Service Provider | 5G Applications
The introduction of 5G is a catalyst in accelerating the development of millions of new applications. Massive amounts of data-heavy and latency-sensitive applications are being developed, resulting in a movement of subscriber computing to multi-access edge computing (MEC). MEC brings computing, storage, networking, and services closer to applications, devices, and users. It also delivers lower latency and enhanced security, paving the way for innovations in industries ranging from government to healthcare to manufacturing.
Service providers continue the 5G journey by building out microservices-based, cloud-native infrastructure from the core to the edge of the network. This cloud-native solution is an evolution of a virtualized network. Dynamically provisioning workloads within a network enables new levels of operational automation, flexibility, and adaptability.
Moving to a cloud-native architecture includes many advantages:
Service providers are defining and deploying a cloud-native infrastructure across the entire network from the core to the far edge. As defined by the 3rd Generation Partnership Project (3GPP), a Service-Based Architecture (SBA) is a set of interconnected network functions (NFs) that deliver the control plane functionality and common data repositories of a 5G network. Supporting a cloud-native SBA brings new requirements for the control, coordination, and orchestration of disaggregated network functions that are distributed across the network. Network functions are containerized microservices that can support the 5G Core, virtualized radio access network (vRAN), and the N6-LAN network functions.
Cloud-native, service-based architecture introduces a paradigm shift that enables service providers to migrate from a vertical to a horizontal stack implementation. A vertical stack approach increases vendor lock-in and requires that each vendor enables its own infrastructure, increasing complexity.
A horizontal stack approach breaks such vendor complications and limitations while enabling the service provider to maintain control and visibility of its network. With a horizontal stack, service providers gain a consistent cloud-native infrastructure (telco cloud) implemented across core, edge, and far-edge sites—supporting vRAN, a standalone (SA) 5G Core, internal applications, and enterprise- and consumer-facing applications 5G allows service providers to move to a horizontal stack approach, making it possible to scale edge sites as needed for subscribers.
Table 1 highlights the key drivers for 5G disaggregation, which enables service providers to realize the complete benefits of a cloud-native infrastructure.1
Dynamic and real-time network maintenance |
Automated and closed-loop maintenance predicated on model- and policy-driven processes, open application programming interfaces (APIs), and cross-domain and real-time data and telemetry |
Multi-vendor 5G network deployments |
Multi-vendor, modular, and horizontal stack for 5G Core deployments that are interoperable among multiple clouds (for example, telco cloud, edge, public) |
Cloud-native methodologies and technologies |
Underpinning technologies including Kubernetes, microservices, state-optimized design, service mesh, network service mesh, Platform as a Service (PaaS), machine learning, and artificial intelligence |
Modern software design |
Software design is pegged to fine-grained, isolated, and elastic functions (microservices) based on declarative (model-like) DevOps and cloud principles. This is in contrast to physical appliances characterized by coarse-grained component granularity, linear processes, and a prescriptive/imperative (script-like) model. |
Table 1: Drivers for disaggregation in a 5G network1
Kubernetes has become the standard for cloud-native architecture container management and orchestration. However, Kubernetes was not designed to host telco network functions (NFs) and their telco specific protocols, such as 5G HTTP/2-REST, Diameter, SIP, GTP, and SCTP.
The challenges that service providers face with Kubernetes include:
F5 provides solutions that address these cloud-native infrastructure challenges and support the networking and security requirements for the vRAN, 5G Core, and enterprise applications. F5 solutions include:
The F5 BIG-IP Next Service Proxy for Kubernetes (SPK) is a unique offering specifically designed to provide a single point of networking and security for Kubernetes and specifically architected for service provider networks. BIG-IP Next SPK provides a single point of networking for the cluster (ingress and egress), reduces the attack surface for greater security, and supports 4G and 5G signaling protocols. BIG-IP Next SPK aligns with Kubernetes design patterns for configuration and orchestration. BIG-IP SPK delivers:
Ingress/egress control
Security
Visibility
F5 Carrier-Grade Aspen Mesh helps service providers improve application traffic visibility, security, and policy management. The service mesh is designed specifically for service provider cloud-native infrastructures and is built on the open source platform Istio with added features critical for a service provider network. F5 Carrier-Grade Aspen Mesh delivers:
In addition to these features, F5 Carrier-Grade Aspen Mesh provides packet capture capabilities, which standard Kubernetes does not. Packet capture is important for troubleshooting communication issues between CNFs within the cluster and to support governmental requirements such as lawful intercept.
BIG-IP Next SPK and Carrier-Grade Aspen Mesh solve different challenges of using Kubernetes in a 5G cloud-native infrastructure. BIG-IP Next SPK meets the need for multi-protocol signaling support, security, and visibility of traffic ingressing and egressing the Kubernetes cluster, while Carrier-Grade Aspen Mesh addresses communication between CNFs. Both are critical to the deployment of a 5G cloud-native infrastructure.
5G networks deliver dynamic applications that can be deployed at the core data center, edge, and far edge. Network functions that used to be located in the S/Gi-LAN in 4G are now service-based CNFs that can move to the location of the applications.
New network functions are self-contained, independent, and reusable. Each network function service exposes its functionality through a service-based interface (SBI), which employs a well-defined REST interface using HTTP/2. This functionality, called N6 LAN, is at the N6 interface between the packet gateway and the data network.
F5 N6 LAN network functions include traffic management, network security, DNS services, policy enforcement, and carrier-grade network address translation (NAT). Until recently, most of these services have been implemented on dedicated hardware devices, but with the rise of virtualized infrastructure those network functions are now being deployed as virtual network functions (VNFs) and more recently cloud-native network functions (CNFs).
To meet service provider needs, F5 provides the industry’s most comprehensive set of N6 services in a consolidated and virtualized solution. Consolidating and virtualizing N6 services can result in up to a 60% reduction in capital and operating expenditures—while boosting performance and lowering latency.2
The F5 N6 services solution integrates a wide range of services from security to video optimization into a single platform. Service expansion is simplified, and the unified framework ensures there is a common technology to help service providers optimize their network and transition to 5G.
F5’s N6 LAN network functions may be consumed as hardware appliances, VNFs, or CNFs, allowing the service provider to choose the best deployment solution for the use case.
With F5 N6 solutions and services, service providers can:
5G delivers more connection points, higher throughput, and new protocols that increase the number of security attack surfaces. Comprehensive security is required throughout the network, including at the core, edge, and far edge. F5 security tools include:
F5 DDoS protection: Delivers seamless, flexible, and easy-to-deploy solutions that enable a fast response, no matter the type of distributed denial-of-service (DDoS) attack. DDoS protection products include F5 DDoS Hybrid Defender and F5 Silverline DDoS Protection.
F5 AFM: Provides comprehensive protection for networks and protocols to ensure subscribers’ experience to reduce churn and increase revenues. Actionable visibility enables fast mitigation of attacks.
F5 Advanced Web Application Firewall (WAF): Protects apps with behavioral analytics, proactive bot defense, and application-layer encryption of sensitive data. Defends against the most prevalent attacks against apps without requiring updates to the apps themselves.
F5 Distributed Cloud Bot Defense: Leverages artificial intelligence and machine learning to defeat attackers and prevent fraud. Protects web and mobile applications and API endpoints from sophisticated automation attacks that would otherwise result in large-scale fraud.
Smooth the transition to 5G
Maintain the 4G infrastructure and foster interoperability with Kubernetes and the 5G Core with help from F5 that includes:
Achieve cloud-native performance and security
Build a cloud-native, container-based architecture by leveraging Kubernetes and advanced security. With F5, service providers can:
Maximize traffic visibility and control
Gain service-provider-related functionality for the control and visibility that are critical for transitioning to 5G with Kubernetes containers. F5 delivers:
The introduction of 5G is a catalyst in accelerating the development of millions of new applications. Massive amounts of data-heavy and latency-sensitive applications are being developed, resulting in a movement of subscriber computing to multi-access edge computing (MEC). MEC brings computing, storage, networking, and services closer to applications, devices, and users. It also delivers lower latency and enhanced security, paving the way for innovations in industries ranging from government to healthcare to manufacturing.
1 ABI research, “Cloud-Native Networking for a 5G Era”
2 F5 Solution Overview, “Gi LAN Simplification”