Internet Technology: Pushing The Limits

Peter J. Brown

With its ability to instantly deliver Internet Protocol (IP)-based video, voice and data anywhere in the world, the satellite industry is simply giving the public and private sectors more options. A few vertical industries where satellite technology offers solutions include health care, energy, public safety, transportation and Homeland Security, each of which has unique requirements that are ideal for IP over satellite. But regardless of market segment, enhancing IT technology and maximizing bandwidth usage with satellite is providing profitable returns for global satellite industry executives.

"There is a large market for corporate networks within the enterprise arena," says Paul Kosac vice president of market development, media networks/headend, transmission networks systems for Scientific-Atlanta. "Point-of-sale, product information, instructional video and training opportunities are increasing for clients to cache through an IP network. The common denominator is time, with a growing demand for non real-time applications ."

Kosac adds that as non real-time distribution is used more, users can create niche networks where highly-targeted content can be produced. "As you look at how this is growing, IP distribution is a viable and cost-effective approach for such information to reach the desired audience."

Along with enterprise, government agencies and broadcasters are also growing markets and some satellite equipment providers view these arenas as the two sectors that are accounting for a huge spike in IP over satellite traffic. "The applications are not exactly exotic," says Howard Barouxis, director of sales at Thales Broadcast and Multimedia.

"As for the broadcasters, they are increasingly using satellite to send content in non-real time as IP files over DVB. This extends to their broadcast contribution links, DSNG [Digital Satellite Newsgathering] and flow of syndicated content as well. I see the station group market as very wide open to this type of approach."

Thales offers its Opal IP Encapsulator (IPE), IP receiver and OpenStream multicast solution as well as the Thalescrypt conditional access system, which Barouxis describes as ideal for broadcast contribution links. For example, PBS is currently using a Thales Opal IPE as part of its next generation interconnection system trials, which involve several PBS stations that have been equipped with Omneon video servers. These stations are fed certain PBS primetime shows automatically, but they are also able to access archive material or content on request via a 16 QAM IP satellite link.

According to Bob Hansen, senior vice president of global sales and marketing at Arizona-based Comtech EF Data Corp., IP over satellite links for file delivery using 8PSK, 16- QAM and Turbo Product Code modulation, as opposed to QPSK, are now being evaluated by broadcasters who want to employ this mix of push and pull technology to reduce their bandwidth requirements in heavily automated environments.

"The broadcasters are shifting their attention to processing equipment that includes encoders and modems, along with IP conversion and streaming solutions," says Hansen who recognizes the IP over satellite-based application opportunities as DSNG, Voice over IP (VoIP) with priority, IP videoconferencing, broadcasting video streaming and IP Multicasting. "We hear that broadcasters are transmitting HDTV [High Definition Television] at 30 plus Mbs just to get the full 19.4 Mbs down the pipe. This is one reason why there is such demand for DVB-S2 and fully optimized video compression."

Comtech EF Data also is equipping its modems with Skipware as a performance enhancing protocol. In addition, late last year Comtech announced that it was teaming up with Stockholm-based Effnet Group AB, and that Effnet’s Compressed Real-time Transport Protocol (CRTP) and IP Header Compression (IPHC) would be offered as part of the Comtech IP- enabled modem product line-up. CRTP and IPHC are designed for real-time point-to-point links where satellite operators and service providers want to reduce the load requirements imposed by the transmission of IP, UDP, TCP and RTP headers.

"What we see straight ahead is a wholesale upgrading of modems, and a greater need for our expertise in satellite links in general. With a physical link, it is either on or off. But in the satellite world, [due to such things as fading] things are not off or on," says Hansen. "With our line of CDM IP modems, we compress everything from the payload on up, and we flag things differently if a link is degrading, and bit error rates are way too high. We can employ dynamic header compression based on link conditions as well."

