Wednesday, August 31, 2011

Ericsson Updates: SSR (w/DPI) Scheduled for Q4; 85 PCRF Customers

    
The slides below are taken from the presentations made by Håkan Eriksson, Group CTO and President of Ericsson Silicon Valley and Jan Häglund (pictured) VP and Head of Broadband and Internet, Ericsson Networks during Ericsson's North American Analyst Forum held on August 30 in San Jose, CA.

The slides relate to the recently announced Smart Services Router (see "Ericsson Smart Services Router to Include DPI and Video Caching" - here), a major building block in Ericsson's "Service Aware Network", described by Mr. Eriksson.

Ericsson's policy management (now enhanced with Telcordia portfolio) has 85 contracts. 
   
Ken Rehbehn, Yankee Group Mobile Wireless Industry Analyst provided live blogging during the event - and tweeted some of Mr. Häglund statements:
  • Policy control activity largely in SE Asia (helping operators w/ innovative charging approaches) 
  • 1st Smart Services Router coming 4q11 as planned - 16Tbps
  • Smaller versions (10slot/6slot) of Smart Services Router coming in 2012

 

 

 

 

 

 

Bytemobile Launches Integrated DPI, Caching, Optimization and NI Solution

 
Today, MNOs need to implement a complex array of single-function (or few-functions) devices in order to control data traffic, at the application layer, in a way that will fit their business goals.
   
In many cases they need to purchase the popular functions (DPI/traffic shaping, video and data optimization, caching, web filtering/parental control, security and some other minor functions) separately, from multiple vendors, in separate purchasing projects. In addition they need to integrate all functions into one system – by adding a load balancing and traffic steering function (with subscriber and application awareness) and interfacing with the centralized OSS environment including the policy manager (PCRF).

Realizing that, vendors that were focusing on a specific function are trying for several years now, to migrate to a function-rich solution by developing or OEMing the functions they do not have. Sometimes the new functions run on blades in a single device and in other cases on a separate device/s - as much as performance and time-to-market allow. We have seen this at Allot, Sandvine, Comverse, Cisco (Starent's GGSN) and others. So far no vendor has the "right collection" of functions for today's mobile needs.
    
Now Bytemobile tries to address the challenge. The vendor launched ".. the T3000 Adaptive Traffic Management System .. enabling operators to manage millions of mobile subscribers’ access to rich content and applications through a single platform .. The T3100 is the industry's first fully integrated in-line platform designed to automatically adapt and manage all mobile Internet Protocol (IP) traffic based on real-time network conditions .. The solution effectively eliminates costly capital expenditures and operating expenses associated with a combination of network elements for caching, load balancing, deep packet inspection (DPI), web and video optimization, policy control, and analytics. This reduces the operators’ total cost of ownership (TCO) for traffic management by up to 50 percent within months of deployment. Through the use of adaptive traffic management and auto-tunable traffic control features, the T3100 improves the utilization and performance of existing network capacity by 30-50 percent"

Chris Koopmans (pictured), vice president of products at Bytemobile said: “.. the T3100 .. can detect and react to network conditions in the cell, radio access network (RAN) and core in milliseconds. With intelligence that spans seven dimensions of traffic control and unparalleled control functions to inspect data traffic at all layers of the network, the T3100 measures each subscribers QoE in real time, enabling operators to dynamically adjust traffic flows to maximize the user experience.
  
Byte's Adaptive Traffic Management System includes DPI (see spec below), load balancing and traffic steering, Smart Caching, Selective Optimization, Network and Application Intelligence.
  

See "Bytemobile Unveils Industry’s First Adaptive Traffic Management System for Evolving Mobile Networks" - here.



Tuesday, August 30, 2011

Sandvine: "developers will try to find new ways to have their tethering apps go undetected on CSP’s networks"

    
Tom Donnelly (pictured), Sandvine's COO new post on the compnay's blog explains the recent trends in tethering business interests (background - here): MNOs revenues, detecting and avoiding following the recent measures taken by AT&T and Verizon

"In the US, both Verizon (here) and AT&T (here) have begun to identify subscribers who violate their Terms of Service (TOS) by using unauthorized tethering applications on mobile networks .. Given that tethering app developers charge between $10 and $50 for a software license, and that CSPs stand to gain potential additional revenues from tethering subscriptions, both developers and network operators have significant financial interest in tethering services.  We have very likely only seen the beginning of a cat-and-mouse game between app developers and CSPs, as developers will try to find new ways to have their apps go undetected on CSP’s networks ..  For mobile network operators who want to enforce their terms of service, Sandvine’s network policy control solution provides tethering detection, enabling CSPs to confidently and reliably conclude when a subscriber is tethering, and ensure accurate billing".

