1. Confidential 1 Broadband Internet Access solutions powered by Nomadix™

2. Confidential 2

3. 3 Presentation outline Who is Nomadix Solution Partners and Network Architectures Nomadix Features –End User provisioning features –Billing Features –Authentication Features Standards Compliance Nomadix Product Portfolio Reference Sites

4. Confidential 4 Who is Nomadix ? Nomadix is the leading global Subscriber Internet Gateway company. We manufacture dedicated networking devices using the Nomadix Network Service Engine (NSE). –Quickly and inexpensively get subscribers onto their networks without requiring client side software or reconfiguration of IP settings. –Generate more revenue per broadband connection through intelligent subscriber management and delivery of IP services. –Simplify their network infrastructure and maintenance costs. Nomadix gateways are used in almost 4,000 sites worldwide, with installations in USA, Japan, Asia and Europe. Provide Plug and Play More Revenues At Lower Cost 4,000

5. Confidential 5 Nomadix’s Value proposition Nomadix have several patents on public Broadband Internet provisioning, e.g. DAT and iNAT. These patents provide true ‘plug and play’ and support a complex of VPN links on a single hot-spot site. Nomadix, as an active member of Wi-Fi Alliance, has been instrumental in the make of the WISPr (roaming) “best current practices for WISP roaming” and Wi-Fi Zone concept. Nomadix established “license agreements” with leading industry partners, e.g. Proxim, Hughes Networks and Rockwell Collins for integration of NSE in application specific platforms. Patents WISPr OEM

6. Confidential 6 Nomadix’s Value proposition Nomadix functionality offered through the Nomadix Internet Gateways cover a rich set of features in the following main areas: –End User provisioning –Authentication (UAM, 802.1x Smart Client, 802.1x UAM) –Security (VPN, EAP) –Billing interfaces for both a centralized AAA and for local AAA –Roaming Through a range of solution partners, Nomadix fits well in a well designed end to end solution for carriers, ISPs and stand-alone sites. –AAA partners, e.g. Picopoint, Wificom –Roaming partners, e.g. Boingo, iPASS –HLR interface partners, e.g. Adjungo Networks Authentication End user provisioning Billing Roaming

7. Confidential 7 Network Architecture INTERNET Firewall + IP Router Credit Card Server Web Server Datacenter Billing Information Accounting WWW, Email Authentication RADIUS Server Nomadix Public Access Gateway Wireless LAN (Wi-Fi) and Ethernet All PCs accepted - DHCP -Static IP address - Web proxy settings Credit Card Clearing External Web Server payment Servers Scratchcards SMS Etc.. AAA partners Hotel Billing System

8. Confidential 8 Network Setup (Ethernet Switch) Backbone Nomadix Internet Gateway Ethernet Switch PMS

9. Confidential 9 Backbone USG TM PMS DSLAM Network Setup (xDSL) Nomadix Internet Gateway

10. Confidential 10 Backbone Ethernet Switch Network Setup (Wireless LAN + Ethernet) Nomadix Internet Gateway Room 101 Laptop 10BASE-T Room 102 Laptop 10BASE-T Room 103 Laptop 10BASE-T PMS

11. Confidential 11 Plug and Play –No client-side software installation / reconfiguration –Dynamic Address Translation (DAT)™ For supporting users with: static IP Addresses, has a DHCP address from another subnet, going through public-private address translation Transparent Proxy. For supporting Browsers configured for Proxy or private DNS Server that could be behind a firewall VPN Support (PPTP and IPSEC) Support End-to-End security, even when user’s address is being translated. iNAT™ supports multiple VPN sessions going to same corporate VPN Access Server, even with limited number of public IP Addresses available. iNAT uses one public IP address for multiple sessions to different VPN Access Servers. Multiple Language Support –Pre-defined login screen in Internal Web Server End User Provisioning Features

12. Confidential 12 End User Provisioning Language Support All text viewed by the subscriber is entered in Web forms by the system administrator … … and placed automatically in user screens

