Monday, August 22, 2011

[Guest Post]: “Policy exchange controllers - scaling policy infrastructure in LTE and IMS”

By Kevin Klett*, Vice President, Strategic Product Management, Acme  Packet

As mobile broadband growth continues apace and LTE and IMS networks are deployed as replacements for legacy technologies, service providers are looking for ways to cost effectively scale policy infrastructure. Policy, which includes authorization, authentication, charging and quality of service (QoS) information, is essential for service delivery and for networks to operate efficiently and profitably.
The volume of policy-related traffic can be crippling as subscriber population expands and voice and data service usage intensifies. In order for the network to keep pace, policy exchange controllers—a new element—are required to streamline operations and facilitate manageable scalability.
Policy exchange in IP networks

Let’s start with the basics: last decade the transformation of telecommunications began as voice and all communications started the migration from circuit-switched networks to an IP world. It has largely affected fixed line networks until recently—although that transformation is still early and not complete—and mobile is the next frontier. The combination of the broadband IP transport networks and a new service layer, largely IMS, is the network of now and the future. While 3G RANs such as EVDO and HSPA brought IP and the Internet to mobile networks, LTE is the major technological leap forward embracing the all-IP network thus leaving no home for TDM technology.

SS7, the intelligent signaling layer in TDM networks, is replaced in these LTE and IMS networks by two protocols: SIP and Diameter. SIP is the call control protocol used to establish voice, messaging and multimedia communication sessions. Diameter takes on the role of exchanging policy information between network elements for each subscriber data, voice, video or multimedia session. This information is also exchanged between visited and home networks for roaming subscribers.

Exhibit 1: Diameter interfaces in LTE and IMS

More specifically, policy means subscriber and session authentication, authorization, location, charging and quality of service (QoS) information must be exchanged among HSS, PCRF, MME, CSCF, OCS and other elements within a single service provider’s network. There are scores of Diameter interfaces defined by various standards groups and industry bodies. The dominant ones are show in Exhibit 1 and can be broadly grouped into the following categories:
·         Registration, authorization and authentication
·         QoS/bandwidth-based admission control
·         Charging
·         Location

Challenges to scalability

Now, returning to the policy traffic conundrum: Diameter signaling is everywhere and can be quite demanding of the network. The main challenges that service providers face with scaling and managing policy in LTE and IMS networks include:

·    Scalability – the volume of messages and Diameter transactions for each voice or data session can be huge–in excess of 60,000 messages per 1 million subscribers in certain large service providers.
·    Overload and network failure – the servers involved in processing various AAA, QoS or charging functions are not equipped to deal with spikes in volume; this can impact quality or availability of services.
·    Network attack – policy infrastructure that is exposed to external networks in roaming scenarios can be attacked and, as in overload event scenarios, be taken out of service, affecting overall network availability.
·    Provisioning and routing – given the number of elements, where they are located and how they must interconnect, the programming of route tables and the effective routing of messages in a network can be daunting to provision, maintain and change as the network grows.
·    Multi-vendor interoperability – while Diameter is a standard, there are numerous interpretations of that standard as IMS and LTE has evolved and as more vendors enter the market.  In addition, there differences in networks (such as transport protocol or IP version) that can cause incompatibility and transaction failures. Multi-vendor environments are long known for interoperability problems that add extra time or costs to an initial deployment and ongoing operations.
·    Troubleshooting and management – the ability to collect and correlate all messages with the number of elements and vendors and volume of transactions is formidable if not impossible; the information from these messages is critical for network planning, troubleshooting and daily operations.
While focused on LTE networks, these challenges can exist in today’s 3G environments as well for QoS and charging interfaces (but not roaming or AAA functions as they use SS7 even for 3G data).

Policy exchange controllers – Diameter signaling control for a scalable network

A policy exchange controller (PEC) controls Diameter signaling, enabling the seamless communication and control of policy information between network elements within LTE or IMS networks and across LTE network borders. For those well versed in VoIP, a shorthand way to think of this element is a session border controller for the Diameter protocol as opposed to SIP.

PECs fulfill two major functional elements defined by 3GPP: the Diameter Routing Agent (DRA) and the Subscriber Location Function (SLF). These functions are proxies or front ends that sit in the middle of Diameter transactions and assist in completing the exchange of policy information. The DRA is largely associated with load balancing clusters of PCRF servers and the SLF is charged with discovery of the appropriate HSS for a given subscriber. Both elements assume a large installation of PCRF and HSS elements. PECs are also valid elements according to the Diameter standard, serving as proxy or relay agents between clients (e.g., MME) and servers (e.g., HSS).

DRA is a commonly used, but inadequate term, for the solution needed. To be successful, routing is only the starting point. To address those challenges outlined earlier, the major features that PECs provide are:

·         Centralized and intelligent routing
·         Load balancing across Diameter servers
·         Overload control and denial of service (DoS) attack prevention
·         Encryption
·         Diameter protocol mediation and normalization
·         Transport protocol and IP address interworking
·         Aggregation of messages and reporting of key performance metrics
Policy exchange controller is a new and rapidly emerging product category. Along with Acme Packet, there is a number of start-up and established companies involved in this market as Azi Ronen pointed out in his post "Resource: Diameter Routing Explained" (here). Today there are five announced products and this is just the start; we expect there to be offerings from the big telecommunication vendor—players in IMS, legacy SS7 signaling and LTE— as well as other policy server specialists.

Who needs a PEC?

Any service provider will require policy exchange controllers to varying degrees. Since Diameter is tightly integrated into IMS and LTE, policy exchange controllers will be required to successfully scale these networks.

Exhibit 2 – Core policy aggregation

The greatest need is for a core policy aggregation role within an individual service provider (see Exhibit 2). This applies to all LTE service providers as well as some 3G and fixed line IMS networks.

For LTE data and VoLTE roaming, all players in the ecosystem—mobile service providers, IPX carriers and roaming hubs, will require PECs to control policy exchange at their external interconnect borders. PECs replace the SS7 STPs that enable 3G roaming today.

Another application, service federation, can also drive the need for PECs for fixed and mobile broadband and over-the-top providers. Service federation uses a revenue-share or partnership model and is predicated the exchange of QoS and authentication information between the two provider types.

A policy exchange controller is a new network element that controls Diameter signaling, enabling the seamless communication and control of policy information between network elements within LTE or IMS networks and across LTE network borders. The need for this element is rising as all-IP networks proliferate, creating a mesh of Diameter connections that negatively impacts network performance, capacity and management. PECs alleviate those challenges and provide a path to profitability in the broadband era.


*Since joining Acme Packet in 2000 Kevin Klett has led product strategy, development and life cycle management for the service provider Net-Net product family. Prior to Acme Packet, Kevin served in system engineering leadership roles at Lucent Technologies and Excel Switching. He holds a BS degree in Electrical Engineering and Telecommunications from the University of Connecticut.


  1. In the Scalability challenge you write "...60,000 messages per 1 million subscribers..." but it seems to me that there still needs to be another dimension. Are you saying that 1M subscribers generate 60,000 messages PER Day? Per Hour? Per Second?

  2. that's a Busy hour message count i believe