The U.S. military looked hard at the Skipware product known as Space Communications Protocol Standards (SCPS. Ongoing TCP-related performance problems including high bit error rates were experienced throughout the last few years on the U.S. Defense Department’s (DoD) secure 512 kbs satellite network known as SIPRNET. This led to 18 months of hardware platform testing by Booz Allen Hamilton, according to Nick Yuran, director of sales and marketing at Global Protocols Inc. whose staff developed SCPS. As a result, the use of TCP- based SCPS via Comtech EF Data’s turbo IP link accelerator received a major boost from DoD, which specifies turbo IP as part of its requirement for the use of SCPS at the Standardized Tactical Entry Point (STEP) transport layer.

"SCPS exists as a reference implementation, and anyone can put it on a hardware platform. SCPS keeps everyone in the open source domain, and it is a wireless protocol that has been modified to perform superbly in a stressed environment," says Yuran. "In this instance, turbo IP has won out when it comes to providing rapid recovery from dropped packets, among other things, as part of a fully interoperable TCP-based solution. With SCPS at the transport layer, UDP-based VoIP and IP video is not disturbed in any way. In a typical 2 Mbs link, for example, with 256 kbs always allocated for voice, there is no starving of TCP or UDP."

Emergency Response Using IP Over Satellite

In mid-October, an Andrew 3.7-meter motorized Ku-band antenna system was hoisted onto the roof of Texas A&M’s Institute of Biosciences and Technology (IBT), located at the Texas Medical Center in Houston. Among other things, this system is part of the elaborate Disaster Relief and Emergency Medical Services (DREAMS) project that has been taking shape since the mid-1990s.

"Our overall goal is to mitigate the problems associated with prolonged patient transport, and to incorporate Ka-band technologies. DREAMS is trying to extend what is known in the emergency medical response community as the golden hour," says Larry Flournoy, associate director at the Academy for Advanced Telecommunications and Learning Technologies at IBT. "Critical to this approach is the idea of providing more interactivity between the medics on scene and doctors back in the emergency room. Everything keys around the communications platform on the ambulance, including all the computing, telemetry and support instrumentation."

"This complex in Houston is relatively protocol savvy in that a video signal can come into the complex as IP over ATM, and leave the complex as MPEG-2 over DVB. At this point, I believe that all of the applications that are supported between the hub and ambulance are purely IP over High-Level Data Link (HDLC)," says David Beering, principal at Chicago- based Infinite Global Infrastructures LLC, which is involved in the design, integration and installation of the satellite system. HDLC is another layer-2 protocol that is used primarily by Cisco routers to communicate over a serial link. It is equivalent to ATM and DVB in the Open System Interconnection (OSI) model.

Multiple variations of the DREAMS ambulance are emerging, including one outfitted with SCPC and Spread Spectrum hardware by a team from the Satellite and Wireless Networking Section of the Naval Research Laboratory (NRL) headed by Michael Rupar.

"Due to the small size of the ambulance terminal’s Ku-band aperture, the ambulance transmits Spread Spectrum and receives SCPC. Hardware onboard includes an SCPC modulator and demodulator from Comtech EF Data, and spread spectrum modulators and demodulators from Filtronics, Sigtek and Cylink. Additionally, for transmit power, the ambulance is using a Litton Microwave Power Module (MPM), as opposed to a TWTA or SSPA," says Beering.

For public safety agencies requiring a range of Ku-band satellite solutions, Ottawa-based C-COM Satellite Systems Inc. developed the iNetVu, a self-aligning mobile two-way high-speed Internet over satellite antenna system. Agencies such as the Toronto Fire Marshal’s Office, Minnesota State Patrol and the Gloucestershire Fire and Rescue Incident Command unit in Quedgley, Gloucestershire, UK, have deployed this system.

"As agencies become familiar with the advantages of accessing multiple IP-based services, including voice on scene, they need a solution that will find the satellite fast on the first try," says President and CEO of C-COM Leslie Klein. "We emphasize a robust solution that is completely actuator driven with no gears or externally mounted electronics."

Avoiding Internet Invasions

Talking about IP requires at least some coverage of the numerous unpleasant scenarios that can arise involving IP traffic in general. For example, did a computer worm or virus create any headaches for you recently? And did one play a role in the August 14, 2003, blackout that severely impacted the United States and Canada?