13. Confidential 13 End User Provisioning iNAT™ and VPN VPN Firewall Authentication Server VPN Access Point Corporate Main Headquarter #2 ADSL Router Plus Firewall WLAN AP Nomadix HSG-25 VPN Firewall Authentication Server VPN Access Point Corporate Main Headquarter #1 WLAN Hot-Spot Corp #1 user 3 Public IP Address #2 iNAT™ supports multiple VPN sessions going to same corporate VPN Access Server, even with limited number of public IP Addresses available. iNAT uses one public IP address for multiple sessions to different VPN Access Servers. Corp #1 user 1 Public IP Address #1 Corp #2 user 2

14. Confidential 14 iNAT improves the connection success rate of multiple VPN tunnels to the same termination device Adjusts the mode of address translation depending on the packet type Optimizes usable public IP addresses by increasing their reusability (only uses them when needed) Uniquely supports users with static private (e.g. 192.168.x.x) or public (different subnet) IP addresses without any client IP setting changes iNAT - details

15. Confidential 15 Multiple DHCP pool and IP subnet support Subnets and DHCP pools assigned Location ID (e.g. via VLAN ID) Nomadix RADIUS VSA (‘Subnet’) Administratively assigned Multiple Subnet Support

16. Confidential 16 Save costs by using non-contiguous public DHCP pools –Example: Provide Internet access to 1,000 DHCP users and only have non- contiguous Class C pools, you can now define these separate pools in the Nomadix Gateway Use mixed pools (public/private) for varied network topologies and customer sets (residential vs. business) –Example: All residential users can get private IP address and be address translated, all business customers can get a public IP and not be address translated Differentiate your customers depending on their location –Example: All users in one building can be placed in the same VLAN and provision all their IP address from a dedicated pool Allocate different lease times to different users dependent on the peak usage patterns of the network Keep all devices (e.g. Access Points) on a separate public subnet that will not get address translated Multiple Subnet Support (con’t)

17. Confidential 17 Captive Portal –Pre-Authentication Home Page Redirection (HPR) Automatically redirect nomadic user to welcome page Multi-portal / multi-Service Provider support –Post-Authentication Page Redirection (HPR) Automatically redirect nomadic user to post welcome page Multi-portal / multi-Service Provider support IP filtering / access control White List for free/allowed sites Black List for blocked/restricted sites Presenting services –Up-sell Bandwidth / Public IP address –Personalizing services End User Provisioning Features Portal Page Service Selection Console

18. Confidential 18 Billing Features 1 – Direct connection to Hotel PMS Fully automated system, where the charge for HSIA is a line item on the hotel bill (= local hot-spot) Shared revenue model possible through Billing Mirror Incentive-based Pricing. This functionality offers the opportunity to provide price incentives to preferred customer groups 2 - Credit Card Payment Fully automated system, where the charge for HSIA is deposited via Credit Card clearing house to the hot-spot site Shared revenue model possible through Billing Mirror Incentive-based Pricing. 3 - Connection to RADIUS Server RADIUS server is connected to (existing) RADIUS billing system Supports various ways to sell the service, Subscriptions (monthly fee, fees for usage), Pre-paid cards, Vouchers, etc. –XML Application Programmers Interface supported with all billing modules Mix of Billing Options is possible

19. Confidential 19 Billing – Stand Alone INTERNET Firewall + IP Router WWW, Email Authentication lowest cost implementation Nomadix Public Access Gateway Internal Database pre-configured with a range UN/PW Hotel sells vouchers with UN/PW Guest Access for the duration of the stay Optional: graphical web interface as welcome page Wireless LAN (Wi-Fi) and Ethernet All PCs accepted - DHCP -Static IP address - Web proxy settings Broadband Connection with a minimum of 2 public IP addresses

20. Confidential 20 Billing – Hotel PMS INTERNET Firewall + IP Router WWW, Email Authentication Nomadix Public Access Gateway Automatic connection to hotel property management system (PMS) like Micros Fidelio Hotel offers “bill to my room” authentication and billing Guest Access for the selected duration (e.g. 24 hrs or 1 hr) and selected bandwidth Optional: graphical web interface as welcome page Wireless LAN (Wi-Fi) and Ethernet All PCs accepted - DHCP -Static IP address - Web proxy settings Hotel Billing System Web Server External Web Server Broadband Connection with a minimum of 2 public IP addresses

