Home >> May 2009 Edition >> COMM-OPS - Network Management for MilSat VSAT Technology
COMM-OPS - Network Management for MilSat VSAT Technology
by Guy Adams, CTO, Parallel Ltd.

This article discusses the key issues of monitoring and the management of Very Small Aperture Terminals (VSAT) networks and whether a network is either military or commercial, exactly the same issues apply with the exception of a greater emphasis on security for a military application. All forms of satellite communications (SATCOM) are covered, but for convenience, the term VSAT will be used throughout to equate to SATCOM.

Military or civilian applications using VSAT are overwhelmingly the most prevalent mechanism for two-way data satellite communications. This is the case for point to point SCPC links, TDM/TDMA or other multiplexed type of data communication systems. The satellites these networks operate over that provide the space segment capacity may be provided either via military or commercial satellites. The issues discussed here relate to VSAT operations over dedicated military or commercial geostationary satellites, which dominate military communication networks. However, it should be noted that many aspects of network management discussed in this paper also apply to polar or inclined orbit satellites.

Plusses
The advantages of two-way VSAT communications are widely accepted and understood. VSAT networks face different challenges whichever operational frequency band is used, whether it be Ku-, C-, Ka- or X-bands. For network management, the choice of frequency is not an issue. However, customer and operations department management requirements for VSAT networks have been increasing rapidly, to an extent propelled by developments in terrestrial network management. Additionally for satellite networks, the requirements for higher bandwidths combined with increased commercial space segment scarcity and therefore cost, have driven VSAT manufacturers to develop and implement more and more sophisticated systems to squeeze every bit per hertz from satellite capacity.

These changes benefit the military market even though capacity availability on military satellites is not such an issue. These increasing requirements have created some of the most complicated management issues in any networking technology. This is compounded by the generally poor acceptance by most VSAT vendors of the need to provide adequate network management.

Generally, but understandably, VSAT vendors concentrate on the VSAT satellite element of their networks that includes the central satellite NOC systems and remote sites, but ignores the remainder of the network elements that comprise a total operational VSAT network. For military applications in particular, this is insufficient. What was evident from the outset was that a Commercial Off-The-Shelf (COTS) Network Management System (NMS) for a hybrid VSAT network was not available.

VSAT Technology
VSAT technology has been in use for more than 20 years for a wide variety of applications for military deployed systems for troops on the ground together with ship-board and land based mobile communications networks as well as for commercial, rural telecoms, distance learning, disaster recovery, to name but a few. When deploying a VSAT network, there are a number of unique characteristics to be considered, particularly with reference to the provision of network monitoring and management.

Network Management
Historically, network monitoring and management are not generally considered during a VSAT network design phase. Designers concentrate on providing the customer with a network configuration that meets the criteria for end to end connectivity. As contentious as this may be, it is rare that network design engineers consider the operations department and how they will monitor the network to meet the contracted service level agreement (SLA) figures and how they will provide the required customer network statistics reports. Designers generally assume network operations will simply add a new network to their portfolio to look after, but not consider whether their systems can achieve what is required to satisfy these customers. Customers will undoubtedly have requirements based on SLA’s and may require significant numbers of reports about network performance including for example, per virtual circuit availability, monthly network availability, quarterly rolling average availability and a host more technical information about satellite link performance.

In addition, the support for remote sites and the availability reports for terminals are also crucial in providing the highest possible network availability. VSAT manufacturer proprietary NMS’s are unlikely to provide the capability to satisfy all these requirements. Network management must accommodate the VSAT infrastructure as well as the other significant elements of the implementation that, together, forms the communications network.

Network management is the process of monitoring and controlling a network to increase efficiency and productivity. This is achieved by gathering, processing, and interpreting data about a network and then performing fault-finding and IT planning on the basis of that information. It also covers change control, security, access and management of all other aspects of network usage. Demand on network performance has never been greater. Network management ensures that high availability and fast network speeds are being met, or can alert staff to developing issues before they affect the network. The cost of having ineffective network management can spell disaster for an organisation. Prolonged or frequent network downtime can result in serious operational and logistical issues particularly for a military operation. For commercial organizations outages can result in a loss of reputation, productivity, revenue and a consequent decrease in financial performance.

