Key highlights of ThingPark Enterprise
Secure
-
Payload integrity protection and encryption over radio link, natively supported by LoRaWAN® protocol.
-
Secure activation of OTAA devices on standalone Join Servers, offered by ThingPark Activation + Hardware Security Module (HSM).
-
Integrated Public Key Infrastructure (PKI).
More information on security
-
Support for devices with Secure Elements (in conjunction with ThingPark Activation HSM).
-
Secure gateway bootstrapping, by ThingPark's zero-touch Infrastructure Commissioning Service.
-
Secure gateway connection to core network: Both IPSec and TLS tunneling options are supported, offering secure authentication (reliable PKI with asymmetric cryptography) and data encryption.
-
Secure exchange of outgoing/incoming reports with Application Servers, via TLS protocol.
-
Secure end-user authentication, through multi-factor authentication.
-
Integration with External Authentication providers (using oAuth2 and OpenID-Connect).
-
End-user permission management, supporting several administrative roles from administrators to read-only users.
-
Safe core network upgrades, using canary mode (valid only for SaaS).
-
DoS & replay attack mitigation.
Reliable
Resilient & no-touch High Availability design
-
No-touch failover/failback between primary and secondary nodes, including automatic database resynchronization.
-
Fault-tolerant architecture, leveraging Apache Kafka message queues to buffer packets during temporary unavailability of internal/external data consumers.
-
No split brain risk through arbiter site.
Fault-tolerant gateway's packet forwarder (Long Range Relay - LRR)
-
Real-time buffering capabilities, preventing packet loss in case of temporary backhaul disconnection between the gateway and the core network. Queued uplink packets (flagged "Late") are gracefully dequeued after connection reestablishment to avoid flooding the core network.
-
Support for geo-redundant network servers.
-
Support for network interface failover: LRR supports primary and secondary network interfaces with an automatic failover/failback according to the instantaneous state of each interface.
-
Permanent supervision of all network servers and network interfaces.
SaaS edition
-
Native geo-redundant architecture for disaster recovery.
-
TPE SaaS ensures enterprise-grade best-in class service level agreement.
Self-hosted edition
-
High availability setup using a 3-node cluster (no split brain risk), supporting both Docker Swarm or Kubernetes orchestration modes.
-
Supports both standalone (mono-server) and High Availability deployment options.
Flexible
Support a variety of deployment models (and combinations through peering)
-
On-premise, with or without internet access. For the latter mode, offline installation/upgrade is supported.
-
Cloud providers, with ready-to-use images for AWS and Azure clouds.
-
SaaS, hosted on Actility's regional data-centers.
-
ThingPark Enterprise All-in-One: Autonomous gateway with embedded network server.
Gateway manufacturer agnostic
Simplify network management through harmonized user interface, avoid vendor lock-in (select best products per use case, mitigate sourcing risks).
-
ThingPark's Long Range Relay (LRR) packet forwarder is compatible with most gateway manufacturers: Kerlink, Foxconn/Ufispace, Cisco, MultiTech, Tektelic, Browan/Gemtek, Milesight, Rad, Option/Cloudgate, Oi Electric, Miromico and others... Full list available in Supported brands of base stations.
-
Any gateway compatible with Semtech's Basics Station packet forwarder can also connect to ThingPark: Dragino, Advantech, RAK Wireless...
-
Professional maintenance of fully owned code. Open source packet forwarders packaged by default by gateway manufacturers are provided "as is" and without any SLA. By contrast, Actility fully owns and maintains the LRR code with industrial grade SLAs.
Support any LoRaWAN®-compliant sensor without exclusion
-
All LoRaWAN® device classes: A, B, C.
-
All LoRaWAN® activation modes: Activation by Personalization (ABP) or Over-the-Air Activation (OTAA).
-
All LoRaWAN® MAC versions: 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4 and 1.1.
Deploy your IoT services anywhere: ThingPark supports all the LoRaWAN® Regional Profiles (ISM Bands)
-
EU 863-870 MHz
-
EU 433 MHz
-
US 902-928 MHz
-
AU 915-928 MHz
-
AS923-1, AS923-2, AS923-3, AS923-4...
-
KR 920-923 MHz
-
CN 470-510 MHz
-
IN 865-867 MHz
-
RU 864-870 MHz
-
WW 2400 MHz (worldwide ISM band, PoC)
Build your RF coverage as you wish
-
Deploy your own Radio Access Network, with any mix of outdoor macro and indoor pico/femto gateways.
-
Complement your RF coverage through mobile gateways providing temporary coverage, to support drive-by/walk-by data collection use-cases.
-
Extend your RF coverage through passive roaming, leveraging ThingPark Exchange roaming hub to connect with your roaming peers.
-
Any mix of Regional profiles, any mix of 8, 16 or 64 channel gateways which can even have overlapping RF coverage.
Flexible pricing model
-
Choose your licensing model, either based on device volumes or gateway volumes.
-
On-demand value-added features: On-premise High Availability, Network Geolocation...
-
Dedicated portal Actility Central to manage Channel Partner & customer subscription and renewal requests.
Flexible definition of user roles & permissions
-
Choose which user profiles should have write access to Device Management and Base Station Management tasks, versus read-only access
-
Restrict user access to resources bound to their administrative domains.
-
Freely define hierarchical structures (e.g. country/region/city/site) of your administrative user domains.
Low-touch operations
Off-the-shelf, ready-to-use and easily upgradable catalogs
-
Device Profile catalog, including generic profiles + vendor-specific models for all leading LoRaWAN® device manufacturers.
-
Base Station catalog, supporting gateway models from all leading gateway manufacturers.
