In 7+ years in Public Safety Communications, I have seen hesitation to deployment of Radio Over IP – commonly referred to as RoIP. My name is Beck Mitchell and I was the first sales person at Tango Tango. But, despite that hesitancy, to date, as potential users have come to under RoIP, we have deployed RoIP into over a thousand public safety agencies across the country due to the power & affordability it offers. Those agencies have relied on all different types of radio systems – P25, UHF, VHF, DMR, LTR, 700/800mHz, etc.
Here, I’d like to share with you that best practices we have identified to make RoIP deployment both secure & powerful. RoIP is not new – it has been around since the 1990’s – but connecting it to smartphones is relatively new in public safety. Many radio system administrators, especially those who manage large digital systems, are accustomed to having complete control over the technology used on those systems – and rightfully so. Mission critical radio systems are a matter of life and death for first responders and community members alike.
The good news is that radio system administrators can leverage the flexibility and low cost of RoIP technology to lower response times, expand coverage, and provide a redundant form of communication, all while still having control and system integrity.
In this article, I will share how, with the right vendors and policies, RoIP services can be a completely beneficial offering for first responders & system owners. I will to highlight various use cases along with some example policies that make RoIP a viable offering on first responder radio systems.
The Power of RoIP
RoIP solutions, like Tango Tango, offer a flexible way to bridge the gap between smartphones and LMR systems, ensuring seamless communication in the field. However, these innovative solutions also present some unique challenges, particularly when it comes to tracking their use and maintaining network security.
Enhanced Interoperability: RoIP offers a remarkable boost in interoperability, making it easier for various agencies and technologies to communicate seamlessly. It’s a fundamental solution for addressing long-standing issues related to communication interoperability. Allowing users from various types of radio systems to communicate with a common technology, such as smartphones, has been an integral part of the RoIP use cases.
Extended Coverage: RoIP’s ability to span large geographic areas via a data connection is a game-changer. It’s particularly valuable for public safety agencies operating in vast regions, ensuring that communication is not restricted by LMR radio towers. It is also highly valuable inside buildings where radio may not be able to penetrate but there is always wifi or cellular data coverage. This use case tends to be most useful for command staff, school resource officers, and users who travel across wide areas.
Network Approach: RoIP encourages a network approach to communication systems, increasing reliability and adaptability. This is especially vital during large-scale disasters or emergencies when the resilience of communication systems is paramount.
Mobile and Desktop Access: RoIP supports various devices such as tablets, computers, and mobile applications, ensuring that communication is accessible wherever it’s needed. These devices simply require a reliable internet connection to connect to the RoIP system.
Protect the Integrity of Your Radio System with Recommended RoIP Policies
No matter how you feel about RoIP, we highly recommend that any LMR system owner adopt at least some RoIP policy. Why? There are now many companies making RoIP easier and easier to purchase and allowing a user to “DIY” a solution on any radio system. It is not uncommon that we run across a volunteer fire department where one firefighter has plugged up a RoIP gateway to a handheld and is using it without a system owner’s knowledge.
This may be okay with you or it may not. We have found that for most system owners it is not okay and we strongly do not recommend this approach. Having a RoIP policy allows you to put guardrails in place so that you can monitor what is happening in your system and take action if things are happening that you do not approve of but still give your user the benefits of RoIP.
- Two high level things to consider
- Do you want to allow anyone – user and/or vendor – to setup a RoIP connection at any time? We do not recommend a “Wild West” policy. However, it is certainly a simple way to approach the matter. If your answer is anything other than “Wild West”, consider the Policies & Best Practices below.
- Do you want to disallow all RoIP on your system? We do not recommend this either.
- RoIP is a powerful & affordable solution. When used intelligently with proper planning, can deliver a better experience to your users with minimal overhead all while keeping your system secure.
- RoIP can help you avoid vendor lock-in and maintain an open playing field among the vendors involved with your system. We find that some LMR vendors are pushing their own proprietary PTT applications that integrate to their systems to essentially lock out PTT application competition between vendors. If successful this will lead to less competition, higher prices, and worse products in the public safety comms market. We also believe this to be antithetical to spirit of the P25 standard which was intended to open up a competitive PTT market to keep prices down for first responders while also creating interoperability between agencies.