See "Tethering App Turmoil" - here.

DPI Announcements: Qosmos and 6WIND Offer Integrated OEM Solution

    
Qosmos and 6WIND announced "a technology partnership between the two companies. With tight integration between the companies’ products, network equipment providers can add Qosmos’ real-time NI capabilities and 6WIND’s advanced, multicore packet acceleration to their solutions .. Networking applications such as intrusion prevention and detection systems, mobile video compression, and 4G policy and charging enforcement (PCEF) require advanced DPI technology accelerated by high-performance packet processing. These functions need to be performed at wire-speed (10Gbps or 40Gbps today, with higher speeds in the future), requiring the use of highly-integrated solutions optimized for system-level performance".

See "Qosmos and 6WIND Partner on High-Performance Real-Time Network Intelligence Solutions" - here

See also "DPI Announcements: Continuous Computing Packages Qosmos, 6WIND and Wind River Packet Processing" - here.

Monday, August 29, 2011

Salient Federal Solutions: IPv6 Threats can be Eliminated Using DPI

  
Salient Federal Solutions reports "real-world incidents of IPv6 attacks based on the emerging protocol's tunneling capabilities, routing headers, DNS broadcasting and rogue routing announcements. The company asserts that all of these threats can be eliminated with the use of IPv6-enabled deep packet inspection tools, which it (here) and other network vendors sell".

See "IPv6 eyed by torrent users to avoid network throttling" - here.

Jeremy Duncan (pictured), senior director and IPv6 network architect for Salient Federal Systems, said: "IPv6 tunneling gives attackers a green light to penetrate networks .. uTorrent, which is an IPv6-capable freeware client for the BitTorrent peer-to-peer protocol that's used to share large files such as music and movies runs very well over Teredo, and that the BitTorrent community is discovering IPv6 as a way of avoiding network congestion controls that are used by ISPs to manage BitTorrent traffic on IPv4 networks"

The slides below are taken from Jeremy's presentation "IPv6 Is Here. Is Your Network Secure?" at the 7th Annual GFIRST National Conference, held in Nashville earlier this month.

The 2 parts presentation is available here and here.



 

[Guest Post]: The Way to Go: Use Signaling Messages for Context-aware Analytics

By Lenny Ridel*, CTO, Traffix Systems

With fierce competition constantly on the rise, service providers know that providing the best customer experience is a key component to a strategy for success. One critical tool in moving towards providing a superior customer experience is context-aware analytics that assists substantially in achieving top quality network performance and finely tuned personalized service and product offerings.

At the same time, service providers are justly concerned about becoming a “dumb pipe” and losing control over their service provision relative to customers' service level agreements. Trends like the open garden model driven by data optimized smart phones such as the iPhone and the aggressive tactics of Google and Facebook bring new subscriber-centric models and targeted approaches from the Internet domain into the telecom market.

To halt the dumb pipe process, increase revenues and stay competitive, service providers understand they need to differentiate their offerings and improve the customer experience by leveraging the information they have or what they can extract from the network. To gather this information, service providers should use context-aware analytics based on signaling messaging as the best source of the information with the fastest retrieval of information on network performance and subscribers’ behavior.

Signaling transactions through the control plane in telecom networks provide an optimal source for network intelligence and user behavior monitoring and analysis. The signaling path offers a rich and granular source of information for a context-aware engine to analyze and provide operators with the opportunity to create a better customer experience, fine tune the service offering and improve service quality. The control plane contains information such as subscribers' location, services used, the technology supported by the user's mobile device, resources allocation, charging and rating and much more. A robust context-aware engine correlates this data in real-time to enable optimal network operation and to use alternative business models with personalized offerings, tailored marketing campaigns, and other targeted promotions.

Why is the information located in the control plane the best source for context-aware analytics?

1. Granularity of information

The information that flows in the control plane contains subscriber centric information, the most valuable and strategic information in the network, e.g. the location of the subscriber, his buddies (IM friends) list, his phone number, technology used to attach to the network, the charging scheme, his phone number, IP, services he is using and so on. Most of this information is not available in the service or data domain and is not accessible to commonly used DPI methods.