21. Confidential 21 Billing – Credit Card INTERNET Firewall + IP Router Credit Card Server Web Server Credit Card Clearing broker WWW, Email Authentication Web Hosting Server Nomadix Public Access Gateway Wireless LAN (Wi-Fi) and Ethernet All PCs accepted - DHCP -Static IP address - Web proxy settings Credit Card Clearing External Web Server AAA partners Nomadix Public Access Gateway Automatic connection to Credit Card clearing house Hotel offers “credit card” authentication and billing Guest Access for the selected duration (e.g. 24 hrs or 1 hr) and selected bandwidth Optional: graphical web interface as welcome page Broadband Connection with a minimum of 2 public IP addresses

22. Confidential 22 Billing – RADIUS INTERNET Firewall + IP Router Web Server WWW, Email Authentication RADIUS Server Nomadix Public Access Gateway Wireless LAN (Wi-Fi) and Ethernet All PCs accepted - DHCP -Static IP address - Web proxy settings External Web Server payment Servers Scratchcards SMS Mobile No. AAA partners Nomadix Public Access Gateway Automatic connection to RADIUS server. External Billing S/W to offer various payment methods Optional: graphical web interface as welcome page Optional: WISP roaming Broadband Connection with a minimum of 2 public IP addresses

23. Confidential 23

24. Confidential 24 Billing Features - RADIUS Vendor Specific Attributes (VSA) supported Max. Bandwidth up / per user Max. Bandwidth down / per user Home Page Redirect (URL redirection) / per user IP Upsell / per user Subnet / user (to allocate a specific IP subnet to a user) Time based Billing / per user Time-Based Session Timeout : Allows the termination of a session per a specified time period allowing a service provider to introduce service plans that limit the session time Volume based Billing/ per user Volume-Based Session Timeout : Allows the termination of a session per a specified data volume allowing a service provider to introduce service plans that limit the data transfer volume

25. Confidential 25 Billing Features - RADIUS Log-Off-URL Attribute can be used to place a Log-Off-URL – e.g. 1.1.1.1 – on an external portal page Reject-Message Attribute enables the service provider to customize reject messages Session-Terminate-End-Of-Day Attribute makes it possible to create business plans terminating a session at midnight of every day

26. Confidential 26 Location Identification VLAN Switch Port 1Port 2 Could use: –802.1Q VLAN tags –Integrated SNMP Manager Custom SNMP MIB Queries RFC 1493 Compliant Bridge MIB Queries Determines physical location (port) of subscriber Enables: –Automated provisioning/billing based on location –Customization of portal page based on subscriber’s location

27. Confidential 27 End User Authentication Features 1.Universal Access Method (UAM) –Web Browser Based initiated Authentication utilizing SSL –No special client-side software to install –Compatible with existing standard networking protocols and components (any Wi-Fi compliant NIC or AP) 2.IEEE 802.1x / Smart Clients and SIM Smart Client –Provides user with directory of approved hotspots –Could prevent against rogue AP’s –Automates authentication process for the user –Can automatically establish remote VPN tunnel (end-to-end IPSEC tunnel) 3.IEEE 802.1x / UAM –IETF EAP (Extensible Authentication Protocol) –End-to-end security association (support multiple EAP types such as MD5, TLS, TTLS, strong authentication tokens, etc.)

28. Confidential 28 Public Access Control Gateway 1) User associates with “open mode” Access Point at hotspot 2) Opening Browser automatically presents “Captive Portal Page” with local content/services 3) User can authenticate (login) at hotspot via any Internet Browser (utilizing SSL) 4) User gets profile-driven, personalized Internet access 5) User gets automatically redirected to their Internet Start Page Nomadic or Mobile User Portal Page Login Page Service Selection Console Universal Access Method (UAM): User Experience

