and wireless WAN links. With lower-bandwidth LTE connections, SD-WAN allows IT teams to set configurations that ensure critical data always has precedence on the wireless failover link. With higher-bandwidth Gigabit-Class LTE and 5G connections, all traffic can continue to flow over the backup link.

Wireless failover allows businesses in any industry to never skip a beat.

Learn more about wireless strategies for addressing enterprise networking challenges from Cradlepoint’s WANs Without Wires white paper.

This blog was originally published on Cradlepoint’s websiteIt has been used here with permission from the provider.

How SD-WAN Can Fulfill Its Promises Through Secure Cloud Connectivity

SD-WAN promises several benefits, including the ability to deliver an optimal application experience for branch offices and remote workers. In other words, these solutions are designed to connect a remote or branch user to an application – no matter where either is located – as quickly and reliably as possible. But just as important, it also works to secure these connections to ensure an ongoing positive user experience.

The ability for SD-WAN solutions to accelerate the delivery of cloud-based resources across multi-cloud environments plays a critical role in fulfilling this promise of an optimal user experience. This is always true, regardless of whether assets are deployed in a private or public cloud environment or if users require access to business-critical Software-as-a-Service (SaaS) applications such as Salesforce, Microsoft Office 365, streaming video, or others. Providing reliable access to this range of cloud-based resources requires granular controls, including dynamic failover, SLA-based application steering, and application availability, even during brownout or blackout conditions.

SD-WAN Requires a Cloud On-Ramp

However, even with these tools in place, the main challenge is that the internet was not designed for performance. Further, most traditional methods used for steering traffic through public networks (i.e., border gateway protocol (BGP)) don’t redirect traffic to avoid congestion. The answer to this problem is a cloud on-ramp solution that joins colocation sites to a cloud-based application accelerator – such as Equinix – for accelerated cloud connectivity. There should also be a simultaneous focus on middle-mile optimization using sensors embedded in backbone networks by providers like Teridion. When service providers combine SD-WAN acceleration with backbone-based route optimization and protocol acceleration, they can stamp out the inherent performance issues associated with traditional internet routing.

Another challenge associated with SD-WAN is that most solutions must be looped in with a vendor-specific cloud connector that manages matters like traffic steering and internet access before connecting to an application acceleration point. This element adds extraneous distance and delays to a system already unfavorably disposed to latency, jitter, and packet loss. With this in mind, it is recommended to leverage an SD-WAN solution featuring a built-in connector to enable intelligent connection flexibility without the need to backhaul application traffic through an SD-WAN vendor’s remote cloud connector.

Enabling Security Without Hindering Performance

SD-WAN solutions featuring built-in security functionality should also be able to use open APIs to connect to identical virtual security solutions offered in the core provider’s marketplace; this enables point-to-point connections that are fast, reliable, and secure. In addition, these direct cloud connection capabilities help organizations address the challenges of unauthorized Shadow IT and data loss by pairing their SD-WAN solution to a cloud access security broker (CASB) solution. This enables deep visibility into and control over application access, usage, and traffic across a multi-cloud environment without hindering performance.

Most SD-WAN Solutions Struggle with Performance

While SD-WAN promises flexible direct connectivity, advanced application steering, robust connection management, and full-stack security, most solutions struggle with a lack of horsepower required to appropriately scale these functions. Part of the reason why vendors deploy their connectors in the cloud and relegate security responsibilities to their customers – leading to the deployment of overlay solutions – is that their SD-WAN solutions have been built using standard, off-the-shelf processors, limiting their ability to deliver the necessary level of power and performance.

Most technology-dependent solutions from leading vendors (i.e., smartphones and cloud platforms) rely on custom central processing units (CPUs) for acceleration and scalability to meet the needs of applications and the environments where they are used. For SD-WAN to meet expectations around flexible, scalable, reliable, and secure connectivity, those who manufacture these solutions must also work to fulfill these promises. If not, they will continue to offload performance responsibilities to service providers, cloud providers, and even customers, producing unsatisfactory results and increased overhead.

Choosing the Right SD-WAN Solution

Organizations are adopting new applications within their SaaS and multi-cloud environments daily, meaning establishing a secure posture around this access is more critical than ever – this is especially true for applications deployed in the cloud. With this in mind, organizations require an SD-WAN solution that can dynamically select the optimal path to SaaS applications in the cloud, optimize those connections, and also deliver full Layer-7 security and advanced security capabilities, all without impacting scalability and performance. And while this may seem like a daunting task, there are solutions that feature these elements – organizations just need to be aware of what they’re actually looking for.

Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.

Fortinet Named a Leader in the 2020 Gartner Magic Quadrant for Network Firewalls

This blog was originally published on Fortinet’s websiteIt has been used here with permission from the provider.

What is CBRS?

