The standard way of integrating Wi-Fi with cellular core networks
TRUSTED & UNTRUSTED
3GPP Options for Wi-Fi Access
In this section, we will cover all 3GPP Wi-Fi Access (non-3GPP Access) architectures and two widely adopted alternatives for Wi-Fi offloading: Local WLAN Breakout (LBO) and Access Through DPI. Although these two methods are not part of the official 3GPP specifications, we include them to provide a comprehensive overview and ensure an easy comparison of all available offloading approaches.
The 3GPP specifications define two types of non-3GPP access: trusted and untrusted. Non-3GPP access includes technologies such as Wi-Fi, WiMAX, fixed-line, and CDMA networks.
In the following sections, we will explore the differences between trusted and untrusted 3GPP Wi-Fi Access and the various 3GPP standard methods for integrating these access types with cellular networks across different cellular generations (3G/4G/5G). We will only focus on 4G and 5G as the methods for 3G are essentially the same as for 4G, only with different names on the 3GPP nodes.
The numerous acronyms introduced with each new 3GPP release can be overwhelming and confusing. We’ve provided a ‘ translation table ‘ to assist those of you already familiar with the terminology for 3G, 4G, or 5G.
Please note that these are simply ‘functions’ that may be delivered as a combined solution with one or more nodes, deployed as containerized functions, or integrated into the same virtual or physical gateway node.
Trusted 3GPP Wi-Fi Access integrates seamlessly with secure 802.1x or Passpoint-enabled Wi-Fi networks, using SIM-based authentication (EAP-SIM/AKA/AKA′/5G-AKA) as the preferred method for secure access. SIM Authentication is also involved in establishing the device IPsec tunnel for untrusted 3GPP Wi-Fi Access.
the why & how of
Wi-Fi Offloading
Download our white papers now.
Why? : An overview of the business benefits for mobile network operators (MNOs).
How?: A deep technical dive into successfully deploying a Wi-Fi offloading solution.
Use the tabs below to learn more about trusted and untrusted non-3GPP access and how the standards support cellular and Wi-Fi convergence for 4G and 5G networks. Under the 5G Standalone tab, you will also find more information about Access Traffic Steering, Switching, and Splitting (ATSSS).
Below we will explain the practical principles behind trusted and untrusted 3GPP Wi-Fi access.
Trusted 3GPP Wi-Fi Access
Trusted non-3GPP (Wi-Fi) access was first introduced with the LTE standard in 3GPP Release 8 (2008). Trusted access typically refers to operator-managed Wi-Fi networks that use encryption (enabled by 802.1x) within the Wi-Fi radio access network (RAN) and secure authentication methods like EAP.
In the case of trusted access, the user device (UE) connects through a Wireless Access Gateway (WAG/TWAG/TNGF/TWIF) in the Wi-Fi core. The gateway, in turn, establishes a secure tunnel directly with the Packet Gateway (GGSN/P-GW/UPF), which is also used for cellular traffic in the Mobile Core. For 5G standalone (5G SA) architectures, a null-encrypted tunnel is utilized between the device and the TNGF/TWIF—more details on this can be found in the Wi-Fi and 5G convergence section.
SIM authentication (EAP-SIM/AKA/AKA′ or 5G-AKA), performed by a 3GPP AAA server, is crucial for trusted non-3GPP access. Beyond authenticating, the device for access to the Wi-Fi network, it also generates cryptographic keys used for the Wi-Fi encryption (WPA2/WPA3).
Untrusted 3GPP Wi-Fi Access
Untrusted non-3GPP (Wi-Fi) access was first introduced in the Wi-Fi specification of 3GPP Release 6 (2005). At that time, Wi-Fi access points with advanced security features were uncommon, so Wi-Fi was generally considered open and unsecured by default.
Untrusted access refers to any Wi-Fi network over which the operator has no control, including public hotspots, subscribers’ home Wi-Fi, and corporate Wi-Fi networks. This also encompasses Wi-Fi networks that lack adequate security mechanisms, such as EAP authentication and radio link encryption (802.1x enabling WPA2/WPA3 encryption). Conversely, a Wi-Fi network using EAP and 802.1x outside the operator’s control, for instance, an Enterprise Wi-Fi network, is still considered untrusted.
The flexibility of untrusted non-3GPP access, which works over any Wi-Fi network, makes it the preferred method for services like Wi-Fi Calling (aka Voice over Wi-Fi).
