Home 5G

5G

Innovation at the Core: Standalone 5G Core Architecture

by Sean O’Donoghue Sean O’Donoghue No Comments

Whenever 5G is mentioned, the conversation seems to inevitably shift to 5GNR (New Radio) as the driver for the diverse use cases that will come. Meanwhile, all those 5G mobile core innovations are pushed to the margins, with maybe a mention of network slicing. These same pundits like to tell people that 5G is still years away and to keep building out their 4G cores until it arrives. In reality, what should actually be talked about is standalone 5G core architecture. Sinking investments into a sub-optimal, closed 4G network isn’t biding your time wisely – it’s burying an opportunity.

Let me explain. Traditional mobile cores were designed to support a “one size fits all” model where voice and data services dominated the landscape. And that was understandable in a world where most networks had few service differentiations. When NFV arrived, communications service providers (CSPs) began to look more closely at cost-saving opportunities – but not at the service opportunities – presented by a virtualized Evolved Packet Core (vEPC). What they missed was the fact that next-generation services would require a radical transformation in the mobile core architecture beyond virtualization, specifically around areas that address high throughput, low latency, and high reliability. This radical transformation led to the idea of a standalone 5G core architecture.

Your cloud vendor matters… a lot

On the road to the future, CSPs need to question if their current network strategy is open to the changes and disruption that 5G will bring. For example, are they partnering with cloud-native companies or with legacy vendors whose cloud strategies are mostly air? If you’re working with a true cloud partner, you should already have a standalone 5G network in place or in process. Otherwise, you won’t be able to support the new DevOps models that will drive the revenue streams for 5G services.

Beyond that, a bigger question is whether your network is ready for 5G. Is your network infrastructure optimized and adaptable to change? 5G network should be flexible enough to deploy on public clouds, hybrid clouds, VMs or bare metal. If your 5G strategy isn’t prepared for all those scenarios, you’re seriously limiting your future. I cover this subject of cloud vendor preparedness in my blog, “It’s Time to Come Clean About Cloud-Washing.”

Five ways that a standalone 5G core can drive revenue

Network slicing is just one slice of the 5G pie. There are plenty of ways that a standalone 5G core architecture can drive revenue:

#1. Network Slicing

This is a frequently talked-about capability in 5G where a network is logically “sliced” into different segments with unique policies and capabilities to deliver customized services to an enterprise or group of customers. While network slicing is important in realizing new revenue streams – particularly for enterprise use cases – it can also serve a range of additional use cases such as accelerated transition to virtualization, operational maintenance or new service rollouts.

#2. The Service Based Architecture (SBA)

The SBA enables network functions and external systems to communicate using web-based APIs. For a CSP making the transition from telco-native to cloud-native, this can be a seismic shift. Forget about the days when you needed to understand dozens of telecommunications protocols in order to make a simple connection. In SBA, services can register themselves and subscribe to other services, or new services can be introduced, using the same API patterns. For the first time, a network’s data and services can be exposed in a standard, secure and comprehensible way to innovative third-parties in order to create better services.

#3. Integrated Gi-LAN Services

I wrote about the value of an integrated virtual probe and analytics solution in an earlier blog (“The Intelligent Data-Centric Network”). With powerful, actionable customer insight, CSPs can rapidly create personalized targeted offers, promotions and service bundles to attract new customers and grow revenue. Affirmed is unique in this space, as we’re the only company to provide a single platform for value-added services such as security, video optimization, TCP acceleration and parental control that enables a unique and differentiated experience on a per-flow basis.

#4. Multi-Access Edge Computing (MEC)

Formerly known as mobile edge computing, multi-access edge computing (MEC) is yet another exciting area for growth that requires a high-performance, reliable and scalable mobile 5g core. Affirmed’s Cloud Edge (ACE) is an MEC-based solution that allows CSPs to rapidly deploy and monetize use cases such as content delivery networks (CDNs), augmented/virtual reality, autonomous vehicles, drones, IoT, private LTE/5G for enterprise and location-specific services (e.g., in-store retail, advertising, etc.).

#5. Automation

This will be critical in the future, as CSPs will need to scale in the hyper-connected societies of tomorrow. The CSPs that execute automated service provisioning and service assurance well will reap the benefits of faster time-to-revenue and higher customer lifetime value.

Not all mobile core vendors can deliver on the promise of 5G in the form of ultra-reliable, low latency, high-throughput networks. In fact, most of them cannot deliver this because of fundamental limitations in their technology, operational challenges and the double-sided desire to protect their legacy revenue streams. But all this raises an interesting question: If your vendor has an agenda that doesn’t align with your vision of the future, where are you headed?

