THE CONNECTED BUS
TABLE OF CONTENTS About Cradlepoint
Why network my bus?
The benefits of cloud-based management
ECM: Cloud-delivered network solutions for easy deployment, management and monitoring
4G LTE enhances the VIA rider experience
By Estee Woods
By Estee Woods
By Kent Woodruff
By David Rush
BUSRIDE | CRADLEPOINT
About Cradlepoint Cradlepoint is the leading provider of secure cloud-managed 3G/4G/LTE networking solutions for the Distributed Enterprise with hundreds or thousands of locations. Cradlepoint solutions provide the strongest mobile broadband performance while delivering proven network system interoperability. Cradlepointâ€™s broad family of high-performance routers are designed for deployment in mission-critical applications that require 24x7 connectivity. With both integrated wireless WAN and non-integrated versions, the solutions are ideal for distributed operations and emerging industries that require either remote connectivity or multiWAN redundancy. Cradlepointâ€™s powerful Enterprise Cloud Manager enables enterprise network administrators to easily monitor, manage, and maintain all endpoints in their distributed system running on different networks from a single location. Founded in 2006, Cradlepoint has shipped over a million devices and offers products certified and promoted by major worldwide carriers. Cradlepoint is a privately held company with headquarters in Boise, Idaho. Visit Cradlepoint online at www.cradlepoint.com
busride.com | BUSRIDE
THE CONNECTED BUS
Why network my bus? By Estee Woods
Why network your fleet? With customer-facing networks, like those on bus fleets or other vehicles, downtime is definitely not an option. Quickness, efficiency and ease-of-use on the network are imperative for operators, network administrators and riders. In an interview with David Murray, director of product marketing at Cradlepoint, he answers frequently asked questions that will illuminate the reasons why all buses should be online and managed in the “cloud” in 2015. Why is in-vehicle networking becoming more imperative for transportation companies? There are many reasons why a “connected bus” is imperative in today’s transportation landscape – an agency/operator might need to enable wireless surveillance, to allow Point-of-Sale credit card transactions, to broadcast messages across digital signage, to enable mobile devices for operations, and Wi-Fi to meet passenger expectations.
Netflix, reading or browsing online are easier than ever with the influx of handheld networking devices like tablets and smartphones. It’s important to cater the trip to the riders’ wants and needs from a competitive standpoint. Riders are leveraging the Internet more and more to get their work done, and likewise are using mobile devices for personal browsing. Serving both of these needs enhances the passenger experience and can increase ridership.
What are the management advantages for agencies or operators in networking vehicles? There are suites of cloud-based applications that drivers and operators might use to manage time sheets, maintenance and repair scheduling, and other business-critical functions. Without the connectivity to access these applications in the cloud, agencies lose the ability to operate efficiently. Ultimately it creates a negative customer experience and affects the bottom line. The remote management of in-vehicle networks through the cloud is critical to reducing network downtime while managing bandwidth and data usage costs between different users on a bus. Additionally, processing credit cards is another business-critical function. If an operation can’t automatically run credit cards, and has to store card information for later use, the credit card companies will bill that operation. Margins are lost and it creates a greater risk of nonPCI compliance. From an IT standpoint, 4G networking and cloud management is a major benefit. If a network goes down, it won’t be drivers who fix it. With cloud-based management, a network administrator can log in wherever he/she has Internet access, remotely reboot the network, troubleshoot the problem, and salvage the customer experience in real-time.
What are the risks associated with networking my fleet? From the perspective of security, a critical consideration when providing Wi-Fi for riders is Internet-based security and content filtering – not allowing riders to access malicious or inappropriate content on the operator’s network. The majority of network threats that arise in bus infrastructures are malware – web-based attacks and threats that occur when riders visit websites that they may not think are harmful. It’s critical that operators stay abreast of current security protocols and antivirus solutions. This series will continue in August, as we further explore the benefits of cloud management in transportation. David Murray serves as director of product marketing for Cradlepoint, Inc., Boise, ID. Cradlepoint is the global leader in 4G LTE networking solutions that power transportation fleets—joining data, cloud, security and the evolving IoT with intelligent networking. Visit them online at www.cradlepoint.com.
Networking a fleet provides many inherent advantages.