So what is CBRS? Citizens Broadband Radio Service is a band (band 48) of radio frequency spectra from 3.5 GHz to 3.7 GHz for 3 types of users:

  1. Incumbent Users (e.g. the Navy)
  2. Priority Access Licensees (e.g. private organizations)
  3. General Authorized Access (e.g. unlicensed users)

Originally, this band was reserved for use by the U.S Department of Defense, namely for U.S. Navy radar systems. But in 2015, the Federal Communications Commission (FCC) dubbed the 3.5 GHz band as the “innovation band” to be opened up to new mobile users.

Since then, the “innovation band” has evolved into what is now known as CBRS. CBRS opens up a major opportunity to unlicensed users and enterprise organizations who want to use 5G, LTE, or even 3GPP spectra to establish their own private mobile networks.

A strong coalition of companies — including Google, Qualcomm, Intel, Federated Wireless — have banded together to form the OnGo Alliance to support CBRS implementers and adopters develop, commercialize, and adopt LTE solutions for CBRS. The OnGo Alliance develops “OnGo” technology, specifications, and certifications to ensure interoperability of network components.

Similar to how the internet was opened up to the public during the Dot Com Bubble, CBRS now gives any business the ability to create services and run applications on private 4G LTE and 5G wireless networks that could sprout entirely new industries.

‍How does CBRS work?

CBRS Band 48 is a total of 150MHz of spectrum ranging from 3.55 to 3.7 GHz. CBRS can be used for 4G LTE or for fixed or mobile 5G NR. The entire system relies on a series of CBRS standards that were developed by over 300 engineers and 60 different organizations in conjunction with the FCC.

These standards consist of security measures, licensing details, and what protocols are used to communicate with devices. Certification programs were developed to help establish standards for installing proper CBRS deployments that follow the proper guidelines in identifying itself, as well as communicating with the necessary FCC databases for operation.

‍What is the CBRS architecture? What are the components of CBRS?

Each CBRS domain features a Spectrum Access System (SAS). The SAS connects to Federal Communications Commission (FCC) databases and incumbent reporting systems. The SAS also interfaces with Environmental Sensing Capability (ESC) systems. ESC systems automatically detect radar use in the area.

Any component supporting a CBRS antenna or antenna array is the Citizens Broadband Radio Service Device (CBSD). CBSDs register with an SAS and request spectrum grants. Grants specify parameters including the allocated radio channels, required Effective Isotropic Radiated Power (EIRP), or maximum transmission power.

The CBSD also identifies its unique geolocation, height, indoor or outdoor status, and unique call sign registered with the FCC. The CBSD and SAS communicate through Hypertext Transfer Protocol Secure (HTTPS), with each message encoded via JavaScript Object Notation (JSON).

Here at Celona, to make things easier for everyone in the enterprise, we call our CBSDs, Celona CBRS access points – similar to “Wi-Fi access points”, which are commonly used within the enterprise.

To prevent interference across the three tiers, the SAS acts as a frequency coordinator that prioritizes access between the Incumbent, Priority Access, and General Access tiers. This system can work in tandem with Environmental Sensing Capability (ESC) which relays important information regarding spectrum use from the Department of Defense.

Is CBRS Unlicensed?

CBRS is “lightly licensed” since it’s either licensed or unlicensed depending on the user’s tier. CBRS lays out three tiers of users.

The first tier is for Incumbents. This includes US Navy radar systems who will always get first-priority use that operate in the 3550-3700 MHz band. To protect this space there are a number of Coastal Exclusion Zones that surround nearly all of the US coastline. This is to ensure naval vessels can still communicate with shipyards without interference.

There are also Protection Zones located inland that protect the airways around fixed satellite space to earth radars in the 3600-3650 MHz band. This portion of the spectrum is protected against interference from Priority Access Licensees and General Authorized Access users.

While these exclusion zones cover a large portion of the coastline, private organizations still have plenty of spectrum to operate on.

The second tier is for Priority Access Licensees (PAL). PAL licenses are awarded to the highest bidders and allow coverage on a county-by-county basis. A single PAL license covers a 10 megahertz channel within the 3550-3650 MHz band, and are assigned in 10 year renewable blocks. PALs must accept interference from Incumbent Access users but are provided protection from interference from the General Authorized Access.

Lastly, the third tier is for General Authorized Access (GAA). These are unlicensed users who are last in line to use the spectrum across the 3550-3700 MHz band. While this tier is the most open, it has no expectation of protection from interference from any other tier, or other GAA users.

Is CBRS exclusive to the United States?

CBRS specifically is based in the United States, but other countries such as Germany, Brazil, Japan, UK and others are expected to follow suit with their own division and auctions of the C-band. While the precise spectrum allocations may be different than CBRS, it will allow for the same privatization of radio services to the public.

‍Why does CBRS matter to your organization?