2. Lower volume of traffic

In the control plane, megabytes of signaling information are moved, as opposed to gigabytes of information in the data plane, making the extracting of information from signaling faster, and much more cost effective. It can also be performed with software-based solutions using off-the-shelf servers. The volume of traffic is typically 1/1,000 compared to the data.

3. Synchronization and correlation
 

Extracting information from the signaling flows in the control plane enables correlation and synchronization of different transactions and extracting information according to pre-configured definitions. For example, you can extract all information related to specific subscriber, or to specific services, group of users or even location.

Sometimes it is impossible to extract information from the data plane because messages might go through one route, and come back via another. This is the nature of IP, requiring a large scale implementation to cover all possible routes. In addition, the quantity of data that needs to be processed for the many applications and proprietary protocols is enormous. In the signaling domain, traffic is controlled, interactions and routing are fixed. This makes the implementation efforts several scales smaller and the correlation of information much easier.

Information collected from the signaling control plane is extracted and compiled in real time. As signaling is the source of greater information, it provides better quality information about the network, the subscriber and the context and ties between different actions, operations and usage patterns related to the network subscribers.

In summary, using signaling as the source of information with a robust context aware analytics engine provides operators with actionable information with faster, cheaper, and better data source. In addition, the data supports operators' efforts to maintain high quality network performance and create a more effective marketing program with personalized targeted offers of products and services. This is the most effective path to success in today's extremely competitive environment.




*Lenny Ridel has more than 15 years experience in architecture, design and development of multidisciplinary systems and algorithms research. In his last position, he was Algorithms Team Manager in Aternity responsible for development of analytics system for user experience modeling and root cause analysis. Before that he was Messaging Group Manager at IXI Mobile and Software Development Manager at Schema.

Lenny holds B.Sc. in Physics from Ben-Gurion University and M.Sc. in Electrical Engineering from Tel-Aviv University.

Sunday, August 28, 2011

Monday's Guest Post: Using Signaling based Analytics

 
A new guest post will be published on Monday. In his article, "The Way to Go: Use Signaling Messages for Context-aware Analytics", my 5th guest, Lenny Ridel, will discuss the advantages of using context-aware analytics based on signaling messaging as the best source of the information with the fastest retrieval of information on network performance and subscribers’ behavior.

Stay tuned.

If you like to propose a guest post, please send me a proposed subject, abstract and the author details.

Research: US MNOs Firewall Policies Degrade Network Performance

  
A research paper by Zhaoguang Wang, Zhiyun Qian, Qiang Xu, Z. and Morley Mao (pictured) from the University of Michigan and Ming Zhang from Microsoft Research finds that key NAT and firewall policies used by celluar operators in the US have direct implications on performance, energy, and security.

For example, the research found that "One of the largest U.S. carriers is found to configure firewalls to buffer out-of-order TCP packets for a long time, likely for the purpose of deep packet inspection. This unexpectedly interferes with TCP Fast Retransmit and Forward RTO-Recovery, severely degrading TCP performance triggered merely by a single packet loss"

See "An Untold Story of Middleboxes in Cellular Networks" - here.

ABSTRACT

"We present NetPiculet, the first tool that unveils carriers’ NAT and firewall policies by conducting intelligent measurement. By running NetPiculet in the major U.S. cellular providers as well as deploying it as a smartphone application in the wild in more than 100 cellular ISPs, we identified the key NAT and firewall policies which have direct implications on performance, energy, and security. For example, NAT boxes and firewalls set timeouts for idle TCP connections, which sometimes cause significant energy waste on mobile devices. Although most carriers today deploy sophisticated firewalls, they are still vulnerable to various attacks such as battery draining and denial of service. These findings can inform developers in optimizing the interaction between mobile applications and cellular networks and also guide carriers in improving their network configurations".

MetroPCS Offloads 20% to Wi-Fi

   
 reports to Fierce Wireless that according to iPass CTO Barbara Nelson (pictured) - "..some operators are unwilling to offload traffic to Wi-Fi unless they own the network, while others, such as MetroPCS, are offloading a significant amount of traffic to Wi-Fi now .. Although they are not broadcasting it, we estimate 20 percent of MetroPCS' traffic is offloaded to Wi-Fi"

MetroPCS would not confirm the iPass statistic. However spokesman Drew Crowell said the firm is "encouraged by what we are seeing with traffic offloaded to Wi-Fi". In May, an AT&T executive said that "AT&T didn’t see Wi-Fi helping the nation’s No. 2 carrier offset congestion" (here).