What are some advantages that passengers might see after implementation? This depends on where the buses are and what they’re doing. King County Metropolitan Transit in Washington State is centered in the major technology hub of greater Seattle, so it has a very techoriented ridership. The ridership needs network connectivity as they commute to and from work. There are also riders who simply want to kill time. Their objective is to get from point A to point B faster, and time-passing activities like watching 4
BUSRIDE | CRADLEPOINT
THE CONNECTED BUS
The benefits of cloud-based management By Estee Woods As riders become more “wired,” transit agencies are modifying their services to be more in line with modern technology. Cloud-based management frees up agency resources in this regard, enabling agencies to reduce their in-house responsibilities and provide faster, better service for riders. King County, WA, has become one of America’s major technology hubs. Large companies such as Microsoft, Amazon, and Google have major offices there, and hundreds of smaller technology companies have started up in the greater Seattle area. Customer WiFi Access With so many hi-tech employees using public transportation, King County decided it could serve its ridership better by providing Wi-Fi access on its RapidRide commuter bus lines. After an extensive search and in-depth testing, the County’s Metro Transit Division’s System Development & Operations Group implemented Cradlepoint LTE networking solutions in its fleet of high-end commuter buses. The county’s Vehicle Maintenance Section installed the devices in 113 buses, and then implemented Cradlepoint Enterprise Cloud Manager so the team could monitor and manage all the devices from one central location. The county’s transit department and its riders soon saw the benefits associated with cloud-based management across the network. Greg Debo, former IT project manager at King County Metro Transit, and Tony Puopolo, vice president of product management at Cradlepoint, offer best practices and answer frequently asked questions about the intricacies and benefits of cloud-based management for public transit. What are some of the top-level management advantages realized by agencies using cloud-based networking? As a government entity answerable to taxpayers, transit agencies are continually trying to find ways to do more with less. System administrators have to oversee entire mobile networks with a limited number of staff. There are significant IT cost savings associated with cloud-based management. An agency can have a central administrator who’s trained on the system in a short period of time, because it’s all GUI-based as opposed to traditional management interfaces. That means simpler training and reduced costs associated with networked devices. Cloud-based management enables administrators to be proactive, to see problems as they develop, and to implement solutions that keep networked devices up and running. Error-free rollbacks are another advantage to Cradlepoint’s cloudbased management. If an administrator accidentally types in the wrong APN or misconfigures something, devices out in the field can roll back to their connected state without interrupting service. Those kinds of protections are available in advanced cloud-based systems like the one
GPS / Vehicle Tracking
from Cradlepoint, allowing for less user error and less downtime than in older systems. What’s involved with updating devices on the network? Cloud networks allow for remote, group-based updates in minutes, not hours. System administrators can roll out an update to the entire fleet remotely, without sending anyone into the field. This is called zero-touch configuration. Without the cloud, that same update requires bringing in every vehicle, one by one. Content filtering, anti-virus and anti-malware software – all can be modified, updated and implemented instantly. Furthermore, it’s less of a bandwidth hit because everything resides on the cloud. What benefits are there for the riders of agencies using cloud-based networking? Aside from the stated benefit of less service interruptions, the flexibility associated with cloud-based networking also boosts customer satisfaction. If, for example, riders are complaining about low bandwidth on a route that offers Wi-Fi, system administrators can instantly respond to those complaints and make appropriate network changes, such as changing the wireless service provider. Remote, realtime control is good for administrators and for riders. Greg Debo is the former IT project manager for King County Metro Transit in Seattle, WA. Tony Puopolo serves as vice president of product management for Cradlepoint, Inc. in Boise, Idaho. Cradlepoint is the global leader in 4G LTE networking solutions that power transportation fleets — joining data, cloud, security, and the evolving IoT with intelligent networking. Visit them online at www.cradlepoint.com.
busride.com | BUSRIDE
THE CONNECTED BUS
ECM: Cloud-delivered network solutions for easy deployment, management and monitoring Deploying and managing in-vehicle networks with a primary 3G or 4G connection can be daunting for transit operators who don’t see themselves as “tech savvy.” In reality, connecting and monitoring these networks is easier than ever with web-based, user-friendly tools and software from solutions providers such as Cradlepoint. The company’s Enterprise Cloud Manager (ECM) network management and application platform not only improves productivity, it helps to reduce costs and enhance the intelligence of transit network and business operations that rely on cellular WAN connectivity. The deployment and management process hinges on a few factors: EASE OF USE The ECM platform is designed for simple deployment, and that simplicity starts with the cloud. Because Cradlepoint’s Software as a Service (SaaS) lives in the cloud, operators can have it up and running within minutes. Registering routers on the network is an equally easy process. Cradlepoint ECM allows operators to register routers one by one as needed, or in groups. It is merely a matter of entering the appropriate credentials and linking routers to the agency network. Router registration can be handled through Cradlepoint with what the company calls “zero-touch” deployment. “We’ve made the deployment process for routers very simple,” says Mike Hagman, Cradlepoint senior product manager, SaaS. “Once the first router is registered, users can manage everything in a group. Using the software, it takes one click to place a router in a group, after which it will assume all of the configurations of that group. In this way, agencies get consistency across the network with mass deployment of routing platforms. The Cradlepoint platform is purpose-built to manage entire fleets.” REAL-TIME MONITORING In-vehicle routers can connect to ECM any time there is a network connection. The devices do not require static IP addresses and can be provided through any carrier. “Once a router is online, it establishes a secure tunnel to ECM,” Hagman says. “The connection is open in real-time so that we can manage the devices instantly.” That’s unlike other software in the industry, which often has a polling mechanism that will check in with cellular routers every 10-15 minutes. MANAGEMENT BENEFITS ECM is a comprehensive platform allowing administrators to monitor an agency’s entire network, or even just the performance of 6
BUSRIDE | CRADLEPOINT
Cradlepoint’s Enterprise Cloud Manager allows for real-time monitoring and updates.