The untrusted model requires no modifications to the Wi-Fi network itself but does impact the device side, as an IPsec client must be deployed natively on the device. The device connects through a secure IPsec tunnel directly to an IPsec Termination Gateway (TTG/ePDG/N3IWF) in the Mobile Core, which is then linked through an encrypted tunnel to the Packet Gateway (GGSN/P-GW/UPF). This Packet Gateway handles both cellular and Wi-Fi traffic.
On the core network side, this integration means that the 3GPP AAA server must interface with mobile core network components like the HLR/HSS/AUSF-UDM for SIM-based EAP authentication (EAP-SIM/AKA/AKA′ or 5G-AKA) to establish the IPsec tunnel, but not for granting Wi-Fi access. This ensures the same level of authentication security as in the cellular network.
Wi-Fi and 4G/5G Non-standalone Convergence
The 3GPP AAA server is located within the 3GPP Home Public Land Mobile Network (HPLMN). For 3GPP Wi-Fi access in 4G and 5G non-standalone (5G NSA) networks, the 3GPP AAA provides authentication, authorization, policy enforcement, and routing information to the packet gateways in both the Wi-Fi core and mobile core networks. It performs EAP-SIM/AKA/AKA′ authentication via the SIM card for automatic and secure authentication of Wi-Fi devices.
Below, we will explore the role of the standard 3GPP AAA for SIM authentication in various 4G and 5G NSA Wi-Fi access scenarios, including all 3GPP-specified options for 3GPP Wi-Fi access. To provide a comprehensive view, we include the Enea Aptilo SMP in the diagrams with an integrated 3GPP AAA and additional functions that may be essential for real-world deployments. Learn more under the tab Why a standard 3GPP AAA isn’t Enough
The two first, local WLAN break-out and access through DPI, are not standardized by 3GPP but are extensively used and could also be used for 5G as long as SIM authentication can be carried out in the corresponding 5G architecture.
1. Local WLAN Break-Out
This option can be used for any generation of cellular networks and is currently mobile operators’ most widely deployed architecture. It enables local traffic breakout for all clients at the Wi-Fi access gateway and utilizes standard RADIUS and EAP methods for authentication with the HSS/HLR. The Wi-Fi access point must support 802.1x authentication with EAP-SIM/AKA/AKA′. Integration with the HLR for SIM authentication is facilitated through the D′/Gr′ MAP interfaces or with the HSS via the Wx/SWx Diameter interfaces.
2. Access Through DPI
This option can be used for any generation of cellular networks. The mobile operator typically uses the DPI to inspect and enforce policies for SIM-enabled devices.
All traffic for devices with SIM authentication support is terminated at the Deep Packet Inspection (DPI) node in the mobile core. In contrast, traffic from non-SIM devices is directed to the Internet locally.
This option uses standard RADIUS and EAP methods for authentication with HLR/HSS. The Wi-Fi access point requires support for 802.1x authentication with EAP-SIM/AKA/AKA′. Integration with the HLR for SIM authentication is facilitated through the D′/Gr′ MAP interfaces or with the HSS via the Wx/SWx Diameter interfaces.
Policy-based routing is utilized to route the traffic from the Wi-Fi access gateway to the DPI.
3. Trusted Wi-Fi Access in EPC
This option is for 4G and 5G non-standalone (5G NSA) and based on 3GPP specification TS23.402 with the introduction of the Trusted Wireless Access Gateway (TWAG) node. The TWAG establishes GTPv2, PMIP, or MIP tunnel (the S2a interface) to the P-GW in the EPC core for all trusted traffic.
“Trusted” traffic means an operator-controlled secure Wi-Fi environment with 802.1x. SIM authentication with the HLR is integrated through the D′/Gr′ MAP interfaces or with the HSS via the SWx Diameter interfaces. The Wi-Fi access point requires support for 802.1x and EAP-SIM/AKA/AKA′ authentication methods. This option also requires support for EAP in the device.
The STa interface is mainly used for EAP client authentication with HSS and S2a option selection of which tunnel type to use. The S6b interface between 3GPP AAA and P-GW is mainly used for tunnel authentication, static quality of service, and mobility (if applicable).
The 3GPP specification also allows for a full or partial local breakout of Wi-Fi traffic at the TWAG in the Wi-Fi core.