Make no mistake: 5G is still up for grabs. Someone is going to make a lot of money on new 5G services. It could be the Googles and Amazons of the world – and it probably will be, to some extent – but CSPs have the potential to be the real winners in the battle for 5G services revenue. So what’s your competitive advantage: a network experience that feels like a slightly faster version of 4G or one that completely transforms the user experience by delivering better experiences and driving innovative new services to market quickly? When you need a standalone 5G network, only one truly stands alone: Affirmed Networks.

A Moment of Reflection on the 5G Revolution in 2019

by Ashwin Moranganti Ashwin Moranganti No Comments

The iPhone 11 was released on September 20th, 2019. Take a look at it 1, and you’ll quickly notice the extra camera and the lower price tag. What you won’t see is any mention of native support for 5G. The new iPhone doesn’t have it.

If you’re looking for the seeds of a 5G revolution, don’t look to Apple. Look to the core. There, you’ll find the revolution is right on schedule, as telco operators and enterprises continue to embrace 5G technology in their mobile network cores. Next year, analysts expect that 5G services will break big, and many of the leading telco companies are banking on it.

As an early visionary in the field of network virtualization, Affirmed has a front-row seat to the 5G revolution, and what we see is an industry-wide push toward 5G. At the early-adopter end of the spectrum, we see operators embracing cloud-native solutions that behave like the webscale networks of Amazon and Google., As the 5G rollout continues, we see operators understanding that virtualization is the only viable path to the future. In both cases, 5G is the endgame, even if their timetables are different.

The transition from 4G to 5G

With 2020 around the corner, one of the big questions we hear from operators and enterprises is “How do we get to 5G from here?” For most operators, the answer is to build a non-standalone 5G network using the existing 4G core and transport networks you have today.

At Affirmed, the seamless transformation between 4G and 5G has always been our core mission We’ve done this by building a virtualized evolved packet core (vEPC) solution that could gracefully transition to 5G. For example, operators can easily add network slicing capabilities, video optimization, CGNAT firewall security, and other value-added services to our vEPC solution to create 5G services. It’s part of what we call our native cloud approach, meaning that everything we’ve built is designed to run in a cloud architecture for optimal scale, speed/performance, and resiliency.

What’s Next for the 5G Revolution?

The immediate future of the revolution will be “pure” 5G networks or what the industry calls 5G standalone networks. Our UnityCloud solution is one of the industry’s first standalone 5G platforms, designed for environments where new 5G services can be quickly created, deployed and (if needed) decommissioned. The same “fail fast” environment that companies like Amazon and Google use—to level the playing field between telco operators and their cloud-based competitors.

Telcos understand that they won’t be able to compete with the big cloud providers for new enterprise services revenue until their networks are competitive. That means adding network orchestration and automation capabilities, operating “non-stop” networks that remain online even during upgrades, and delivering service assurance to enterprises with deeper, real-time visibility into network traffic and performance.

It’s tempting to see the latest iPhone release of 2019 and think you’re witnessing the future of 5g. And in one sense, you are. But the real future of telecom isn’t happening on a stage. It’s happening behind the scenes, in the network cores of the world’s largest telco operators. And that future is worth keeping your eye on.

Think You’ve Got 5G Security Issues Protected? Think Again.

by Ron Parker Ron Parker No Comments

As interest in 5G continues to heat up, you’re likely to hear a lot more about 5G security. You may not, however, be hearing the whole story. Most conversations around 5G security centers on the standards put forward by 3GPP last year. Those standards are a good starting point, don’t get me wrong, but they’re not the last word on 5G security issues by a longshot. Why? Because they completely leave container security out of the conversation.

5G Security and Containers

There are a lot of new network elements to consider in a 5G architecture, but the biggest change in 5G is the fact that almost everything is now running on containerized software. In terms of 5g security threats, containers are prime targets for cybercriminals because they contain sensitive data such as passwords and private keys. Understanding how to protect containers from security threats is just as important as protecting the transport layers and gateways in a 5G network. Building on what 3GPP has proposed, we believe that 5G security protection has four main objectives, only two of which are currently addressed by the 3GPP’s recommendations.