It is not clear if the Wi-Fi offloading percentage refers to Wi-Fi services in public areas only, or includes the use of home/office Wi-Fi as well. If the latter is included, then the 20% figure does not look very high.

See "MetroPCS may be offloading at least 20% of its traffic to Wi-Fi" - here.

Saturday, August 27, 2011

[Fun] Tiered Services - Can this Happen in Broadband?

Just enjoy this great piece from a recent "Curb Your Enthusiasm" episode.






US Broadband - Cable Grows Faster than DSL/Fiber

  
According to a report from the Leichtman Research Group "the eighteen largest cable and telephone providers in the US -- representing about 93% of the market -- acquired about 350,000 net additional high-speed Internet subscribers in the second quarter of 2011 .. The top cable companies accounted for 77% of the net broadband additions for the quarter versus the top telephone companies .. AT&T and Verizon added 628,000 fiber subscribers in the quarter (via U-verse and FiOS), while having a net loss of 578,000 DSL subscribers"  


See "About 350,000 Add Broadband in the Second Quarter of 2011" - here

Friday, August 26, 2011

Strategy Analytics Expects M&As of Traffic and Policy Management Vendors

   
According to a new report by Strategy Analytics we should expect additional M&As in the policy and traffic management market (following the steps of Cisco/Starent, Amdocs/Bridgewater, Tekelec/Camiant, Ericsson/Telcordia).

The report "shows why the mobile broadband policy and traffic management industry is ripe for partnerships and mergers in a new report from its Mobile Broadband Opportunities (MBO) service"

Sue Rudd (pictured), Director, Service Provider Analysis, noted, “Many of these players already partner with each other -- and with traditional equipment manufacturers – in order to deliver complete solutions for mobile operators. As service providers race to optimize capacity that will satisfy mobile broadband demand, policy management has changed from a passive network tool to a strategic business weapon. To meet operator needs, players may need to team up permanently to integrate and test high performance solutions that can increase capacity by 50 percent at a fraction of the cost of new infrastructure.

Nevertheless, the creation of single-vendor solutions faces operators with higher dependency in the solution they bought and diminishes the value of using standard interfaces between network elements (such as 3GPP's PCRF-PCRF interfaces).

"We see three key dimensions to consolidation:
  • Personalization for Value Added Services
  • Applications, Content Video Optimization
  • Billing for Real Time Rating and New Pricing Options"
"Key players mentioned in this report include: Allot, Arbor Networks, Bridgewater (now acquired by AMDOCS), Broadhop, Bytemobile, Cisco (former Starent), Openet, Procera, Continuous Computing (now a subsidiary of Radisys), Sandvine, Tekelec (former Camiant) and Volubill"

See "Traffic Management Players about to Merge" -  here.

SourceFire's DPI Protects Against "Apache Killer" DoS Attack

  
Hopefully no one will claim that the use of DPI in the following way is bad.

Sourcefire announced that "its Vulnerability Research Team (VRT) protects customers against the recently released "Apache Killer" tool, as well as attacks against the underlying vulnerability that enables it .. Using large malformed HTTP headers, Apache Killer allows an attacker to use a single PC to perform a denial of service attack. This attack is easily detected by the Snort engine's HTTP Inspect preprocessor, which has an option to block oversized HTTP headers"

Matt Watchinski (pictured), Vice President of Vulnerability Research at Sourcefire said: "Our solution to Apache Killer is a great example of the enormous amount of protocol intelligence and deep packet inspection capability in the Snort engine .. By allowing customers to identify anomalous network traffic at a general level, the Snort engine provides detection ahead of the threat for a variety of new exploits"

See "Sourcefire Protects Customers Against "Apache Killer" Exploit" - here.

Thursday, August 25, 2011

The Challenges of Maintaining a Current DPI "Signatures File"

 
A new blog post by Cam Cullen (pictured), Procera's VP of Product Management provides some insights to the efforts of maintaining an up-to-date "signature file"  - the core of  the DPI technology, with which MNOs can define service-aware policies. For years, this was an issue of fixed networks DPI systems (with the challenge of indentifying P2P file sharing applications) - nowadays, as Cam pointing out, it is an issue for mobile traffic management solutions as-well. 