Mentat Inc. is one company that takes the growing emphasis on network integrity and reliability in stride. According to Mentat President Kay Guyer, there is a substantial increase in port scans. These are probes that run through the TCP and UDP port numbers used to differentiate applications, and scan for vulnerabilities in machines and firewalls.

"Thanks to readily-available automated scripts which are able to scan quickly through large numbers of port numbers, malicious hackers can hunt for potential vulnerabilities on a particular machine or across a protected network," says Guyer. "Certain viruses operate in a similar manner, scanning the Internet for unprotected machines. Port scans can generate enormous numbers of TCP connections, swamping the resources of the end hosts and intermediate networking devices as well as wasting significant bandwidth."

Guyer points to one recent example, the infamous Blaster Worm that disrupted networks. Via TCP port 135, it took over machines and ran its own code. Once infected, the code began searching the network for other machines with the same vulnerability in TCP port 135.

"Recent monitoring of traffic on customer links showed extremely large numbers of TCP connections, far above typical rates for the link bandwidth. Closer analysis of the traffic showed that approximately 90 percent of the connections were generated by just a few machines infected by the Blaster worm," says Guyer.

To counteract this growing menace to its satellite-based ISP customers in particular, Mentat added a new feature into its SkyX Gateway, which can now be configured to suppress the number of connections per second that any client can establish across the satellite link to prevent port scans. It can also suppress connections on any set of port numbers to protect against Blaster-style viruses. These connections can either be passed through without performance enhancement or discarded entirely, according to Guyer.

"These are secondary features of the product. We are not trying to build a firewall or virus scanning system, but there are significant benefits in network stability and bandwidth conservation from using the SkyX Gateway," Guyer says.

Broadband Data Networking

Achieving the look and feel of a terrestrial or wired network for high performance IP packet delivery over satellite can be very challenging. With the Tachyon Total Access Point System from Tachyon Inc., for example, a combination of advanced signal processing, the implementation of protocols such as Tachyon Satellite Protocol (TSP) and QoS infrastructure has paid off.

"Our emphasis is on data networking and satellite technology," says Jeremy Guralnick, chief scientist at Tachyon. "We are continuously improving our products and looking at more advanced waveforms to advance our bits per hertz speeds in order to offer more bandwidth for our customers. Tachyon designed its own modems, for example, because there was not a COTS product available that was able to deliver network performance for IP-based solutions."

Tachyon plans to leverage more advanced wave forms that may or may not include 8PSK or 16 QAM, according to Guralnick, and it is developing an end-to-end video service with a DSNG trial already underway. It provides the U.S. Forest Service with remote Web portal access for a rapid filing of fire status reports in the field, and the U.S. Naval Criminal Investigative Service (NCIS) for remote IP-based video surveillance. In addition, it attracted a diverse mix of private sector customers like Mitsui in Europe–now a Tachyon reseller–and Hendrick Motor Sports that are able to deliver secure IPSec traffic with clear channel performance.

"Tachyon’s standards-based broadband network allows enterprises to dictate the security features that they would like to employ on their network. Meanwhile, the advantage of using Tachyon’s integrated, IP-based, single vendor service offering is that data transmission speeds are not affected by encryption applications, which is a major issue with satellite or DVB-based encryption," says Guralnick.

Bypassing The Public Internet

Seeking a VoIP, remote IP videoconferencing and limited broadband solution at 144 kbs that bypasses the public Internet altogether? Along with the GPRS-based packet data network offered via the multiple spotbeams on the Thuraya satellite, Telenor Satellite Services (TSS) now has dedicated leased line service. This service runs from the Inmarsat satellite access station in Italy to its Regional Broadband Global Area Network (Regional BGAN) POP in Norway for its customers in Europe, North and Central Africa, the Middle East and the Indian region.

VoIP systems that can be run on the Regional BGAN platform via a laptop microphone include the chat functions available through Yahoo Messenger and Net2Phone. Web cams can be activated for these sessions as well, and TSS has tested the mm145 Motion Media IP Video phone, and the IP videoconferencing solution developed by Divysy in Russia, for example.

