Enabling Policy in the New Mobile Architecture

Updated June 18, 2013
  • Share via AddThis


Communication service providers (CSPs) today are designing and building new and advanced data networks to support their customers' needs. Mobile providers are rolling out 4G LTE services while fixed-line providers continue to increase the bandwidth speeds available. Customers are ever more hungry for faster data services and expect their CSPs to deliver solutions to meet that growing appetite. The CSPs must balance this data explosion with the need to manage the data on their networks to ensure fair access, develop customer offerings to generate revenue, and create a flexible infrastructure that is able to incorporate new technologies and solutions.

As customers continue to increase their data usage, the average revenue per user (ARPU) generated is not growing as fast as the costs needed to maintain the networks that support them. As a result, CSPs are using traditional network management techniques such as rate limiting, subscriber quotas, and application blocking to contain and control the explosion of data on their networks. Unfortunately, this creates an unsatisfactory situation for the customer, decreasing the quality of experience (QoE). Dissatisfaction leads to customer churn and a poor reputation for the CSP.

F5 BIG-IP Policy Enforcement Manager (PEM) is a solution that provides the foundation to deliver an innovative answer for meeting the needs of CSPs. BIG-IP PEM delivers the insight necessary to understand subscriber behavior and effectively manage network traffic with a wide range of policy enforcement capabilities. As part of the F5 BIG-IP family, BIG-IP PEM provides the flexible platform necessary to create tailored policies and enable the virtualization of subscriber services.

Next Generation Architectures

CSPs are building new networks based on next generation architectures and technologies such as LTE. But they are not only looking to create more advanced networks to deliver voice and data services. They are also looking to develop new services to enhance their customers' experiences and create a more flexible framework to deliver these services.

As part of this effort, CSPs are delivering more personalized services and packages to their subscribers. These packages include the ability to create rate plans for different types of data. Social media and personal data such as email may be given a different rate structure than streaming video and other types of content. Other plans may offer subscribers security enhancements enabling real-time virus and spam protection. Yet another enhanced service offering may give a participating subscriber's data priority through quality service (QoS) offerings such as type of service (ToS) and DiffServ differentiation.

To build and deliver these next generation services, CSPs need to gain further insight into the data being sent through the network. Subscribers need to be associated with the data traversing the network. Application context must be applied to the data the subscribers are sending and receiving. Policies need to be tied to the subscribers and their traffic to properly enable the services being offered. All of these tasks need to be applied in real-time to the data as it is seen on a CSP's network.

BIG-IP PEM provides the CSP with the visibility necessary to develop new services, giving the network operator the insight to identify subscribers and give application context to their data. BIG-IP PEM allows the CSP to apply advanced policies to the subscriber data, assigning rate limits or priority queuing or directing the data to value added services (VAS) through advanced traffic steering.

Figure 1: BIG-IP PEM delivers subscriber and application context for the insight needed to develop new services and revenues.

Enhanced Awareness, Enhanced Services

BIG-IP PEM enables a CSP to gain new and unique contextual information concerning the general traffic and application trends on the network, as well as specific information about subscriber behaviors. This enhanced understanding of how the network is being used allows the CSP to design a more efficient network architecture, better manage the application of VAS and network management solutions, develop new services, and ultimately enhance the customer experience.

Mobile network providers in particular are implementing solutions to manage the explosion of content being delivered to their customers by third parties. This over-the-top (OTT) traffic does not provide a direct revenue source for the provider and yet forces the expansion of network capacity to support the data growth. Technologies such as video optimization have been implemented to compress streaming video, which consumes as much as 40 percent of the available network bandwidth and is expected to continue to grow quickly. But many existing traffic identification and steering solutions are not able to deliver content to VAS solutions with enough granularity. Instead of delivering only streaming video content to a video optimization solution, for instance, technologies such as policy-based routing (PBR) direct all content destined for TCP port 80. The video optimization solution is expected to filter the traffic, reducing its overall performance.

BIG-IP PEM delivers an enhanced identification and steering solution that can identify the specific subscriber sessions associated with streaming video and only steer that traffic to the video optimization VAS solution. BIG-IP PEM identifies the application associated with the session in addition to the subscriber requesting the content. By utilizing a Gx interface, BIG-IP PEM can query the Policy Charging and Rules Function (PCRF) service to determine individual and group subscriber polices and how—or whether—they apply to the traffic being inspected.