CBRS enables enterprise organizations to build their own private LTE or 5G networks, both of which offer an “express lane” of wireless connectivity to critical enterprise applications that require wider coverage, interference-free wireless spectrum and guaranteed service level agreement (SLAs) for network performance metrics such as latency and throughput.

There are a number of CBRS LTE benefits. Here are just the most prominent:

  • CBRS access points deliver up to 10x wider coverage, indoors or outdoors.
  • CBRS uses SIM authentication and relies on centralized encryption, by default.
  • Mobile devices handover between access points at an unnoticeable speed.

While smaller businesses may not see the impact that CBRS brings to business applications, large enterprises can leverage this new technology to scale their digital automation initiatives as they invest in new generation of use cases – computer vision sensors, automated mobile robots (AMR), voice and video communication tools – that require real-time compute.

In situations where reliability is just as important as speed, the CBRS spectrum lays the groundwork for powerful technologies like 5G enabled radios. CBRS is a giant leap forward for certain industries that are currently underserved by traditional enterprise wireless.

‍CBRS Use Cases

Here are just a few use cases for CBRS.

College Campuses & Higher Education. The faster speeds and wider coverage of private LTE and 5G networks could help cover dorms, classrooms, lecture halls, and more.

Hospitals & Healthcare Clinics. 5G enabled defibulators, insulin pumps, crash carts, and other medical equipment can reliably share real time information about it’s status and location no matter where it is on campus.

Mines. Mining operations can use private LTE built on the back of CBRS to share real time information with other sites, and even send commands to robotic machines deep underground from miles away. IoT sensors strategically placed on mining equipment allows for preventative maintenance and lifecycle management, while those same sensors can be used to help track the health, safety, and location of workers deep underground.

Industrial Internet of Things & Manufacturing. IIoT relies on the interconnectivity of all aspects of the supply chain to maximize efficiency, improve workflow, and lower the overall manufacturing cost. IoT sensors can help keep maintenance technicians proactive by alerting to potential problems before they cause downtime and impact the factory floor. For example, oil levels can be monitored and be set to automatically create a work order ticket when it needs to be changed.

Warehouses. CBRS helps pick up where Wi-Fi struggles in large multi-building warehouses. 5G signals can easily blanket multiple warehouse centers allowing them to operate on the same network and share information cohesively. Small reusable sensors can be attached to pallets, shipping containers, or individual items to help track inventory in real time. Automation can be configured to send alerts to a manager when inventory is low, or if more space might be needed for that particular item.

Skyscrapers & Large Complexes. Much like office parks, skyscrapers struggle with similar issues when it comes to reliable connectivity that is often patched together through a mesh of Wi-Fi bridges, access points, and cable drops. CBRS can unify a network and create a single point of access for wireless devices. Even in a multi-tenant building with dozens of other Wi-Fi networks, CBRS will be able to communicate with no interference because it operates on a completely different band.

Sport Stadiums. CBRS can use a small number of strategically placed indoor and outdoor access points to offer reliable connectivity to security systems, mobile point-of-sale (POS) systems, electronic gates, and networked lighting.

Event Venues. Venues will benefit from many of the same features that sport stadiums do, just on a smaller scale. Large outdoor venues will be able to broadcast LTE from the stage, all the way out to remote fields where wired infrastructure cannot reach.

Hotels & Hospitality. Hotels and resorts often struggle with sluggish wireless connections and dead zones that result in guests complaining and leaving negative reviews. A CBRS network is in a unique position to help both staff and guests stay connected.

Airports & Public Transportation. Airports can confidently supply a blanketed signal from the tarmac to the terminals with confidence in the reliability, interference-free operation and security of the network.

How does CBRS shape the future of 5G?

With 5G being on everyone’s mind, CBRS spectrum is often overlooked. It will truly carry this standard beyond the reaches of consumer based services and well into the enterprise footprint. With wireless speeds approaching and oftentimes exceeding wired networks, CBRS will lay the foundation for new service providers and accelerate digital automation initiatives in the enterprise.

Even if 5G isn’t quite as prevalent across the country now, businesses that invest in private LTE infrastructure will position themselves to be able to quickly upgrade their cellular network with 5G capabilities when the access point and mobile / IoT devices are ready. Even as new generations of technology standards are developed over time, they will likely utilize the CBRS spectrum, and give tech-savvy companies a leg up on their competition.

How Can Celona Help Develop Your CBRS Network?

Celona helps businesses deploy private mobile networks by fully automating the deployments of CBRS deployments and offering a turnkey solution with its hardware and software components. To estimate the number of CBRS access points for your facility indoors and outdoors, try our free network planner. And to give it a try in your environment, request a product trial.

This blog was originally published on Celona’s websiteIt has been used here with permission from the provider.

Copyright © CNI Sales Inc. All Rights Reserved