Thriving in the Age of Accelerations

In his book, Thank You for being Late, Thomas Friedman describes how Moore’s Law has ushered in the “Age of Accelerations.”

As Friedman points out, a US$300 Sony PlayStation (PS4) launched in 2013 contained the same amount of computing power as a US$55 million ACSI Red supercomputer from 1997.

That’s the magic of exponential growth, and industries across the world are fuelled and inspired by it.

Yet, while the world is changing fast, the telecoms industry isn’t keeping up. Why is that?

In part, it is because many are reluctant to embrace the full power of the cloud.

Whereas the cloud and hyperscalers have enabled the tech industry to grow spectacularly in the past decade, telcos have often been more concerned with network functions virtualization (NFV) headaches.

In many ways, their reluctance is understandable. You can’t just transplant a generic cloud architecture into a telecoms network. At every juncture, the technology needs to be tuned to the specifics of a telecoms environment.

Fortunately, things are starting to change.

Standalone 5G opens the cloud door

The advent of standalone 5G, with a software-friendly service-based architecture (SBA), is opening the cloud door for telcos. In fact, cloud technology and its operation model are central to realizing the full potential of 5G.

For example, Kubernetes and containerization, in particular, can make telecoms networks significantly more versatile, scalable, and adaptable. And, beyond the technology itself, the cloud operation model is now emerging as a blueprint for future success in this space.

Encouragingly, forward-looking telcos are already reaping major benefits by moving in this direction.

Standout examples include Rakuten Mobile, which is adopting service reliability engineering (SRE) practices and building a cloud-native operating model. All while ensuring there are no silos between the network and IT teams.

This gives Rakuten Mobile has a high level of observability and visibility into network performance with built-in analytics and automation. It can also innovate rapidly and deploy new applications quickly. The results speak for themselves: Rakuten was able to launch six new plans within a single year, reducing average customer onboarding times from a few hours to five minutes.

Know your obstacles!

So, what challenges do we need to address to make cloud more telco friendly?

There are several technical conundrums that spring to mind, including high availability and support of telco-specific workloads in Kubernetes. Then there are the various 5G network functions (AMF, SMF, UPF, etc.), which all communicate through interfaces or APIs using the Diameter protocol. Unfortunately, HTTP has not been built to deal with such protocols and all the complexity of their statefulness.

On top of that, there are data sovereignty regulations, the cost of transactions and heavy telco workloads. Telcos are also more security conscious than companies in other sectors, which has hampered innovation in the past.

In addition, it is worth noting that, unlike traditional High Availability (HA) design models where a full chassis (or a VNF) fails over to another (with the burden of the complexity of large number states), the cloud model can offer an alternative based on a simple container. However, this assumes careful management of the flows between all the individual 5G NFs at the granularity level of each HTTP/2 message. With the absolute right level of performance scale and security. This should be true for both ingress and egress of each Kubernetes cluster. At the same time, these individual elements must be operated as a group, and lessons need to be learned from telcos’ historic struggles with NFVs (more on this later). 

Building a customized telco cloud

Given their very specific requirements, telcos should consider building their own cloud where and when they can, while leveraging public cloud where and when it makes sense.

Adopting this approach ensures full ownership and control of customers, role-based access control systems (RBAC), and identity and access management (IAM). The same applies to things like charging, billing, policy, and resource partitioning - all essential to maintaining strong customer relationships.

Using cloud operations models for day 0 to 2, and streamlining lifecycle management and SRE, are key to success. However, building a telco cloud requires cloud skills and expertise, both of which are in short supply.

Moreover, this kind of hybrid/multi-cloud model creates additional networking and security challenges that need to be carefully and efficiently addressed. In the cloud, applications communicate through APIs and are generally split into microservices running across multiple clusters in multiple locations. For telcos, that represents a new paradigm. API gateways are the new “routers” and API security is the new “firewall.” Crucially, this new paradigm must allow users to connect securely to their apps, wherever they are, and ensure full flexibility.

It is also vital that telcos adopt true cloud-native technologies, rather than adding a cloud veneer to existing technologies.

One of the problems with NFVs was that vendors took existing physical network functions (PNF), wrapped them with a collection of software components – some heavier than others – and called them virtual network functions (VNF). The same mistake is now being repeated where many VNFs, some already heavy, are being wrapped in Kubevirt or Virtlet, and tagged cloud-native network functions (CNFs).

A true cloud-native CNF should be API-based, custom resource definition-driven, lightweight, and secure. It should also be easy to scale-out horizontally and/or vertically, whenever needed, and without a tradeoff in capabilities or performance. Simple to deploy and operate, true cloud-native architectures offer dynamic elasticity and scale, continuous deployment and automation principles, and a smaller footprint.

Building bridges between the cloud and telecoms

At F5, we understand all these challenges. We straddle the worlds of enterprise IT, cloud, and telecoms. And we have decades of expertise in high-volume traffic management and security.

We also have the tools to solve the operational challenges in hybrid and multi-cloud environments, including edge deployments. In other words, F5 can modernize networking and security infrastructures and cloud operations for better agility and customer experiences, while reducing total cost of ownership.

Over the past few years, we’ve focused on three key areas:

• Solving cloud operations challenges and lifecycle management in hybrid and multi-cloud environments, including more comprehensive networking and security technology through F5 Distributed Cloud Services.
• Creating BIG-IP Service Proxy for Kubernetes (SPK) to provide full support and security for 5G network functions and telco workloads to benefit fully from the cloud.
• Introducing true cloud-native CNFs for the Gi-LAN/N6 to fully streamline and secure cloud operations without comprising on capabilities, performance, or scale.

To date, we have helped more than 60 global telco customers with their 4G S/Gi-LAN projects, consolidating many of their critical security and advanced customer capability functions. Now we are working with several of them to empower their transition to modern architectures that support 5G and leverage the power of the cloud.

For example, Rakuten Mobile is now using our CNFs in Japan, whereas Rakuten Symphony is making our CNFs available to a global audience via the Symworld marketplace. That amounts to a double-endorsement of our technology from one of the world’s most cloud-savvy telcos.

Going forward, we envision our new CNFs will be deployed in both 4G and 5G use cases to support service provider offerings. These true cloud-native functions are the result of a long engineering journey, rearchitecting from the ground up versions of popular, trusted F5 security functions. Our objective has always been clear: no tradeoff in security capabilities in the modernization journey.

Meanwhile, our Distributed Cloud Services can be deployed for any cloud, be it private, public, or edge, supporting application networking and security for accelerated digital transformation, all with best-in-class cloud operations and SRE.

Furthermore, we’ve addressed the challenges of supporting 5G network functions and telco workloads in Kubernetes environments. That’s why F5 built BIG-IP Service Proxy for Kubernetes (SPK), which we believe will profoundly strengthen, secure, and simplify the cloud journey for telcos.

Clearly, telecoms and cloud are starting to converge. To succeed in the coming years, telcos will need to efficiently, and effectively, harness advances from both worlds. They also need to work with third parties for key functions and infrastructures, and partner with companies like F5 to simplify operations. If all the parts are aligned, telcos can flourish in the cloud(s), as well as maintain the high levels of security and reliability customers increasingly expect and demand.