"The rapidly evolving mobile application landscape is making signature updates even more critical, as new applications are launched at what seems like a mile a minute. Our R&D team sometimes feels like the proverbial dog chasing its tail, as every week there are tons of new mobile applications launched in the App Stores for the major mobile operating systems

"The good news is that not all applications are created equal, and many are simply web front ends for a smartphone.. In these cases, a simple Virtual Service (which is a capability that we have for a customer to create their own signature) created to capture a specific type of traffic to a specific site will allow the mobile operator to create new services or zero-rate/exempt traffic from usage quotas in a matter of hours .. "

" .. More complicated applications (messaging, VOIP and sometimes streaming video/audio), are another matter completely. Skype [see - "Is it Possible to Block Skype with DPI ?" - here], Viber and Spotify are all examples of applications that can change the way they operate depending on the network bandwidth, attempts to limit their bandwidth or even the device on which they are running. These applications require a fast-moving development schedule, and sometimes cooperation between the operator and the vendor to ensure that traffic is properly classified. If you are charging (or NOT charging) based on a specific application, you better get it right!"

See "Chasing the Dog’s Tail – The Challenge of Keeping up with Mobile Applications" - here.

[Dell'Oro Group]: Mobile Backhaul Market to Reach $9B by 2015


A Dell'Oro Group report forecasts that "Mobile Backhaul market revenues are expected to approach $9B by 2015. This updated report tracks two key market segments: Transport, which includes microwave and optical equipment, and Routers and Switches, which includes cell site devices, carrier Ethernet switches, and service provider edge routers .. routers and switches expected to constitute 30% of mobile backhaul market "

See also:
  • Survey: Mobile Networks are Near Full Capacity - here
  • Yankee Group: Average Cell Backhaul Bandwidth will Grow to 100 Mbps by 2015 - here
Certainly some intelligence, optimization, caching and offloading technologies could be useful here, rather than just "throw more bandwidth on the problem" (see solutions from Stoke, Volubill, DiViNetworks, Saguna and Sycamore and of course the traditional DPI/traffic management solutions).

Shin Umeda, Vice President of Routers research at Dell’Oro Group said: “Our research has found that operators around the world are concerned with the rate of mobile traffic growth and are transitioning to Internet Protocol (IP) technologies to build a more efficient and scalable backhaul network. Our latest report forecasts the demand for IP-based routers and switches will continue to grow through 2015, almost doubling the market size of the Router and Switches segment in the five-year forecast period” 

See "Mobile Broadband to Drive Backhaul Market to $9 Billion by 2015- here.

Wednesday, August 24, 2011

China Telecom Plans to be an "Intelligent Pipeline" (using also DPI)

 
Chairman & CEO

Wang Xiaochu

China Telecom announced its "INTERIM RESULTS FOR THE SIX MONTHS ENDED 30 JUNE 2011" (here).

The "Chairman's Statement - Planning ahead and fully preparing for the future" explains the carrier's desire to be the "Leader of the Intelligent Pipeline":

freedom to participate in network deployment and management, and multi-level quality of service levels for different subscribers and services. This year, we strengthened our access network construction that utilised the passive optical network (PON) technology and achieved comprehensive bandwidth upgrade for our core network and access network. We continued to optimise our 3G network coverage and continued to enhance our network quality to maintain our leading position amongst the peers. We consolidated our carrier-class Wi-Fi network and, strengthened its coordinated traffic offloading from the 3G network. Technologies such as Deep Packet Inspection (DPI) have been deployed to reinforce the identification capability of the mobile network on customers and services, and to implement the precise mobile traffic management."
"Our intelligent pipeline will feature high-speed bandwidth, convergent wireline and mobile network, users

Heavy Reading: Policy Servers and Enforcers Market to Reach $2B in 5 Years

  
A new Heavy Reading report, by Graham Finnie (pictured), Chief Analyst, estimates that "the policy management market (including policy servers, policy enforcement gear such as DPI appliances, and ancillary elements) grew by almost 40 percent in 2010, and is set to become a $2 billion market within the next five years .. 15 companies have launched a policy server based on the 3GPP PCRF standard in the past three years, and our report reviews a whopping 40 companies that have some kind of policy proposition .. policies based on device, location, time of day, and prioritization or QoS based on application, URL or subscriber value have already been deployed by some operators as they seek to establish what kinds of mobile data service packaging will deliver the most value at the least cost"
 
Heavy Reading forecast of $2B for 2016 is lower compared to previous market forecasts (for example, Infonetics says that DPI and Policy servers will reach $2.1B and $1.6B, respectively, in 2015 - total of $3.7B - see other forecasts here).
 
