Senet Network Architecture

Architected for Global, Secure, Carrier Grade IoT Connectivity

Purpose Built for the Scale of IoT

Senet’s connectivity services are built on a common cloud-based services architecture designed to scale to support the billions of devices that will ultimately connect to the Internet of Things. This advanced connectivity architecture is streamlined and optimized for network operators and application providers, and is being used by Senet to manage one of the largest LoRaWAN networks in the world. Our focus on building the perfect balance between scalability, functionality and cost has created an opportunity for new and innovative go-to-market models that is changing the way partners across the IoT ecosystem connect.

A Modern IoT Connectivity Architecture

Senet provides the latest technology, tools, and market flexibility, enabling rapid and easy deployment of LoRaWAN services and network connectivity.

A scalable multi-tenanted Network Server providing OSS and BSS capabilities

Application Servers to support Network-as-a-Service (NaaS) customers

Application Management Portal

Security Servers

Developer Portal

RAN Management Tools

Network Server

The Network Server is owned and operated by Senet, deployed as a scalable cloud-based solution and is the management and control point for Senet’s LoRaWAN core network platform. The Network Server has a suite of features and task-oriented tools inspired by Senet’s years of commercial network operation experience. Functionality includes:

  • Health, Status and Performance
    • Network
    • Applications
    • End Devices
  • Configuration / Provisioning
  • Alerting, Escalation and Ticketing
  • Network Planning and Deployment tools

Application Servers

The Application Server receives End Device messages forwarded from the Network Server and is responsible for decryption and encryption of the messages. The Application Server also provides application-level control of the End Devices


Gateways provide LoRaWAN wireless access for End Devices, relaying data to and from the Senet Network Server via IP backhaul (Ethernet, Wi-Fi, cellular or satellite). In addition to the End Device uplink message, gateways include RF meta-data about the uplink’s reception characteristics.

Security Servers

The Security Server is the access control authority responsible for authenticating the identity of End-devices and the generation of the network and application session keys.

End Devices (Sensors and Actuators)

LoRaWAN End Devices are the physical end-points of the network where sensing occurs, and control is exercised. End Devices communicate wirelessly and are often battery powered and located at great distances from the gateways serving them.

Deploying End-devices on the Senet Network

Senet’s LoRaWAN network supports both Activation-by-Personalization (ABP) and Over-The-Air Activation (OTAA) devices which may be onboarded individually or in mass. The OTAA bulk method of onboarding simplifies deployments by pre-provisioning the End Device and Join Server with the information needed to allow the sensor to Join the network securely and establish predictable operation.

Operator Tools and Capabilities

For Network Operator customers deploying Senet’s Managed Network Services for IoT (MNSi), Senet provides operator branded network management and administration tools.

Network Operator Portal

The network operator portal is used to administer and operate the collection of gateways, applications and developers managed by the operator. The operator will use features found in the portal to create and service applications, assign EUI address ranges, and monitor and expand the network. The portal is used to create application provider accounts and to populate the application domain so it may be used by the application providers. The provider portal is used to expand, monitor and troubleshoot the RAN and diagnose anomalous End Device behaviors. The portal reports the overall health of the network, provides visibility to trends in consumption, aggregated connected devices and correlates alarms and events that require intervention.

Application Provider Portal

The Application Provider Portal provides application visibility to resources managed by the Network Controller and the Provider Portal. It provides customer specific network mapping, application and End Device health tools; as well as data aggregation and visualization tools. The portal is also used for End Device management, including device authorization, activation and de-authorization. The portal reports network and device consumption information scoped to the application.

RAN Planning and Management

Within a RAN Provider account, you can plan RF coverage, onboard Gateway’s, modify channel plans, view Gateway details, RF statistics and monitor network health.

Network Planning tools:

  • Project coverage utilizing viewshed data
  • Plan supplemental coverage based off existing device deployments
  • Robust suite of Planning Tools for network build-out and coverage modeling
  • FCC structure database for planning on commercial assets
  • Import private asset locations

RAN Management:

  • Monitor and troubleshoot gateways


LoRaWAN Security

The LoRaWAN protocol was built with security as a fundamental part of the architecture. All Senet LoRa network assets have been implemented with security as a critical part of the design process. The LoRaWAN protocol provides signing, message counters and 128-bit encryption for communications between sensor nodes, the network and applications:

LoRaWAN privacy and security

  • LoRaWAN uses distinct 128-bit security keys. The application key (AppKey) is only known by the device and by the Security Controller. When a device joins the network, an application session key (AppSKey) and a network session key (NwkSKey) are generated. The NwkSKey is shared with the network, while the AppSKey is shared with the Application Controller. These session keys will be used for the duration of the session.
  • End Devices are deployed with a unique 64bit (EUI) device identity and use secure on-boarding techniques that are used to globally identify the device and ensure secure network on-boarding.
  • Network Controllers, gateways and application servers use secure TLS connections to transport data between each other.
  • LoRaWAN mandates the use of packet sequencing. This insures that messages use a unique, incrementing number. The feature is used to calculate the message success rates and prevents replay attacks due to checks for increasing sequence numbers during message validation.

Senet augments LoRaWAN protocol security functionality by offering integrations with security solutions from leading security solution providers such as Eclypses.