4. Untrusted Wi-Fi Access in EPC
This option is for 4G and 5G non-standalone (5G NSA) and based on 3GPP spec TS23.402 with the introduction of the evolved Packet Data Gateway (ePDG) node. This option requires an EAP client in the device with IPsec support. There is no impact on the Wi-Fi core or Wi-Fi RAN; any Wi-Fi network will function seamlessly. IPsec tunnels are terminated in the ePDG, a mobile core node specifically introduced for this purpose. The ePDG maps the IPsec tunnels into GTPv2 or PMIP tunnels, which are terminated in the P-GW. In practice, both ePDG and P-GW functions are typically integrated into the same Evolved Packet Gateway (EPG).
The SWa interface is mainly used for EAP client authentication with HSS through the SWx interface. The SWm interface is used for additional authentication parameters, including subscription profiles and S2b option selection of which tunnel type to use. The S6b interface is mainly used between 3GPP AAA and P-GW for tunnel authentication, static quality of service, and mobility (if applicable).
Wi-Fi and 5G Standalone Convergence
5G introduces new network architectural concepts for Wi-Fi integration with the 5G standalone mobile core (5G SA). The simplified diagram below shows Wi-Fi service integration with the new service-based 5G Core (5GC) introduced in 3GPP release 15 (untrusted Wi-Fi) and 16 (trusted Wi-Fi).
The first thing to observe is that this architecture is radio network (RAN) agnostic since both the Cellular and Wi-Fi access use the same interfaces (N1, N2, and N3). Furthermore, 5G has adopted an EAP-based authentication framework (EAP-AKA’ or 5G-AKA), similar to Wi-Fi, for user equipment (UE) authentication with the 5G core.
The 5G signaling and user traffic are transported over IPsec tunnels established between the device, aka user equipment (UE), and the gateway functions (N3IWF, TWIF, and TNGF).
The GPRS Tunnelling Protocol-User (GTP-U) encapsulation creates tunnels for traffic between the gateway functions and the user plane function (UPF), aka packet gateway.
Network Functions for Wi-Fi Access
Let’s now examine the new functions for Wi-Fi access (non-3GPP access). Please note that these functions are not the same as physical gateways. In practice, these functions could all reside in the same gateway.
Non-3GPP Interworking Function (N3IWF)
The Non-3GPP Interworking Function (N3IWF) is a crucial component in the 5G architecture that enables seamless connectivity between 5G networks and non-3GPP networks, particularly untrusted Wi-Fi networks.
The N3IWF is the IPsec tunnel terminating node for 5G, similar to the ePDG for integration with the 4G Core. It is located in the Mobile Core and communicates with the Access and Mobility Function (AMF) control plane over the N2 interface. For the data plane, it communicates with the User Plane Function (UPF) over the N3 interface.
Because it works transparently with any Wi-Fi network, it is the gateway of choice for Wi-Fi Calling but can also be used for traditional data traffic.
Key functions include:
Provides a secure gateway to the operator’s 5G network for non-3GPP access.
Establishes IPsec tunnels between the UE and N3IWF for secure communication.
Handles user equipment registration (UE) with the 5G Core.
Manages the establishment of Protocol Data Unit (PDU) sessions.
Facilitates data transfer between the UE and the data network.
Trusted Non-3GPP Gateway Function (TNGF)
The trusted non-3GPP Gateway Function (TNGF) plays a crucial role in integrating trusted non-3GPP networks, particularly trusted Wi-Fi, with the 5G Core Network, providing a secure and standardized way to extend 5G services beyond the traditional cellular network.
The TNGF is, for 5G, the equivalent to the Wireless Access Gateway (WAG) used for trusted access to the 4G Core. The TNGF is located in a trusted environment, often the Wi-Fi network, and communicates with the Access and Mobility Function (AMF) control plane over the N2 interface. For the data plane, it communicates with the User Plane Function (UPF) over the N3 interface. The device and the TGNF are connected using an IPsec tunnel with null encryption, more about this later.
After successful authentication, a TNGF key is established between TNGF and the device, aka user equipment (UE). Another key is derived from the TNGF key and sent to the Wi-Fi Access Point (AP) for Wi-Fi layer-2 security (WPA2/WPA3).
Trusted WLAN Interworking Function (TWIF)
The trusted WLAN Interworking Function (TWIF) is a new 5G function for interoperability with legacy devices. This resolves the contingency that some devices may support 5G SIM authentication but do not support 5G NAS signaling over trusted Wi-Fi access. These devices lack the support for the EAP-5G and IKEv2 protocols, meaning they cannot directly communicate with the 5G core network using the N1 interface over Wi-Fi. 3GPP refers to such devices as non-5G-Capable over WLAN (N5CW). The TWIF contains the NAS protocol stack and exchanges NAS messages with the AMF on behalf of these types of devices.