29. Confidential 29 2)Select access type and find locations using phonebook 802.1x Smart Client Authentication Auth/Billing Server & Services Access Point RADIUS Auth & Acctg Home VPN Server Remote VPN 3)Click “Connect” to automatically login to Network 4)Remote VPN (IPSEC tunnel) may automatically load to their corporation Client –Gateway Access Protocol UAM SSL-based User Steps: 1)Start Smart Client Smart Client Public Access Control Gateway

30. Confidential 30 IEEE 802.1x = Port-Based Network Access Control Uses EAP = Extensible Authentication Protocol (Advanced Security) Driven by 802.11, overcomes security (WEP key mgmt) issues, but can be used in Ethernet Official Standard as of Q2, 2001 1x clients and enabled APs coming to market (currently focused on Enterprise) Can be used with: MD5 (hashed Username and Password), Certificates (TLS, TTLS), Strong Authentication Tokens (Vasco DigiPass), etc. 802.1x / UAM Authentication Hotspot Auth Server 802.1x Client (Supplicant) 802.1x RADIUS EAP Home Auth. Server EAP

31. Confidential 31 Multi-Service Provider Support Wi-Fi Zone support –Nomadix is fully Wi-Fi Zone compliant –Nomadix supports a multi-service provider (ISP) model through extensive set of roaming features Portal page / Service provider support –Nomadix supports pre-authentication Home page redirect (HPR) and post-authentication HPR. –802.1x UAM and 802.1x Smart Clients could provide a 3 rd party ISP specific user experience

32. Confidential 32 Hotspot Operator’s Network Operations Center AAA / RADIUS Proxy Server Wireless Access Point Cell 1 Hotspot 1 Wireless Access Point Cell 2 Hotspot 2 VPN / AAA Server Roaming RADIUS NETwork Server Optional Roaming Intermediary Broker or Settlement Services Global Roaming AAA Services Network Corp. Enterprise Home Entity (such as User’s Corporation or Service Provider) MobileGate Server + AAA ROAMing Server Firewall & VPN Server Nomadic User Login as Nomad@HomeEntity.com Multi-Service Provider support Cell 2 Wireless Access Point Cell 1 IPSEC or PPTP VPN Billing Roaming Revenue Billing Relationship Mobile Operator

33. Confidential 33 Welcome Page #3 PC #1 Launch iPass Smart Client: Ipass/Hstevens@nomadix.com PC #2 Start 802.1x Authentication: Hstevens@vodafone.com Public Access Control Gateway Vodafone Auth/Billing + Web Server & Services iPASS Auth/Billing + Web Server & Services Proxy Auth/Billing Server & Services Welcome Page #1 PC #3 Web browser (UAM) Username : Hstevens Password : xxxxxxx Multi-portal / multi-Service Provider support Welcome Page #2

34. Confidential 34 Multi-portal / multi-Service Provider support Web browser (UAM) –The Service Provider's Home Page is set as a URL in the RADIUS profile for all users from that service provider. For example, if Oslo Airport sells WLAN access to Vodafone users, it will proxy back the Auth Request to Vodafone's RADIUS server. The RADIUS server will do a look-up based on the UN/PW and send back the Auth Reply with the Home Page URL (set to Vodafone.com or personalized to the user) that has been stored in the user's RADIUS profile IEEE 802.1x Smart Client –The Ipass/Hstevens@nomadix.com login name as stored in the Smart Client is send to the Nomadix Gateway and then to the proxy server that directs the request to iPass RADIUS server and send back the Auth Reply with the Home Page URL. IEEE 802.1x UAM –The Hstevens@vodafone.com login name as stored in the.1x profile on the PC is send to the Nomadix Gateway and then to the proxy server that directs the request to Vodafone RADIUS server and send back the Auth Reply with the Home Page URL.