Added Complications
There are literally hundreds of NMS designed for terrestrial networks. These tools are designed to work on LANS and terrestrial WANS, typically characterized by:
  • Low latency. Response times that are less than 100ms
  • Symmetric bandwidth. Upstream bandwidth is the same as downstream bandwidth. There are a few notable exceptions to this such as ADSL
  • Discrete failures. A link is generally working or not working; there are generally no partial failures (congestion is user generated and is therefore not a failure of the link)
  • Accessible equipment. Network equipment is generally easy to access
  • Management Traffic. Network management traffic can be carried either on the network it is monitoring or on a separate network

These tools will not be referred to as ‘terrestrial’ network management tools and their vendors will boast support for any IP network, which in principal is true. If all that is needed are simple on/off status shown by red/green icons and a couple of pre-generated graphs, these proprietary tools may be adequate. However, they are not adequate to satisfy ever more demanding VSAT network users.

Network Management + VSAT Technology
VSAT network management is in the middle of three opposing forces:

1. Rapidly increasing customer demand for online, real time and historical reporting with huge levels of detail, SLA Reporting, QoS Monitoring and many other complex requirements

2. Increasing sophistication and complexity within the VSAT technologies that make even simple monitoring difficult

3. VSAT technologies which are still primarily designed to be standalone and managed only using vendor proprietary tools. This is changing with some manufactures now actively supporting upstream integration and access by other management systems


This presents a ‘perfect storm’ scenario: customers are demanding more, the technology advancement is making it harder just to stand still, and VSAT manufacturer support in many cases is limited.

Increasing Customer Requirements
As much as ten years ago, most network owners were happy to be told whether their circuit was up or down and relied totally on the network service provider to ensure their network was operated effectively and efficiently. Five years ago, with more technical expertise in their organizations, customers now like to know total traffic volumes, latency, and perhaps even EbNo/SNR at the remote sites and at the central hub site. Two years ago, the range of metrics they wanted a report on had expanded greatly and incorporated packet loss, jitter, and started to breakdown traffic into more detailed component parts. Customer Operations Management teams were no longer satisfied with one set of reports for the VSAT part and another set for their terrestrial elements. What was needed was full end to end monitoring. Today, the trend is for clients to have the level of reporting they required on a per circuit basis, but to have this replicated down to Virtual Circuits or Service Classes.

Increasing Technology Sophistication
The nature of VSAT communications necessarily implies a certain amount of technical sophistication. To get a packet through a shared frequency band from one point on the Earth to another via a satellite and back again requires some complexity and is also driven for the need for higher performance, lower latency, and substantially increased bandwidth efficiency.

Automatic power control, advanced acceleration and compression, dynamic QoS and CIR changes plus Adaptive Coding and Modulation are well known examples of these developments. Each one brings with it greater management complexity. This complexity extends far beyond being able to simply measure and store additional data series. Many of these techniques fundamentally change the nominal values of several other metrics. What may be perfectly healthy circuit/network performance one second may be very poor the next. Keeping track of tens or hundreds of metrics and how they compare to nominal ranges which are constantly changing as would be expected over a satellite system is a nearly unique challenge to SATCOM and one totally beyond any terrestrial management system.

The great challenge with VSAT technologies is the lack of a friendly and efficient management interface as well as a lack of management standards. Many organizations believe that by adding a standard management stack, such as SNMP (Simple Network Management Protocol), their management responsibilities have been met. It is widely accepted that as SNMP has been a de facto standard for management of terrestrial networks and components, it is a perfect solution for all networks. With the very high cost of satellite bandwidth, this is rarely the case for satellite networks. As an example, to get data that can only be obtained from the remote device (e.g., transmit and receive traffic, temperature, buffer fill levels, and so on) could occupy significant bandwidth. In a typical management scenario there could be 15 of these metrics to collect every 60 seconds. Each of these would likely be a 4 byte counter. However, under SNMP, typical packets sizes are around 70 bytes, requiring 70*15=1050bytes per minute (140 bps) both upstream and downstream per circuit.

This is as compared to a theoretical minimum limit of 8bps, or even lower if only changes are transmitted. An additional 130bps per circuit may not seem like a lot but on large networks this can very quickly become significant (126kbps on a 1000 circuit network).

The second problematic situation is where a useable system exists but is not standards based in terms of network management. This usually means an efficient and comprehensive integration is possible but requires complex and customized integration into a management system. In practice, these systems are usually possible to integrate into ‘standard’ network management systems as they generally only support standards based integration.

The final situation is that neither option is available — neither a useable nor a standards based management interface. Fortunately, on modern VSAT systems this is rare, although it still exists. There are many legacy systems in use and it may be many years before these are retired. For the military in particular, the issue of legacy equipment and non-standards based systems makes the ability to integrate even more important.