The TWIF is located in a trusted environment, often the Wi-Fi Network, and communicates with the Access and Mobility Function (AMF) control plane over the N1 and N2 interface. For the data plane, it communicates with the User Plane Function (UPF) over the N3 interface. Just as in the case of TNGF, the device connects with the TWIF using an IPsec tunnel with NULL encryption.
Other 5G Network Functions
There are also other 5G network functions in play for Wi-Fi integration, we will mention them briefly here:
Access and Mobility Management Function (AMF): A control plane function acting as a central hub of the 5G core network. It primarily manages user access and mobility.
Session Management Function (SMF): A control plane function responsible for session management in the 5G core network.
Authentication Server Function (AUSF): Is responsible for authentication and security-related functions in the 5G core network.
Unified Data Management (UDM): A centralized way to manage network user data in 5G.
Policy Control Function (PCF): The PCF evolved from the Policy and Charging Rules Function (PCRF) in 4G networks. It is responsible for policy control and management in 5G networks.
Charging Function (CHF): This function generates charging data and billing information for 5G network usage.
Control- and User Plane Interfaces – How It is All Connected
For Cellular networks, the N2 and N3 interfaces connect the base station (gNB) with the AMF and UPF. For Wi-Fi, they use the non-3GPP interworking and gateway functions (N3IWF, TNGF, TWIF) to connect with the AMF and UPF.
5G introduces a new principle for non-3GPP access. Multiple non-access stratum (NAS) connections over the N1 interface make simultaneous connections via cellular and Wi-Fi possible. This is a prerequisite for the new ATSSS (Access Traffic Steering, Switching, and Splitting) standard. The same authentication procedures, EAP-AKA′ and 5G-AKA are used for both Cellular and Wi-Fi.
New EAP Protocol and Unusual Use of IPsec
A new protocol, EAP-5G, has been introduced to support NAS messages over Wi-Fi networks through the N1 interface. The IKEv2 protocol is utilized to establish an IPsec SA tunnel between the device and the gateway functions (N3IWF, TNGF, and TWIF). The EAP-5G protocol then encapsulates NAS messages over the IKEv2 protocol.
Another interesting new principle is the use of IPsec SA also for trusted Wi-Fi networks. Why would you want to use an IPsec connection in a secure Wi-Fi network? The IPsec tunnel, with NULL encryption to avoid duplicated encryption, primarily serves for integrity protection and as a consistent framework for both untrusted and trusted Wi-Fi access. Implementations in devices and gateways with dual support for both trusted and untrusted access will be easier to implement.
N1 Control Plane Interface
The N1 is a control plane interface between the device (User Equipment – UE) and the Access and Mobility Function (AMF). It handles Non-Access Stratum (NAS) signaling between the UE and the AMF in the 5G Core Network. The AMF is primarily used for authentication and mobility management.
The N1 interface is used both for Cellular and Wi-Fi for 5G-capable devices. Although the N1 signaling passes through the Radio Access Network (RAN), it is transparent to the RAN and is not processed by the intermediate network elements such as the N3IWF and the TNGF.
The N1 interface plays a crucial role in enabling UEs to communicate with the 5G Core Network for various control plane functions, ensuring proper connectivity, mobility, and service access.
These are the main functions N1 enables:
Registration management: The N1 interface is used for managing the process of registering and de-registering a UE with the 5G network.
Connection management: It manages the connection between the UE and the network, handling procedures for establishing and maintaining connectivity.
Session management: It handles messages and procedures related to session management, such as establishing and terminating PDU sessions.
Mobility management: The N1 interface supports mobility-related signaling to maintain knowledge of a UE’s location within the network.
Security procedures: It is used for security-related signaling, including authentication and key agreement procedures.
N2 Control Plane Interface
The N2 is the control plane interface between the cellular or Wi-Fi access networks and the 5G Core Network. It carries Next Generation Application Protocol (NGAP) messages between the RAN (cellular and Wi-Fi) and the AMF. NGAP handles the exchange of control information related to the establishment, modification, and release of connections between gNBs and the AMF for cellular and between the gateway functions (N3IWF, TWIF, and TNGF) and the AMF for Wi-Fi.
The N2 interface is crucial for enabling communication and coordination between the radio access network and the 5G core network. It supports a wide range of control plane functions necessary for network operation and management.