A Four-point Approach to 5G Security

Let’s start with what 3GPP has already proposed for 5g security standards:

1. A trust model with two distinct, onion-layered approaches for roaming and non-roaming networks. In the non-roaming network, this model features an Access Management Function (AMF) and Unified Data Management (UDM) in the core, wrapped by the Authentication Server Function (AUSF). For roaming networks, 3GPP introduces the Security Protection Proxy (SEPP) for secure connectivity between the home and roaming networks, and the Network Exposure Function (NEF) to protect core services from inappropriate enterprise requests.

2. Encryption and authentication via Transport Layer Security (TLS), certificate management and OAuth2.

But what about security for the 5G services themselves? As the network shifts from hardware to software, telco operators need to have software security provisions in place to protect their data and their customers. At Affirmed, we see this as involving two distinct but complementary initiatives:

3. Secure software development. App developers need to ensure they’re writing secure code, validating it securely (i.e., using static code analysis), drawing from secure repositories and building everything on a secure base layer foundation (e.g., Fedora).

4. Secure containers. Containers represent attractive attack vectors for cybercriminals. 5G operators need to protect these containers by securing the orchestration engine (Kubernetes) with proper role-based access controls, guarding containers in use (through runtime container security) and managing access permissions between the containers via automated policy-driven networking and service mesh controls.

The need for container security isn’t unique to telcos, and that’s actually a good thing because they can now leverage existing security tools that have already been developed for other cloud-native applications. Unfortunately, a lot of telco vendors aren’t familiar with open-source tools like Aqua (for container security) and Falco (for orchestration engine security). Instead, these vendors leave software out of the security discussion, and that leaves telco operators with some big security holes to fill.

The Bottom Line on 5G Security

If telco operators expect to dominate the 5G landscape, they’ll need to stand on the shoulders of some pretty big cloud companies, particularly where containerization and security are concerned. 3GPP’s security recommendations are a good introduction to 5G security needs, but software security is half of the 5G story. If your vendor is telling you only about that part of the story, talk to Affirmed.

 

It’s Time to Come Clean About Cloud-Washing

by Sean O’Donoghue Sean O’Donoghue No Comments

They did it again. Another company has taken their old software, cleaned it up a little for deployment in the cloud, and called it cloud-native.

We call it cloud-washing. Like the “green-washing” of old, where companies would make claims of environmentally friendly products and practices when, in fact, little had changed from the past, cloud-washing is simply the rebranding and repackaging of monolithic, sub-optimal, on-premise software to appear innovative. Creative, maybe. Innovative, never.

True cloud-native software is built specifically to leverage the inherent benefits of a cloud architecture: hyper-scale, high resiliency, service velocity, and hybrid cloud flexibility, for example. Unfortunately, some companies have discovered their own shortcut to the cloud: port their old software onto virtual machines, repackage it as “virtualized” software and stuff it into a container. That isn’t cloud-native, it’s cloud deceptive.

At the core of the deception is a desire for innovation. Communications service providers (CSPs) are facing unprecedented challenges as they look to support an ever-expanding digital economy. Services revenues are flat or declining, while data and video traffic are exploding. As a result, the business model for CSPs is currently inverted, as revenue per bit converges with cost per bit, leaving little room for profit.

Hyper cloud providers such as Amazon, Google, and Microsoft, on the other hand, are turning in record profits by delivering innovation at a very low cost using cloud-native models, open-source services, machine learning, and self-service models. To survive and thrive in the new digital economy, service providers will need to follow suit, embracing the same models, processes, and technologies used by the leading hyper cloud providers. It’s a new world for CSPs, which is why it’s critical for them to have truly cloud-native solutions.

What does a real cloud-native solution look like? Basically, there are five main design principles that determine whether an application is truly cloud-native:

1. Multi-Cloud Support

By its very definition, cloud-native software is designed to be hosted in a multi-cloud environment. Software that cannot be deployed in a public, private, and hybrid cloud environment is not cloud-native, period. Simply connecting to a cloud isn’t the same as being built to run in any cloud.

2. Container Packaged

Software packaging and delivery have evolved from single, monolithic software packages to virtual machines and, more recently, containers. Container and orchestration platforms such as Docker and Kubernetes bring clear advantages to a cloud-native architecture by making applications more lightweight, open, portable, and easier to deploy, orchestrate, operate, upgrade, and manage. Some vendors use the right buzzwords (e.g., containers, pods, Docker, Kubernetes) but have the wrong ideas about cloud-native characteristics, and instead, they package their software as a big, complicated blob.