individual router connections. This allows operators to monitor, among other areas: (1) signal strength and data usage in real-time in individual vehicles; (2) content filters on guest Wi-Fi; and (3) all security events. “All of these functions use alerts for monitoring, either through email or API,” Hagman says. “If a company has existing infrastructure to monitor its network, or if it is using tools from other providers, ECM can integrate Cradlepoint’s alerts into those systems so that administrators can see it on a high level along with all other alerts. When the agency needs additional information, administrators can use ECM to drill down into the specifics and troubleshoot issues.” TROUBLESHOOTING Cradlepoint ECM troubleshooting capabilities allow administrators to connect directly to the router in real-time, even as the bus is rolling. Agencies are able to trace network routes, connect to the router console or even connect directly to the router GUI. “The router is always connected to ECM and always hooked up to our security products,” Hagman says. “Administrators are always able to monitor and troubleshoot the system from a centralized location.” UPGRADES AND SECURITY Firmware upgrades can be pushed out to the fleet remotely, with the click of a button. This is especially advantageous when a security issue is identified. Without remote updates, the agency would have to physically connect to each router on each vehicle, by touch or by proximity Wi-Fi. “ECM is the total package,” Hagman says. “It’s real-time monitoring, simple configuration, easy troubleshooting, and upgraded security through the cloud for 4G in-vehicle networks.” Cradlepoint is the global leader in 4G LTE networking solutions that power transportation fleets — joining data, cloud, security, and the evolving IoT with intelligent networking. Visit them online at www.cradlepoint.com.
THE CONNECTED BUS
Network security By Kent Woodruff
Wi-Fi for riders is becoming more prevalent in transit agencies across America. From a transportation perspective, it’s important that agencies and users can connect to the Internet with confidence. Attack vectors Cradlepoint customers in the transportation field primarily utilize our device for wireless access on the bus. That includes customer WiFi as well as other systems that might need connectivity, like fare systems, in-vehicle surveillance and vehicle telematics. It helps to protect the points where “bad guys” are most likely to target. While it’s possible to target credit card information on customers’ mobile devices, that method isn’t preferred. Unlike the Target data breach, where thousands of credit card numbers were stolen at once, hackers targeting riders’ financial information would have to steal on a user-by-user, device-bydevice basis. Unless it’s easy to get on a bus and instantly grab numerous credit cards, it’s not going to be a very sought after attack vector. At this point in time, the most likely threat is to the Wi-Fi users on an agency’s network. That’s Zscaler Internet Security features an intuitive dashboard, with instant insights into malicious activity and because the end-point is the easiest place to Internet browsing trends. attack. If a hacker utilizes techniques that make Combined with Cradlepoint cloud-managed networking solutions, it easier for the end user to attach to the hacker’s phone as opposed to Zscaler Internet Security enables enterprises to embrace cloud the bus’s Wi-Fi, then he/she can send them to the wrong website or applications and mobility, while delivering a superior user experience. even attack their device directly. It becomes the most vulnerable part Configured in minutes, Zscaler Internet Security leverages the threat of the system – and usually the least secure. intelligence harnessed from the Zscaler cloud. Cradlepoint takes Most agencies that want to provide Wi-Fi access for their customers advantage of the Zscaler Secure Web Gateway to provide security to are interested primarily in content filtering. This mainly protects agencies and also the end users on the local area network (LAN) side. against riders exposing pornographic or otherwise objectionable material on the bus. Zscaler features Content filtering is a given, but we tend not to hear about the fact • URL filtering – filtering against 90 categories, 30 super categories, that someone can get Wi-Fi access and then bring down malware and six classes from the cloud. It’s not specific to transit agencies, but none of the • Cloud application control – the ability to create global policies for open Wi-Fi providers seem to be too concerned about whether or not webmail, streaming media, social and IM someone hacks their customers. That’s because it’s fairly hard to tell • Safe search – the ability to enforce Google safe search policy via which sites the malware is coming from. central Zscaler console If you can do it in a reasonably affordable way, you should not only • Intuitive dashboard – instant insights into malicious activity and provide content filtering but also protect the users as best as you can internet browsing trends – from phishing, malware and other online threats. The Internet is not Our goal is to make security easy for agencies and to make it rightthe safest place in the world. Your ability to protect your customers’ sized for the environment, especially for a highly distributed enterprise devices would also be something to tout to the riders. in the case of transportation. Security is the solution Cradlepoint has a few solutions to this security issue. We provide the core content filtering through a couple of partnerships, primarily through Zscaler Internet Security. Zscaler provides CIPA-compliant content filtering but also provides very simple (from an installation and deployment perspective) filtering of known malware and known malicious websites.