"We are offering a portable and lightweight solution–the Regional BGAN Mobile Satellite Modem is smaller than any laptop–for anyone who must operate in areas of the world where telecom infrastructure is thin or absent altogether," says Jeff Irwin, regional BGAN product manager at TSS in Rockville, MD. "The dedicated private network option, along with the optional bandwidth savings which stem from tying into our Citrix server platform, and access to our pool of static Internet addresses ensure maximum security and performance for our customers."

This combination of Telenor’s technology with Citrix provides secure, high-speed connectivity at any time, regardless of the local infrastructure. The users also have the benefit of the Citrix solution, which is designed to reduce costs due to reducing the amount of data that is transferred or sent back and forth.

"We believe that the Regional BGAN technology provides the mobile, remote connectivity Citrix users require when looking to extend corporate LANs and WANs. According to Citrix, of its some 50 million users, close to 50 percent of them require some sort of remote access capabilities," adds Irwin. "Regional BGAN, and the next generation of this technology, BGAN slated for service in 2005, fill this need."

Another recent addition is Telenor E-Mail Advanced. This is a full duplex feature that includes automatic mailbag compression and a crash recovery program capable of restoring a full duplex link if necessary, thus yielding a substantial savings when it comes to e-mail traffic. Incoming e-mail also is automatically scanned for viruses by Telenor’s E-Mail Advanced Hub. This service is available to all Telenor Inmarsat A, B, M, Mini-M, Fleet and GAN customers on sea or land.

Evaluating A Cots Router In Leo

In late September, the simultaneous launch of three new small satellites designed and built by U.K.-based Surrey Satellite Technology Ltd. (SSTL) for the Disaster Monitoring Constellation (DMC) made news for a number of reasons. They include Bilsat for Tubitak-ODTU Bilten in Turkey, Nigeriasat 1 for the National Space Research and Development Agency of Nigeria and the British UK-DMC satellite. For Cisco Systems Global Defense and Space Group, the launch of UK-DMC was an opportunity to integrate the first off-the-shelf router in a satellite. Among other things, a few modifications were made to the router’s soldering and capacitors so it could operate in the vacuum of space, and a large heat sink was added.

"Routers have been in space, but all the routers to date have been custom built. We paid SSTL to undertake a four-month integration of our mobile access router running standards-based IP via Cisco IOS software," says Rick Sanford, director, Global Space Initiatives, Cisco Systems. "There are no standards-based IP networks-based in space. So before the IEEE or IETF can ratify anything, we need to get more data. We just want to ring out the viability of flying commercial hardware and also look at the software dimension."

Via a secure virtual tunnel to the virtual mission operations center at SSTL, Cisco Systems say they intend to test such things as warm and cold boots and the router’s overall performance as the UK-DMC satellite makes its six to eight passes per day around the Earth. Conducting software upgrades in space is also part of the exercise. The intent here is to further the cause of extending processing onboard to encompass what is known as slot cloud networking, which pertains to dedicated, mutually supporting and networked clusters of GEO as well as LEO satellites.

"Besides examining whether protocols like TCP and RTP are right for the job at hand, we are watching to see how MPLS performs in low-earth orbit. Is this an opportunity to adopt a portion of it or leverage it? Will the payload even work?" Sanford says. "This is one of the first true instances of macro-level convergence. You could call it Teledesic on the cheap. We want to take a close look at the what it will take to go well beyond onboard processing and build the virtual satellite by extending the buses of multiple satellites to create a virtual bus or slot cloud network."

It is hard to imagine that all the diverse elements that make up the world of IP over satellite are coming together so quickly. Broadcasters with their eyes on the HDTV prize, and the U.S. military, which estimates that it will spend billions throughout the next few years on satellite communications, are just two sectors eager to see what unfolds. While VoIP alone is still in its relative infancy and the role of space-based IP networking is not much beyond the definitional phase, the IP over satellite realm, with all of its necessary seamless connections to terrestrial infrastructures, is gaining business momentum.

Peter J. Brown is Via Satellite’s Senior Multimedia & Homeland Security Editor.