35. Confidential 35 Nomadix Standards Compliance Nomadix is fully network agnostic, i.e. is successfully tested against major network equipment suppliers like Cisco, Avaya, Proxim, Symbol, Intel, 3COM, etc.. Nomadix supports both wired (Ethernet) and Wireless (802.11a, 802.11b, 802.11g, Bluetooth) access Nomadix supports Security Standards like 802.1x, SSL, IPsec and PPTP for VPN Nomadix supports RADIUS standard Nomadix supports XML application programmers interface European CE and Safety Standards compliance

36. Confidential 36 Nomadix + Adjungo Architecture Overview Cellular Network Customer Care HLR AUC SGSN OBS Internet Service Provider Broadband Network MobileGate Clients Public WLAN Access Controller WLAN Hotspots Access Point MGS MobileGate Server Adjungo MobileGate TM

37. Confidential 37 Today’s Business Travelers want Broadband Access Market Statistics

38. Confidential 38 Market Research shows: 70% of business travelers carry laptops 68% expressed interest in Internet access in hotels, on planes and in airports Customers value higher productivity and better, faster connections Market Statistics Quote: "As an investor, I focus on cost per bit," says Chris Brookfield, general partner with Northwest Venture Associates. "In wireless LANs, it is incredibly inexpensive to move data, compared with other wireless technologies like [Cellular Digital Packet Data], [General Packet Radio Service] and 3G."

39. Confidential 39 Market Statistics – Western Europe

40. Confidential 40 Market Opportunity-1 Business Traveler on the road wants to connect his Notebook PC to the Internet and download e-mails, fast and without hassle. Does not want to reconfigure his/her Notebook PC Needs a fast connection to reduce time loading large attachments Hotels want to make money, and maintain many happy guests Hotel needs to offer a value-package to business travelers, i.e. offer fast internet connections in both the conference center and hotel rooms Prevent cost to deploy the value-package, i.e. no need to set-up help-desk, or hire IT manager to help configure PCs Hotels and Conference Centers

41. Confidential 41 Market Opportunity -2 Business Traveler in Wireless Hot-Spots (e.g. an Airport) wants to efficiently use his wait time to connect his laptop PC to the Internet and download e-mails, fast and without hassle. Does not want to reconfigure his/her Notebook PC Needs a fast connection to reduce time loading large attachments Airports want to make money and keep passengers happy Airports need to offer a value-package to business travelers, i.e. offer fast internet connections in both airline lounges and passengers areas Prevent cost to deploy the value-package, i.e. no need to set-up help- desk, or to hire IT manager to help configure PCs Wireless Hot-Spots

42. Confidential 42 Market Opportunity -3 Residential users that are connected through either wired (xDSL, CATV) or Wireless (IEEE 802.l1b, LMDS) to ISPs in small communities and apartment complexes. Needs an easy way to log-on, i.e. no client software, and does not want to re-configure their (Notebook) PC Needs fast connection and dynamic bandwidth selection service plan ISPs want to make money and sign on as many happy subscribers, at zero incremental cost, as possible ISP’s need to offer a value-package to residential users, i.e. fast internet connections Prevent cost to deploy the value-package, i.e. no need to set-up help- desk, or send out support people to help configure PCs Residential Users

43. Confidential 43 How to make €€€ Pre-connection Initial Connection On-line connection Advertisement, e-Commerce and info display revenues as offered through Walled garden. Subscriber revenue and /or time- based revenue, Conference Center service plan, Meeting Room Scheduler (MRS) IP Up-sell (public IP address), Self- service plans, advertisements and info display through ICC A San Jose hotel made 250 K$ revenues from Nomadix USG in their Conference Center in yr 2000 Hotels, Conference Centers, Airports and Airlines

44. Confidential 44 Market Opportunity -4 Students on University Campus and Dormitories want to connect PC’s to the Internet and download e-mails, fast and without hassle. Does not want to reconfigure his/her (Notebook) PC Needs fast connection to reduce time downloading large attachments Universities want to facilitate network access, however prevent un-authorized access to the University Network Universities need to offer an access-package to students, visitors and staff, i.e. offer fast internet connections in and around the campus Be able to facilitate access for many students in a very short time Prevent cost to deploy the access-package, i.e. no need to set-up help- desks, or to hire IT managers to help configure PCs Increase Network Access security Universities and Schools

45. Confidential 45 Market Opportunity -5 Enterprise Roaming staff (Nomadic employees) and visitors create challenges for the Enterprise network administrator Nomadix can solve these issues: –Increased security concerns Allow visitors to access pre-determined network resources, depending on their access level. –Mobility management Roaming between subnets is an issue as users cannot connect automatically –Traffic shaping Profile-driven bandwidth allocation is key