This is explained by Heavy Reading analysis of the mobile market only, while other reports refer to the fixed market as well. Two years ago, the mobile market for DPI was nearly 0; recently DPI vendors say it is 50% of their revenues – so the trend seems to continue.

Key findings of Mobile Broadband & the Rise of Policy: Technology Review & Forecast include the following:
  • The big increase in interest in deployment in the mobile sector has given a major revenue boost to the sector. We estimate that the global policy market, including PCRF, PCEF and ancillary revenues, grew by nearly 40 percent in 2010, to reach approximately $783 million.
     
  • Our survey found strong interest in creating more sophisticated use cases that span the divide between traffic management and subscriber service design. This interest is beginning to translate into new and more complex use cases for policy. One widely deployed application is identifying and zero-rating access to Facebook within a quota-limited service.
     
  • Telcos identified problems integrating policy and charging as the single biggest barrier to deploying policy architectures. Solutions to these issues are thus likely to be well-received by customers, and there is much at stake here. However, there is some uncertainty here as a new interface (the Sy interface between PCRF and OCS/OFCS) emerges.
     
  • The more demanding policy use cases that are now emerging will put pressure on vendors and may benefit those with the most powerful, flexible and well-integrated solutions. As policy becomes more sophisticated and widespread, it will require massive scaling up in the policy engine in terms of transactions or sessions handled, as well as better integration with other elements in the policy architecture.
See "Policy 2011: Hot, But Getting Crowded" - here and the executive summary - "Mobile Broadband & the Rise of Policy: Technology Review & Forecast" - here.



Tuesday, August 23, 2011

ACG Research:"subscriber and application awareness provides competitive differentiation opportunities" (w/Use Cases)


Article by Michael Kennedy (pictured), Principal Analyst, ACG Research at Fierce Telecom explains the value of subscriber and application awareness to service providers: ".. This expanded networking functionality is being driven on the demand-side by service providers' need to differentiate their services from both competitors and among internal lines of business where service cannibalization is a serious problem; and on the supply-side where more flexible hardware architectures make it possible to combine transport, switching, routing, and DPI capabilities in the same system chassis"

Many of the services listed below are implemented by wireline and wireless providers, as can be seen by some use-cases, embedded in the quoted text below. One of the suggested functions, personal/behavioral advertising, gained some popularity for a very short time few years ago and then failed in North America and Europe due to (unnecessary) privacy concerns [here].

Note that ACG sees the awareness/DPI features as part of the routine infrastructure, and not as standalone devices, the most common deployment topology used today (See also "ACG Research: "Edge routers are augmented with DPI" - here).  
  
"The most straightforward use of network subscriber and application awareness is to create incremental revenue [Starhub] for basic service offerings ..  subscriber and application awareness capabilities can be used to insert subscriber specific advertizing [here, here] into broadband applications .. Parental controls [Turkcell, TalkTalk] are another application of subscriber awareness with very high ROI .. monitoring video Quality of Service (QoS) and Quality of Experience (QoE) scores .. Subscriber and application awareness also increase the trust level associated with network-based security services [SK Telecom, AT&T, Telefonica]"
See "IP networking: Building value through network subscriber and application awareness" - here.

Resource: 3GPP Traffic Detection Function (TDF)/Service Awareness Overview

  
The slide below shortly explains TDF - Traffic Detection Function in 3GPP R.11, using the Sd interface.

The slide is taken from a presentation made by Dr. Sungho Choi (pictured) ,Vice Chairman of 3GPP TSG SA (representing SMASUNG), last May. The presention "Evolution of the 3GPP Network Architecture,(the Evolved Packet Core)" is available here.

See also "[Tekelec] The Benefits of Policy Controlled Video Optimization" - here.