This capability opens the door for the creation of various types of services. One example is the implementation of a premium security service providing enhanced anti-virus and anti-spam services for the subscriber's content. BIG-IP PEM can identify traffic associated with downloadable content, such as email services, web content, and file downloads. Once the content has been classified and the subscriber identified, the PCRF is queried to determine if the subscriber is a member of this premium service. If the subscriber has opted in for the security service, then the content is directed to the anti-virus/anti-spam VAS solution without any action necessary by the subscriber or the third-party content provider.

Since BIG-IP PEM implements a flexible classification and traffic steering technology, almost any service can be designed and deployed to deliver an enhanced QoE for subscribers and potentially create premium service revenue opportunities for the CSP.

Service Virtualization

Traditionally, CSPs have added new services independently, requiring the insertion of a new function into a linear network path. This disrupts the existing environment and increases complexity as each service is designed and implemented. In addition, the operational model becomes unwieldy as the CSP's support infrastructure must manage an ever-changing architecture and troubleshoot constantly changing network topologies.

As CSPs architect 4G LTE networks today, they are looking for ways to design the evolved packet core (EPC) to manage the host of data services they need to administer. Multiple components and technologies are necessary to create a functional EPC, but multiple vendors and fixed-purpose hardware solutions lead to increased costs and operational management concerns. So CSPs are exploring how to virtualize the service infrastructure to make it more dynamic and flexible. In 2012, the CSP industry created the network functions virtualization (NFV) working group to address this problem. The goal of NFV is to create a flexible, dynamic framework for adding new services using common hardware and generally available common technologies.

BIG-IP PEM provides an essential component in the NFV model: a centralized means to identify content, determine policies associated with that content for the specific subscriber in question, and apply those policies to steer the content to the appropriate service. BIG-IP PEM can integrate with the virtual infrastructure associated with the services by orchestrating the allocation of virtual resources for each.

Intelligent Services Framework

F5 has developed its intelligent services framework (ISF) to deliver intelligent solutions that meet the demands of today's evolving networks. The foundation of the ISF solution for CSPs, BIG-IP PEM integrates and interacts with other F5 solutions, including BIG-IP Carrier-Grade NAT (CGNAT), F5 Traffix Signaling Delivery Controller (SDC), BIG-IP Global Traffic Manager (GTM), BIG-IP Advanced Firewall Manager (AFM) and BIG-IP Local Traffic Manager (LTM). Using a common architecture, BIG-IP PEM is able to gain additional insight from the analytics provided by the other components and respond to an enhanced understanding of traffic patterns and subscriber behaviors. All of the solutions require information regarding the subscriber, their profiles as defined by the CSP, and how the applications accessed by each subscriber need to be handled.

It may be necessary to apply different security policies through BIG-IP AFM based on the applications and which enhanced services the subscriber has signed up for. In the mobile environment, with IPv6 devices becoming standard equipment, it is necessary to provide network address translation (NAT) services to subscribers and their applications while still retaining the ability to identify and track subscribers across the network for law enforcement purposes.

Ultimately, all of the components in the ISF solution, because they sit in the data plane and control plane of the network, deliver a comprehensive picture of network health and insight into how subscribers are utilizing the resources available. Through automated management and orchestration, it becomes possible to take advantage of the information received through different components to make intelligent decisions about modifying policies or resources to maintain network and application accessibility.

Figure 2: A single BIG-IP platform, built for today's application-centric networks, provides full proxy visibility, control, and extensibility.


BIG-IP PEM provides a critical function within next generation architectures in the CSP environment. Specifically, it creates a centralized and flexible framework for enabling new services as CSPs look to enhance their subscribers' experiences and create additional value.

Providing advanced insight, subscriber awareness, and traffic steering functionality, along with the ability to integrate with management and orchestration systems, BIG-IP PEM supports the NFV model for virtualizing and commoditizing services in the network environment. Further, BIG-IP PEM is a core component of the F5 ISF solution for CSPs, which delivers enhanced, centralized functionality under a common hardware architecture. This architecture allows CSPs to gain significant benefits when looking to consolidate the EPC within a flexible platform. The complete solution eases the management of subscriber data services, enables network operators to easily add new services with minimal disruption, and creates a flexible environment that is easy to manage and maintain.