46. Confidential 46 Enterprise Application Examples Professional Services Company (Nomadic employees) Meeting Room/Lobby (“Enterprise Hot Spot”) Head Office (e.g. Consulting firm ABC) Client Office (e.g. Company XYZ) Network setup: Static IP (e.g. 192.168.x.x) HTTP Proxy Network setup: DHCP, no proxy, Universal Subscriber Gateway Random Office (e.g. Company XYZ) VIP Customer Supplier Various PC configurations Web-based presentations Real-time inventory checks Email synchronization Corporate File Retrieval (VPN)

47. Confidential 47 Features List USG / HSG Standard features –Plug and Play –Home Page Redirect pre-Authen. –Home Page Redirect post-Authen. –Walled Garden –Standard Mgmt. –Language Support –SNMP Support –Multi-Level Admin –Access Control List –Bridge Mode –CMS enabled support –Internal Web Server –External Web Server Intf. –Billing Mirror –XML - API Optional features –Radius client Interface –Credit Card interface –PMS interface –SSL Support –iPASS smart client –802.1x –IPSec –Port Location –Self Service Console –Bandwidth Management –IP Up-sell –Proxy ARP –URL Filtering –iNAT –Multi-Subnet Support

48. Confidential 48 Examples Nomadix ISP / Service Providers

49. Confidential 49 Hotel reference List - Europe all use the Nomadix solution EUROPE: Hilton Antwerp (Belgium) 71 Nyhavn Hotel (Denmark) Copenhagen Strand (Denmark) Grand Hotel (Denmark) Phoenix Hotel (Denmark) Torve Hallerne Hotel (Denmark) West-Inn (Denmark) Hotel Avion, Helsinki (Finland) Hotel Haikon Kartano, Porvoo (Finland) Hotel Krapihovi, Tuusula (Finland) Hotel Musta Kissa, Lahti (Finland) Ikaalisten Kylpylä, Ikaalinen (Finland) Millennium Hotel Stuttgart (Germany) Hotel Kurfuerstendamm 101 (Germany) Ritz Hotel (Spain) NH Hotels (Spain) And many more……. EUROPE: NH / Golden Tulip FiGi (Holland) Van der Valk-Assen & Vianen (Holland) Hotel Du Lac (Italy) Conf. Center and Hotel Affi (Italy) HolidayInn & Crowne Plaza (Italy) Sunborn Yacht Hotel (UK) Chelsea Village Hotel London (UK) Great Eastern Hotels (UK) Middle East & Africa: Sheraton – Amman (Jordan) Four Seasons – Amman (Jordan) Four-seasons – Cairo (Egypt) Hilton – Cairo (Egypt) Meridian – Cairo (Egypt) Four seasons – Riyadh (Saudi Arabia)

50. Confidential 50 Reference List - Europe all use the Nomadix solution EUROPE - Events: Cannes Film festival ’02 in France Foire de International Luxembourg Dorn Birner Messe (Austria) Norges Varemesse(Norway) Munich Messe (Germany) EUROPE - Airports: Oslo Airport (Norway) Schiphol Airport (Amsterdam) Koln/Bonn Airport (Germany) Birmingham Airport (UK) EUROPE - Universities: Warrick Univerisity – UK Uni Erlangen, Germany TU Wien, Austria Uni Leipzig, Germany Universität Köln, Germany EUROPE – WISPs / Hotel solution providers: Aervik (the Netherlands) WinQ (the Netherlands) Attingo (the Netherlands) MyCall (the Netherlands) HubHob (the Netherlands) Kubi Wireless (Spain) Inntouch (UK) Liberty SNL (UK) Swisscom Europort (UK) X2.internet (Germany) Teleport (Austria) HiPort (Italy) Menacom (Egypt) Wi-TEL (South Africa)

51. Confidential 51 Summary Nomadix is the global leading Internet Gateway supplier that addresses the various market segments: –Public Visitor Based Networks –Multi-Tenant Units –Private Visitor Based Networks. THANK YOU !