Another issue worthy of note is with the increased sophistication of many VSAT systems and the ability to provide more extensive centralized fault finding of remote terminals, with the intent of improving link SLA’s and reducing the cost, delays, and downtime associated with engineer visits to site. Additionally, remote control of sites can also be achieved to reduce the requirement for skilled VSAT engineers to be deployed to install and/or maintain these VSAT remote sites.

A Viable Solution
Parallel Ltd. has many years of experience in designing and developing a comprehensive suite of software features and has overcome the aforementioned problems —SatManage™. The diagram below demonstrates the diversity of inputs that SatManage can accept.

SatManage is designed around this modular framework and the main reasons for this are:
  • The Modular architecture allows an implementation to exactly fit the existing customer NOC infrastructure ensuring no wastage in unwanted investment
  • The solution is scalable - it can be installed onto one or spread across many computer systems depending upon the network sizing, user base, performance and redundancy requirements
  • Because Parallel publish all the application APIs, it means that customers or third parties can make modifications to existing code and can build their own modules. This means that customers are not tied to Parallel for ongoing development
  • Custom modules can be more easily created and plugged into the architecture enabling easier integration with other equipment and applications


All this information and functionality from SatManage is web based, in real time, plus it has the ability to go back months or years for historical reporting and can be made available from anywhere in the world. This provides the ability for Management and/or Operations to be notified proactively via, say, a smart phone regarding anything affecting service, not just outages, but also congestion, VoIP chop, overheating equipment and more.

For a military application, security is vitally important. The SatManage system connected over the Internet is secure as it runs over https and restricted access is provided by user authentication. SatManage runs a hardened Operating System based on CentOS 5.2 (a binary compatible release of Red Hat Enterprise Linux 5.2). All extraneous and unrequired services are stopped. All inter-system communication is locked down to the specific SatManage IP addresses. Generally, the only port visible to the outside world is port 443 on the SatManage front end server, which is the SSL port of the web server. U.S. NSA standards can be implemented, which further hardens the operating system and provides additional privilege separation.

At the remote terminal, it is also possible to implement a solution that separates Red/Black traffic to further enhance overall security. SatManage provides a wide variety of software features that will provide all the information and reports that are generally required. These features have been developed by Parallel over the last 10 years, based on their varied customer base. The basic SatManage modules that are available, but not limited to, are summarized as follows...
  • Dashboard
  • Network Correlator
  • Circuit Manager
  • Signal Analyser
  • Reporter
  • Documentation Portal
  • Remote Application Connectivity
  • Mobile Tracker

An important feature of SatManage is the application’s capability to be used remotely via a web interface. Also, by virtue of the API interface, customers can develop and integrate their own applications into SatManage.


These issues are VSAT specific — however, realize there are very few pure VSAT networks. Most WAN networks are hybrids using a wide range of technologies including ATM, Frame Relay, ISDN, VPN, MPLS, Ethernet, as well as standard networking equipment such as routers, switches, hubs, firewalls, and servers.

Net Know How
As has been discussed above, end to end management of a network, whether it is a military or a commercial network, is a critical requirement. The ability to intelligently manage the VSAT component, while cleanly integrating with management systems for other components and providing full end-to-end class based monitoring, is the ultimate challenge. This can also provide great opportunities for improving efficiency by time saving through increased automation which in turn improves customer satisfaction.

Although SatManage can now be categorized as a COTS system, by the nature of diverse VSAT network implementations that range from a single central hub with a few associated remote terminals to multiple central VSAT NOC’s, multiple terrestrial networks connecting them and widely dispersed remote terminals, a bespoke SatManage NMS configuration is normal. With the SatManage suite of software modules, system tailoring is now considerably easier. Originally, VSAT operations teams with their proprietary NMS’s were capable of providing only reactive network management. Today, with Parallels SatManage system, pro-active network management is possible. Parallel’s SatManage system has proven it can accommodate all these variables, making it a unique product in today’s market for VSAT systems network management. Details of SatManage can be found on the web site www.satmanage.com



About the author
Guy Adams is the Chief Technical Officer at Parallel Ltd. In 2004, he was named the UK’s Network Professional of the Year. He has overseen the development of a satellite network management system now used in many of the world’s largest and most prestigious organizations. His software’s groundbreaking data correlation, visual displays and trouble ticketing automation now form the basis of SatManage, a comprehensive satellite network management suite. This system also won the prestigious British Computer Society Technology Award in 2005. An experienced speaker, Guy regularly addresses university students in the UK and key industry events globally, as well as writing many technical white papers and magazine articles.