Monday, August 22, 2011

A "Bizarre" French Idea – Data Caps on Fixed Service

  
The press reports that "Three major internet service providers in France are discussing plans to introduce caps on "unlimited" web access - making heavy users pay a surcharge .. SFR, Orange and Bouygues are looking at the case for bringing in new limits on the packages they offer to domestic customers, in order to better control traffic levels .. Free said it had "reservations" and Numéricable said it was "not involved" in the talks".

We use to see this strategy with wireless providers, but this one refers to fixed service. Nevertheless, we have seen this before in other places (Comcast, Canada, AT&T - DSL)- but still Arcep, the regulator said the idea was "bizarre".

"One of the most vocal critics of the idea this weekend was Marine Le Pen (pictured), the leader of the far-right Front National. She is drawing up an "internet freedom" law including a clause that would make web access "a fundamental right for every citizen" (here, French). 
   
See "Operators plan cap on 'unlimited' web" (here) or "Bientôt la fin de l'internet illimité à domicile ?" (here, French)





Research Concludes: "BitTorrent is Good for Tier1 ISPs"

 
A new report  by John S. Otto, Mario A. Sánchez, David R. Choffnes, Fabián E. Bustamante (pictured) from Northwestern University and Georgos Siganos from Telefónica Research  presents a comprehensive view of BitTorrent - "using data from a representative set of 500,000 users sampled over a two year period, located in 169 countries and 3,150 networks".

See "On Blind Mice and the Elephant - Understanding the Network Impact of a Large Distributed System" - here and below.

In their conclusions, the authors say that "We found that despite its global reach, BitTorrent is able to remain local for large portions of its traffic. Further, our results show that most traffic generated by BitTorrent users stays at or below tier 3 .. Most BitTorrent traffic flows over cost-free paths and that it generates substantial revenue potential for many higher tier ISPs. We also highlighted the importance of the temporal pattern behind the generated traffic under the common 95th-percentile charging model"

[Guest Post]: “Policy exchange controllers - scaling policy infrastructure in LTE and IMS”

By Kevin Klett*, Vice President, Strategic Product Management, Acme  Packet

As mobile broadband growth continues apace and LTE and IMS networks are deployed as replacements for legacy technologies, service providers are looking for ways to cost effectively scale policy infrastructure. Policy, which includes authorization, authentication, charging and quality of service (QoS) information, is essential for service delivery and for networks to operate efficiently and profitably.
The volume of policy-related traffic can be crippling as subscriber population expands and voice and data service usage intensifies. In order for the network to keep pace, policy exchange controllers—a new element—are required to streamline operations and facilitate manageable scalability.
Policy exchange in IP networks
 

Let’s start with the basics: last decade the transformation of telecommunications began as voice and all communications started the migration from circuit-switched networks to an IP world. It has largely affected fixed line networks until recently—although that transformation is still early and not complete—and mobile is the next frontier. The combination of the broadband IP transport networks and a new service layer, largely IMS, is the network of now and the future. While 3G RANs such as EVDO and HSPA brought IP and the Internet to mobile networks, LTE is the major technological leap forward embracing the all-IP network thus leaving no home for TDM technology.

SS7, the intelligent signaling layer in TDM networks, is replaced in these LTE and IMS networks by two protocols: SIP and Diameter. SIP is the call control protocol used to establish voice, messaging and multimedia communication sessions. Diameter takes on the role of exchanging policy information between network elements for each subscriber data, voice, video or multimedia session. This information is also exchanged between visited and home networks for roaming subscribers.



Exhibit 1: Diameter interfaces in LTE and IMS

More specifically, policy means subscriber and session authentication, authorization, location, charging and quality of service (QoS) information must be exchanged among HSS, PCRF, MME, CSCF, OCS and other elements within a single service provider’s network. There are scores of Diameter interfaces defined by various standards groups and industry bodies. The dominant ones are show in Exhibit 1 and can be broadly grouped into the following categories:
 
·         Registration, authorization and authentication
·         QoS/bandwidth-based admission control
·         Charging
·         Location


Challenges to scalability

Now, returning to the policy traffic conundrum: Diameter signaling is everywhere and can be quite demanding of the network. The main challenges that service providers face with scaling and managing policy in LTE and IMS networks include:

·    Scalability – the volume of messages and Diameter transactions for each voice or data session can be huge–in excess of 60,000 messages per 1 million subscribers in certain large service providers.
·    Overload and network failure – the servers involved in processing various AAA, QoS or charging functions are not equipped to deal with spikes in volume; this can impact quality or availability of services.
·    Network attack – policy infrastructure that is exposed to external networks in roaming scenarios can be attacked and, as in overload event scenarios, be taken out of service, affecting overall network availability.
·    Provisioning and routing – given the number of elements, where they are located and how they must interconnect, the programming of route tables and the effective routing of messages in a network can be daunting to provision, maintain and change as the network grows.
·    Multi-vendor interoperability – while Diameter is a standard, there are numerous interpretations of that standard as IMS and LTE has evolved and as more vendors enter the market.  In addition, there differences in networks (such as transport protocol or IP version) that can cause incompatibility and transaction failures. Multi-vendor environments are long known for interoperability problems that add extra time or costs to an initial deployment and ongoing operations.
·    Troubleshooting and management – the ability to collect and correlate all messages with the number of elements and vendors and volume of transactions is formidable if not impossible; the information from these messages is critical for network planning, troubleshooting and daily operations.
While focused on LTE networks, these challenges can exist in today’s 3G environments as well for QoS and charging interfaces (but not roaming or AAA functions as they use SS7 even for 3G data).

Policy exchange controllers – Diameter signaling control for a scalable network

A policy exchange controller (PEC) controls Diameter signaling, enabling the seamless communication and control of policy information between network elements within LTE or IMS networks and across LTE network borders. For those well versed in VoIP, a shorthand way to think of this element is a session border controller for the Diameter protocol as opposed to SIP.

PECs fulfill two major functional elements defined by 3GPP: the Diameter Routing Agent (DRA) and the Subscriber Location Function (SLF). These functions are proxies or front ends that sit in the middle of Diameter transactions and assist in completing the exchange of policy information. The DRA is largely associated with load balancing clusters of PCRF servers and the SLF is charged with discovery of the appropriate HSS for a given subscriber. Both elements assume a large installation of PCRF and HSS elements. PECs are also valid elements according to the Diameter standard, serving as proxy or relay agents between clients (e.g., MME) and servers (e.g., HSS).

DRA is a commonly used, but inadequate term, for the solution needed. To be successful, routing is only the starting point. To address those challenges outlined earlier, the major features that PECs provide are:

·         Centralized and intelligent routing
·         Load balancing across Diameter servers
·         Overload control and denial of service (DoS) attack prevention
·         Encryption
·         Diameter protocol mediation and normalization
·         Transport protocol and IP address interworking
·         Aggregation of messages and reporting of key performance metrics
Policy exchange controller is a new and rapidly emerging product category. Along with Acme Packet, there is a number of start-up and established companies involved in this market as Azi Ronen pointed out in his post "Resource: Diameter Routing Explained" (here). Today there are five announced products and this is just the start; we expect there to be offerings from the big telecommunication vendor—players in IMS, legacy SS7 signaling and LTE— as well as other policy server specialists.

Who needs a PEC?

Any service provider will require policy exchange controllers to varying degrees. Since Diameter is tightly integrated into IMS and LTE, policy exchange controllers will be required to successfully scale these networks.


Exhibit 2 – Core policy aggregation

The greatest need is for a core policy aggregation role within an individual service provider (see Exhibit 2). This applies to all LTE service providers as well as some 3G and fixed line IMS networks.

For LTE data and VoLTE roaming, all players in the ecosystem—mobile service providers, IPX carriers and roaming hubs, will require PECs to control policy exchange at their external interconnect borders. PECs replace the SS7 STPs that enable 3G roaming today.

Another application, service federation, can also drive the need for PECs for fixed and mobile broadband and over-the-top providers. Service federation uses a revenue-share or partnership model and is predicated the exchange of QoS and authentication information between the two provider types.

A policy exchange controller is a new network element that controls Diameter signaling, enabling the seamless communication and control of policy information between network elements within LTE or IMS networks and across LTE network borders. The need for this element is rising as all-IP networks proliferate, creating a mesh of Diameter connections that negatively impacts network performance, capacity and management. PECs alleviate those challenges and provide a path to profitability in the broadband era.



_______

*Since joining Acme Packet in 2000 Kevin Klett has led product strategy, development and life cycle management for the service provider Net-Net product family. Prior to Acme Packet, Kevin served in system engineering leadership roles at Lucent Technologies and Excel Switching. He holds a BS degree in Electrical Engineering and Telecommunications from the University of Connecticut.