PDU session/resource management: The N2 interface handles procedures for managing PDU sessions and network resources.
UE context management: It supports procedures related to managing UE contexts in the network.
Mobility management: It facilitates mobility-related signaling, including handovers between base stations (gNB) in the 5G network.
N3 Data Plane Interface
The N3 is the data plane interface between the access network and the User Plane Function (UPF) in the 5G Core. The UPF is the packet gateway that transports data to the internet.
As discussed, traffic is delivered to the UPF through tunnels created by GTP-U encapsulation. Each subscriber will have one or more GTP-U tunnels, one for each active PDU session. The GTP-U tunnels are identified by a TEID (Tunnel Endpoint Identifier) in the GTP-U messages. The GTP-U tunnel is updated when a user moves between Wi-Fi and cellular networks to maintain session continuity.
Will 5G Operators Embrace Wi-Fi Offloading?
The answer is “yes likely,” and there are a few reasons why:
Increased Need for Indoor Coverage: As highlighted in our white paper, Wi-Fi in the 5G Era, the demand for reliable indoor coverage is driving operators to lean more heavily on Wi-Fi as a complementary solution to 5G, particularly in challenging indoor environments.
Emergence of Carrier-Grade Wi-Fi: A new generation of carrier-grade Wi-Fi (Wi-Fi 6, 6E, and 7) brings advanced features like OFDMA scheduling. With Wi-Fi 6E and Wi-Fi 7 operating in the 6 GHz band, the available spectrum for Wi-Fi has tripled. As a result, Wi-Fi is evolving from a “best-effort” solution to a more reliable, carrier-class option.
Will 5G Operators Backhaul the Wi-Fi Offloading Traffic to the Mobile Core?
The answer is “maybe,” largely depending on the adoption of the Access Traffic Steering, Switching & Splitting (ATSSS) specification by device manufacturers. Without ATSSS, there is limited incentive to backhaul Wi-Fi offloading traffic to the mobile core. Instead, the industry is expected to continue with local traffic breakout for Wi-Fi offloading and reserve backhauling primarily for Wi-Fi Calling.
However, if widely adopted, ATSSS could provide a compelling reason for operators to backhaul all traffic. Most web applications do not currently support multipath streaming (using both Wi-Fi and cellular connections simultaneously), requiring an aggregation point to merge these streams. The Packet Gateway in the Mobile Core (UPF) is well-positioned to serve this function.
Will ATSSS Be the Future of Wi-Fi and Cellular Convergence?
The new 3GPP ATSSS specification represents a major advancement in mobile data offloading. It offers seamless, simultaneous use of both 5G and Wi-Fi—fully controlled by the mobile operator. However, as discussed the adoption of ATSSS depends heavily on device manufacturers.
Historically, even promising features like the Access Network Discovery and Selection Function (ANDSF) never gained traction with major manufacturers such as Apple and Samsung. It remains uncertain whether ATSSS will achieve widespread support, as manufacturers often prioritize their own interests and the needs of their customers, showing reluctance to cede control to network operators. Nevertheless, if manufacturers conclude that enhancing user experience is paramount, they may choose to support ATSSS. The outcome is still unclear.
As a result, ATSSS may take several more years to become mainstream. Alternatively, proprietary solutions with similar functionality—developed by device vendors or other industry players—could outpace the 3GPP’s efforts.
ATSSS: A Path to Smarter Connectivity
Access Traffic Steering, Switching, and Splitting (ATSSS), introduced in 3GPP Release 16, addresses key challenges of cellular and Wi-Fi convergence:
Avoid unintentional switchover to public Wi-Fi, which can degrade user experience or cause intermittent connectivity loss.
Implementing policies and thresholds to automatically accept or reject handoffs between Wi-Fi and cellular networks based on congestion levels and network quality.
The Three “S” in ATSSS
ATSSS aims to enhance performance and Quality of Experience (QoE) by enabling devices to natively use data streams from both Wi-Fi and cellular networks while intelligently steering and switching traffic between them. Its three core functionalities are:
Steering: Selecting the best network (Wi-Fi or cellular) based on factors like speed, cost, and latency.
Switching: Seamlessly transitioning between 5G and Wi-Fi.
Splitting: Distributing traffic across 5G and Wi-Fi based on predefined policies.