- RoIP is the best tool to create interoperability between completely different types of systems. It is the only way to bridge together completely separate technologies like P25, DMR, MOTOTRBO, NEXEDGE, and conventional or even simplex systems. Creating interoperability with RoIP is easy and doesn’t require everyone to move to P25 to get immediate interoperability.
- RoIP is affordable & simple. While RoIP does not have some of the bells & whistles offered by ISSI-based solutions, it is surprisingly affordable, easy to deploy, and has essentially no risk if deployed with care.
- While RoIP is not perfect or a fit for every situation and may not even be your primary PTT application but we find that it is a great tool to have in your system’s tool belt for backup & interoperability.
RoIP Policies & Best Practices
If you want to consider allowing RoIP but don’t want your system to be the “Wild West”, consider the below questions:
- Approval Questions
- Who are the people involved with your radio system that are allowed to setup and/or approve a RoIP connection? Can anyone with a handheld plug one up? Or only Points of Contact (POCs) for each agency? Only Radio System Administrators?
- Do you want an approval process for a RoIP integration? For example, you may want to allow POCs at member agencies to start the process for RoIP but have a final approval from you as a Radio System Administrator for each RoIP integration point. You may approve certain vendors whom you trust to run a reliable gateway location process or you may simply appoint a number of trusted POCs to oversee these connections in conjunction with the right vendors.
- If you choose to approve/disapprove vendors, do you want to require notification from the vendor when a RoIP connection is made on your system? Some “DIY” solutions are incapable and/or unwilling to follow these processes.
- Locations
- Should RoIP deployments be permanent & fixed or only used for mutual aid scenarios?
- RoIP deployments from company like Tango Tango have portable capability that can allow them to be moved if allowed for mutual aid and similar scenarios. Are your subscribers allowed to use a portable deployment? Should it remain in a fixed location for capacity reasons?
- If they are fixed, how is the proper location & site for the RoIP connection determined & approved?
- Some system admins want to make sure that a connection is tied to a specific radio system site that is already broadcasting the talkgroup for the RoIP connection to avoid any additional system loading.
- If a RoIP point is to remain fixed, how will you identify if it has been moved? What happens if a user and/or vendor violates this policy?
- Should RoIP deployments be permanent & fixed or only used for mutual aid scenarios?
- Vendors
- There are variety of PTT app vendors in the marketplace, all with varying types solutions and differing approaches. Do you want to allow them all? Do you want to set some standards and only allow the vendors that fit your standards? Dimensions to consider:
- Deployment & setup methods: Some vendors are “DIY” solutions where equipment is purchased and the end user mostly puts everything together on their own using online guides. Others like Tango Tango, are more tightly controlled & managed solutions where the vendor handles the setup & tuning of the solution & provides ongoing monitoring for quality assurance & security purposes. Do you have a preference in method of deployment & management?
- Ongoing monitoring & relationship with the system owner: Some vendors, like Tango Tango, can offer the system owner monitoring and control. Others have no such capability.
- Origin of the software: Some PTT app vendors are based in and write their code in the USA. Other PTT app vendors are either based in or code their software in Europe, India, or even China or Russia. Does any of these countries of software origin matter to you from a security standpoint?
- Experience with Public Safety LMR systems: Evaluate each vendor’s experience in integrating with radio systems and working with public safety officials. Some vendors have worked with many public safety agencies, others are “moonlighting” at best in the public safety market.
- Encryption & Data Protection: Consider the technology in use by each vendor and their encryption and data security practices. Consider sending a questionnaire to each vendor to ascertain both 1) their practices and 2) their responsiveness to your request. If they are unable or unwilling to answer a simple questionnaire, they are unlikely to be the kind of partner you want to work with on a mission critical system.
- Access to Records & Support: Can the vendor prove you with managed, auditable access control for users, RoIP gateways/talkgroups, and customer administrators? Can the vendor provide with you with a dedicated support contact that you can reach out to in order to troubleshoot any issues that may arise?
- There are variety of PTT app vendors in the marketplace, all with varying types solutions and differing approaches. Do you want to allow them all? Do you want to set some standards and only allow the vendors that fit your standards? Dimensions to consider:
- Subscriber Numbers
- Many radio system administrators are concerned about the possibility many “off-network” phones accessing their radio network through a RoIP deployment and potentially driving increased radio traffic on their radio network. Our recommendation:
- Limit the number of LTE users to the same number of radio subscribers each department has. If an agency on your network has 100 radios on the network, consider only allowing them to have 100 PTT app licenses over RoIP. This means that each user can have their subscriber radio and a PTT app license.