3. Dynamically Managed

Cloud-native software should be elastic. It should be scaled once for the initial load and then automatically scale up or down using cloud-native tools such as Kubernetes or Helm as demands increase or decrease. We call this dynamic management, and it’s a monumental mind shift for CSPs that are accustomed to dimensioning network solutions based on peak traffic scenarios with very limited agility.

4. Microservices Oriented

IT teams have already successfully implemented a microservices-based architecture for front-end channel applications as well as for back-end customer management and order management applications. CSPs can now invoke and re-use these microservices components in different combinations to simplify software upgrades or create new services. If software claims to be microservices oriented but shows little evidence of delivering autonomous, changeable, replaceable services, you’re probably looking at a cloud-washed product.

5. Externalized State

One of the limiting factors in scaling an application is statefulness, particularly its session state. Applications in which the application and session state have not been externalized to a high-availability store will have a hard time functioning in the cloud.

The Last Word about Cloud-Washing

The promise of 5G as a catalyst for nonstop reliability, new service innovation, and increased revenue is well documented. Re-architecting the network around the aforementioned architectural principles is the foundation for the promise of 5G. At Affirmed, we call that a platform for innovation.

The race to digital services is already underway, and competition will come from all sides. CSPs need a web-scale, cloud-native network architecture that can deliver next-gen digital services. These networks will have to deliver ultra-high performance and advanced features such as network slicing, service automation, and real-time analytics to radically accelerate service creation and drive down network costs.

More than ever, service providers will need to roll up their sleeves and fully evaluate each architectural element, principle, and capability of their 5G platform. This means challenging vendors on their cloud credentials, their roadmaps, and their commitment to open-source technology. In short, insist that your vendors come clean about whether or not they’re selling true cloud-native technology or simply cloud-washing their old products. A high-performance, cloud-native architecture using open-source technology can open your 5G future to more agility, flexibility, and opportunity. Don’t settle for anything less.

Affirmed, Intel and Dell EMC Have an Answer for 5G’s Need for Speed

by Scott Heinlein Scott Heinlein No Comments

Bring up the topic of 5G services and you’ll hear a lot of ideas, from virtual reality gaming to automated manufacturing floors. Ask how mobile service providers (MSPs) plan to deliver those services, however, and the room usually gets quiet. That is, until now. With the announcement of the first cloud-native 5G core network (5GCN) to support 100 GbE interfaces, Affirmed, Intel and Dell EMC have given MSPs plenty to talk about.

In a new whitepaper, Intel, Dell EMC and Affirmed outline the industry’s first 5GCN solution built to achieve 200 Gbps on a single server—a milestone that makes ubiquitous mobile broadband and edge computing more feasible than ever before. Using a combination of hardware acceleration, software optimization and intelligent engineering, the Affirmed/Intel/Dell EMC partnership has removed the most daunting barriers of entry for next-generation 5G services by solving many of the bandwidth, latency and load-balancing issues that 5G applications present to network operators.

At the “core” of the new 5GCN solution are Intel’s Field Gate Programmable Array (FGPA) hardware accelerators, Dell EMC’s latest PowerEdge servers and Affirmed’s next-generation 5GC platform. Together, these technologies allow MSPs to expand and accelerate the performance of their Network Functions Virtualization (NFV) architecture. The benefits of using this new approach to 5GCN include:

  • Faster 5G performance than ever before possible;
  • Native support for network slicing of different traffic types, including IoT and other enterprise use cases;
  • Lower power consumption per bit;
  • Easier deployment of essential 5G capabilities such as deep packet inspection, CG-NAT firewalls, TCP optimization and QUIC video optimization;
  • Support for OpenStack, Kubernetes and other “open” technologies.

5G presents a number of unique challenges to network operators, from control and user plane separation (CUPS) to load balancing. Many network vendors have these issues on their roadmap, but haven’t arrived at a practical solution yet. Affirmed, Dell EMC and Intel are at the forefront of finding workable 5G solutions that improve performance, reduce total cost of ownership and support emerging open standards for cloud and NFV. The ability to get more 5G performance from a single server is critical to the success of 5G, both from an architectural and a financial perspective.

As 5G moves from concept to reality, it’s increasingly clear that no one vendor will have the complete answer to 5G transformation and enablement. Instead, as our partnership with Intel and Dell EMC illustrates, the future of 5G rests with best-of-breed collaborators doing what they’re best at, whether it’s building the fastest servers, the smartest processors or the most flexible 5G architecture.

To get the full story on 5GCN, download the Intel white paper, “Enabling Communications Service Providers to Meet 5G High Density I/O Goals through Software Optimization and Hardware Acceleration.