ATSSS leverages Multipath TCP (MPTCP) to enable simultaneous data flows over Wi-Fi and 5G networks, leading to faster data rates, improved overall quality, and smooth handovers between Wi-Fi and 5G. This approach provides a strong case for backhauling Wi-Fi traffic to the mobile core, where both streams can be efficiently aggregated. Without such a centralized approach, every web server and application would need to support MPTCP, which is currently rare.
While Apple employs MPTCP in some proprietary services like Siri, this implementation should not be confused with the standardized ATSSS.
The ATSSS Architecture
The ATSSS standard includes an MPTCP proxy in the 5G core’s User Plane Function (UPF) and defines ATSSS Low-Layer (ATSSS-LL) capabilities to support protocols like UDP.
ATSSS Steering Modes
3GPP defines four steering modes based on the core ATSSS functionalities:
Splitting: A default network (cellular or Wi-Fi) is used until it becomes unavailable, prompting a switch to the alternate network. Traffic reverts back when the default network is restored.
Smallest Delay: Traffic routes through the network with the lowest latency, as measured by the Performance Measurement Function (PMF) and the underlying multipath protocol.
Load Balancing: Traffic is divided between 3GPP and Wi-Fi networks based on a fixed percentage, applicable to non-guaranteed bit rate (non-GBR) QoS flows.
Priority-based: Traffic favors a high-priority network (Wi-Fi or cellular). If this network becomes congested, traffic is shifted to the other network. In case of network unavailability, a fallback to the alternate network occurs, similar to Active Standby mode. The criteria for determining congestion are implementation-specific.
Policy Management: A Challenge for ATSSS Adoption
A key complexity in deploying ATSSS lies in policy management, which must account for the interests of various stakeholders, including:
Service providers
End-users
Device vendors
App providers
Enterprise IT departments
This complexity may further delay the adoption of ATSSS, as aligning these varied policies is crucial for successful real-world implementation.
Why a Standard 3GPP AAA is Not Enough
Operators may want to monetize their Wi-Fi network by opening it for public use. The Enea Aptilo SMP (software) and SMP-S (service on AWS) are ideal for this use case as they encompass a 3GPP AAA server with additional features designed for monetizing Wi-Fi. These additional features include captive portals, Wi-Fi AAA, Wi-Fi Policy & Charging, Wi-Fi subscriber management, and our ServiceGlue concept with configurable logic.
An additional emerging need for going beyond the standard 3GPP AAA is to support 5G mobile operators aiming to deliver a comprehensive solution for their enterprise customers within Private 5G or 5G network slicing environments. These enterprises often manage a mix of cellular and Wi-Fi-only devices and require unified service delivery to streamline authentication and policy enforcement across diverse network types and support the selection of the best available network at any given time and location.
By adding the optional Enea Aptilo SMP Venue Wi-Fi Manager, mobile operators can turn their mobile data offloading footprint into a profitable service rather than a significant investment. This is achieved by offering managed B2B Wi-Fi services and deploying an additional secure SSID for Wi-Fi offloading at each location.
In this chapter, we will examine the Enea Aptilo SMP in-depth and explain why it may become crucial for you to succeed with your Wi-Fi offloading project.
What You Get with Enea
When you buy the Enea Aptilo SMP, you don’t only buy a product. You will also get the Enea experts covering your back. When Enea acquired Aptilo Networks in 2020, it gained a significant foothold in the Wi-Fi offloading market. Aptilo brought decades of expertise as a pioneer in Wi-Fi offloading, with its first deployments dating back to 2010 and with the first large-scale Wi-Fi service management deployments in 2001.
Today, the Enea Aptilo Service Management Platform (SMP) remains one of the most widely deployed back-end systems for Wi-Fi offloading. It is also available as SaaS with a dedicated instance per customer at Amazon Web Services (AWS), offering the same functionality and flexibility. This flexibility empowers customers to cherry-pick the functions they need, such as SIM authentication, and integrate them with their existing systems.
Our Wi-Fi offloading solution, based on Enea Aptilo SMP, encompasses so much more than just SIM-based authentication. It provides robust support for a broader range of carrier-grade Wi-Fi features, including multitenancy B2B management (to expand Wi-Fi coverage for offloading), Wi-Fi policy control, and OpenRoaming capabilities.
In essence:
“Enea Aptilo SMP turns a service provider’s Wi-Fi networks into a service and allows them to monetize directly and indirectly.”
People from all over the world will flock to Brazil to celebrate the World Cup and Olympics. The ability to offload mobile data to Wi-Fi will ease network congestion significantly and increase data speeds, for an exceptional user experience.