- This makes high level sense as a user cannot use their radio & an app simultaneously and will prevent a situation where you may have double or triple the number of app users as active LMR radios on the system. For systems that follow this policy, we have yet to see any noticeable increase in system loading when RoIP is in use. This solves the concern of large amounts of user licenses beyond the existing number of radio subscribers.
- Note: this policy will require you have to have a cooperative vendor who is willing & able to enforce such limits.
- Limit the number of LTE users to the same number of radio subscribers each department has. If an agency on your network has 100 radios on the network, consider only allowing them to have 100 PTT app licenses over RoIP. This means that each user can have their subscriber radio and a PTT app license.
- Many radio system administrators are concerned about the possibility many “off-network” phones accessing their radio network through a RoIP deployment and potentially driving increased radio traffic on their radio network. Our recommendation:
- Monitoring
- If available, create automated system reports from the vendor on provided donor radio serial numbers. This allows for system admins to easily keep track of RoIP activity on the system.
- Consider requiring your users and vendors to submit a listing of RoIP gateways & related donor radios in use on your system. If you don’t know which radios are being used as donors, you cannot monitor & manage them.
- Agency Policies
- We recommend that you require all your member agencies to submit internal public safety RoIP usage for review and approval. These policies should outline the use of LTE talkgroups and interfaces, ensuring that all users understand the rules and regulations governing RoIP use.
- System Administration Oversight
- We recommend that radio system administrators should be given PTT application service administrator access to view participating agencies’ number of LTE users, radio talk group information, etc.
- For example, if you have 20 agencies on your system utilizing RoIP, you should have a “master” login that allows you to see all these connected channels & the registered users & talkgroups in the PTT application. This allows radio system administrators to:
- Have similar visibility & control over RoIP services as they do over existing radios on the system. This makes the RoIP talkgroups and users an extension of your radio system and not a hidden “shadow” system operating on the other side of a gateway.
- Have pertinent information regarding the donor radios used – such as department, Talk Group ID, donor radio make and model, donor radio serial number, etc.
- Authorize certain radios and agencies on the system while also providing the necessary information to disable a donor radio if desired at some point.
- More Best Practices
- Appoint a dedicated System Administration team or person in your organization. This person or team should be your specialist in RoIP and PTT applications and be a liaison to vendors.
- Develop a list of approved & disapproved vendors.
- RoIP solutions are being purchased at higher numbers than ever before due to increasing user demand. Direct your users to approved solutions and it will prevent them from purchasing & plugging up solutions that you do not find appropriate for your system. If you proactively identify the right solutions, you can direct this existing demand to the companies & solutions you want.
- Publicize this list of approved/disapproved applications to your member agencies. If agencies know that 1) solutions are out there to provide LTE connectivity and 2) which ones are approved, they will be more far likely to buy the solutions you want and avoid the ones you don’t want. When agencies are in the dark, they are more likely to “DIY” a solution that may not be best for the integrity of your system.
- Request a dedicated point of contact – preferably, a single person – at each approved vendor for your agency to work with. A strong working relationship between a Radio System Administration team & a vendor can be the difference between a secure & powerful RoIP implementation or one that causes problems for your system. In public safety communications, relationships are the key to success. If you need help, you want to know that you can talk to an actual human and get a resolution quickly even at nights and on weekends.
Conclusion
The above policy examples strike a balance between embracing innovative RoIP solutions and safeguarding the integrity and security of the communication network. As technology continues to advance, it is essential to adapt and implement policies that ensure a seamless and secure user experience. By fostering transparency, control, and accountability, we can harness the power of RoIP solutions while preserving the reliability of the public safety radio communication systems.
“Make the right things easy and the wrong things hard to do.” – Kathy Sierra
Want to talk about RoIP policy best practices? Tango Tango has implemented more RoIP channels for public safety than anyone else. Contact Beck Mitchell at beck@tangotango.net. All our advice is completely free and no strings attached no matter whether you have interest in Tango Tango’s solutions or not.