Kent Woodruff is the chief security officer at Cradlepoint. Prior to Cradlepoint he was chief security analyst for Motorola AirDefense and has held many senior positions with notable security companies. Cradlepoint is the global leader in 4G LTE networking solutions that power transportation fleets — joining data, cloud, security, and the evolving IoT with intelligent networking. Visit them online at www.cradlepoint.com.
busride.com | BUSRIDE
THE CONNECTED BUS
4G LTE enhances the VIA rider experience By David Rush
VIA Metropolitan Transit in San Antonio recently upgraded the 3G wireless service provided on a portion of the agency’s fleet, replacing the service with 4G LTE Wi-Fi on all buses, paratransit vans and facilities. Cradlepoint played a key role in providing VIA with a costeffective option that offers more reliable service with the ability to update units remotely. VIA has been the public easy to follow, helping the transportation provider for the agency install 769 platforms Greater San Antonio Region since in approximately 30 days. 1978. VIA operates seven days Instead of taking several a week on 90 routes, providing months of turnover time for approximately 134,000 passenger installation, VIA was able trips each day and serving 7,225 install the platform and bus stops, seven park & rides, return the bus to service in six transit centers, and 12 major a matter of hours. The ease transfer points. of installation allowed VIA “We utilized Cradlepoint to simplify deployments routers with our initial 3G and significantly reduce Wi-Fi program that were turn-up time. installed on a small fleet of “The first order of approximately 45 buses and business was to set up 10 park and ride locations,” the modems with Verizon says Lorraine Pulido, Wireless SIMs that would communications manager / be activated for use with public information officer for Cradlepoint,” Pulido says. VIA. “When the decision was “With ECM, the templates made to upgrade to 4G LTE and were created for each Cradlepoint played a key role in providing VIA with a cost-effective option for fleetequip the entire fleet of buses, wide Wi-Fi. group required and the vans, park & ride locations and Cradlepoint routers were our Primo In-Line stations, a determination was made to continue installed onboard the bus and van fleet by the maintenance personnel. with Cradlepoint based on past experience.” The fixed locations were installed by IT staff.” “Working with Cradlepoint, VIA was able to install more than 700 The cloud-delivered capabilities from Cradlepoint help VIA in routers in 30 days. The VIA IT staff tested the IBR1100LPE and found two main ways. First, they centralize monitoring and configuration it to be an excellent fit for the onboard installations, especially when activities across the network, making management much simpler. used with the Enterprise Cloud Management (ECM) application. Second, they provide VIA with a means to deploy analytics to visualize “After the installations, Cradlepoint provided the resources what kinds of devices are connected to the network, as well as track needed to merely flip a switch and offer free, 4G LTE based Wi-Fi to which destinations are the most heavily visited areas. all of our riders instantly,” says Larry Mixon, acting vice president of Cradlepoint also provides VIA the opportunity to leverage cloudinformation technology for VIA. delivered in-vehicle connectivity for more in the future. The dual mode The 4G enabled Cradlepoint routers provide 10 times the router provides VIA with additional functionality that may be used for bandwidth as 3G and support dual-band concurrent Wi-Fi with the other technology-based applications other than onboard Wi-Fi. latest technologies. VIA is currently seeing 14,000 users on the Wi-Fi system during peak Using Cradlepoint’s unique technology and expertise for in-vehicle time on weekdays. Some park & ride locations are seeing usage of 5GB solutions, VIA was able to upgrade to 4G LTE Wi-Fi service on every of data per day. bus and van, and passenger facility. Cradlepoint’s solution provided “To date, the majority of our riders have had a positive experience VIA with the ability to quickly and easily manage and configure the while using the Wi-Fi onboard our fleet and the fixed locations,” network all at once, resulting in a paradigm shift in how the agency Pulido says. deploys routers and wireless services. With Cradlepoint’s cloud management and application platform, David Rush serves as senior product manager for transportation solutions at Enterprise Cloud Manager (ECM), installing the in-vehicle network Cradlepoint. He holds a bachelor’s degree in Electrical Engineering from MIT and an MBA from Boise State University. Visit online at www.cradlepoint.com. was simple. This allowed VIA to create a deployment template that was 8
BUSRIDE | CRADLEPOINT