-
RF Region catalog, including Regional Profiles supporting all the ISM bands standardized by LoRa Alliance with their optimized RF channel plans and radio configuration parameters.
-
Payload driver catalog, allowing the decoding/encoding of uplink/downlink application payloads. Support for custom drivers.
-
Normalization of ontologies & ontology mapping to leading IoT platforms.
-
Custom ontology mapping and format conversion through native support for JSLT, JSonata and JMESPath.
Zero-touch gateway bootstrapping & maintenance
-
Bootstrapping, configuration and software upgrade of base stations without any physical access, through ThingPark Infrastructure Commissioning Service (ICS).
-
Intuitive ICS GUI to personalize gateway configuration: PKI, core network endpoints, network interfaces, LRR parameters, firewall configuration...
Easily add devices (sensors) to your network
-
Low-touch device provisioning by scanning LoRaWAN® QR code.
-
Bulk provisioning through mass import of device list.
-
Per-device activation of value-added features: roaming, network geolocation...
Comprehensive alarm management & supervision through intuitive user interface
-
Provision, configure, administrate and supervise LoRaWAN® sensors, gateways and connections towards external Application Servers.
-
Built-in SNMP integration to external supervision systems.
-
A large set of UX-oriented features: real-time device & gateway status, smart search/filtering, object tagging, fleet management, cartography, send downlink packets to sensors from the GUI...
-
Rich set of dashboards, statistics and KPIs.
A rich set of network analysis tools
-
Wireless (packet) Logger: showing all uplink and downlink packets processed by the network in both raw and decoded formats, including the transmission status of each downlink packet over the air.
-
Spectrum Analysis: intuitive GUI showing the raw/aggregated results of individual RF spectrum scan campaigns, precious for RF planning and troubleshooting of RF noise problems.
-
Network Survey: Examine your LoRaWAN® network coverage on a map.
-
Air Interface Dimensioning: Analytical coverage & capacity dimensioning tool for outdoor base station deployments.
Easy to integrate with your applications
The most complete set of professionally-supported IoT connectors towards your Application Servers
-
Off-the-shelf set of connectors towards all leading cloud IoT platforms: Amazon AWS IoT, Amazon Greengrass, Azure IoT Central, Azure IoT Hub, Thingworx, Cumulocity, Yandex, SAP, IBM Watson, Here, Ginjer...
-
Simplified integration with AWS cloud, through ready-to-use Cloud Formation Templates (CFT)
-
General-purpose connectors, using HTTP, MQTT and AMQP protocols.
Exchange decoded payloads between ThingPark and your Application Servers
-
Off-the-shelf catalog of payload drivers (450+), delivering ready-to-use decoded payloads to Application Servers.
-
Built-in normalization of ontology through OASIS oBix Points
-
Mapping of ontology to leading IoT platforms, and support for custom ontology mapping.
-
Build your own custom payload driver, through ThingPark X IoT-Flow user interface.
RESTful APIs
-
Authentication, authorization and user management for all user roles.
-
Swagger contracts for easy integration with Application developers.
Scalable
Scale up/out as you grow
-
Up to 10,000 gateways and 12 millions devices.
-
Full horizontally and vertically scalable regional SaaS platforms.
-
Microservice-driven architecture with fully sharded databases.
-
Load & stress test reports available for each ThingPark release.
-
Ready-to-use sizing utilities for on-premise deployments, covering different sizing segments for both standalone servers and private clouds.
Explore ThingPark's multitenancy for your multi-site/multi-use-case deployments
-
Leverage multi-tenancy to expand your IoT deployment towards new vertical use-cases, new geographical locations, new end-customers...
-
Restrict user access to resources bound to their administrative domains.
Future-proof Value-Added Services
Peer with any network using Passive Roaming
-
Roaming allows exchanging packets between public and private LoRaWAN® networks, in a transparent way while keeping the MAC layer management at the home network of the device.
-
When a device roams, its LoRaWAN® packets are relayed by the visited network (forwarding NS) to the home/serving network through standardized inter-LNS messages defined by the LoRaWAN® Backend Interfaces specification.
-
Both roam-in and roam-out use-cases are supported by ThingPark.
-
The application servers communicates only with the home network, removing the complexity of integrating with multiple network back-ends.
-
Roam-in opens-up your RAN to serve foreign devices belonging to your agreed roaming partners, besides your own devices.
-
Roam-out allows your own devices to be served by foreign gateways belonging to your agreed roaming partners.
-
Reliable Multicast (RMC) and Firmware Update Services
-
Firmware Update Over the Air (FUOTA): Remote update of the device firmware using multicast mode.
-
General-purpose multicast: Efficient management of multicast mode by supporting application-layer configuration of the multicast group/session parameters via ThingPark RMC-Server.
-
Note Standard Multicast is supported off-the-shelf, whereas Reliable multicast (RMC) and FUOTA services require a separate RMC server provided as an option.
Network Geolocation
-
A sophisticated geolocation algorithm supporting a combination of TDoA and RSSI triangulation techniques to leverage the strength of both methods and improve the overall location accuracy.
-
TDoA-based geolocation: Location estimation using triangulation algorithms based on the time of arrival and received signal characteristics of uplink frames at the receiving base stations. Only relevant when fine-timestamps are generated by the base station (requires either Semtech's v2 reference design with SX1301 or SX1303-based gateways ) with nanosecond accuracy.
-
RSSI-based geolocation: Location estimation is based on the received signal strength level. Valid for any base station model (even when GPS/fine timestamp is not available) but has less accuracy than TDoA mode.
State-of-the-art OSS, LoRaWAN® Network Server and Gateways components
Discover how ThingPark Enterprise addresses LPWAN state of the art with the following main components: