RELATED CONTENT
Protect Your 4G Investment with Your 5G Deployment Strategy
Find out challenges that Service Providers are facing in their 4G to 5G migration.
Moving to a cloud-native architecture provides service providers with many advantages and challenges. Learn how F5 can help by delivering unparalleled solution offerings as you transition to 5G.
Delivering Applications in a 5G World
We are living in a world where we are connected to everything, everywhere. This is possible thanks to thousands of applications developed to enhance our day-to-day lives. The introduction of the fifth generation of mobile technology, 5G, has been a catalyst in accelerating the development of even more new applications. Applications need to react in real time and be close to the user, resulting in a movement of applications toward the edge through multi-access edge computing (MEC). MEC brings compute, storage, and networking closer to applications, devices, and users. It also delivers lower latency and enhanced security, paving the way for the ever-expanding gamut of innovations in industries ranging from government to healthcare to manufacturing.
A Cloud-Native Architecture Is Vital in an App-Centric World
Service providers are beginning their 5G journeys by building out their end-to-end 5G microservices-based, cloud-native infrastructure from the core to the edge and far edge of the network. This cloud-native solution is an evolution of a virtualized network. It provides the ability to dynamically place workloads within a network to enable new levels of operational automation, flexibility, and adaptability.
Moving to a cloud-native architecture provides service providers with many advantages:
Cloud-native applications consume up to 40% fewer resources compared with virtual machine-based software.
Shifting to Network Disaggregation with a Service-Based Architecture
Service providers will need to define and deploy a cloud-native infrastructure across the entire network from the core to the far edge. As defined by the 3rd Generation Partnership Project (3GPP), a Service-Based Architecture (SBA) is a set of interconnected network functions (NFs) that deliver the control plane functionality and common data repositories of a 5G network. Supporting a cloud-native SBA brings new requirements for the control, coordination, and orchestration of disaggregated network functions that are distributed across the network. These network functions are containerized microservices that can support the 5G Core, virtualized radio access network (vRAN), and N6-LAN NF. With a distributed, disaggregated network, service providers can obtain an adaptive network that scales as needed, thus avoiding initial preliminary upfront costs incurred with static 4G networks.
Figure 1: A 5G end-to-end, cloud-native architecture from core data center to far edge
5G Ushers in Network Disaggregation
A cloud-native, service-based architecture has brought about a paradigm shift that enables service providers to migrate from a vertical to a horizontal stack implementation. A vertical stack approach increases vendor lock-in and requires that each vendor enables its own infrastructure, thereby increasing complexity.
A horizontal stack approach breaks such vendor complications and limitations while enabling the service provider to maintain control and visibility of its network. With a horizontal stack, service providers gain a consistent cloud-native infrastructure (telco cloud) implemented across core, edge, and far-edge sites—supporting vRAN, a standalone (SA) 5G Core, internal applications, and enterprise- and consumer-facing applications. In this way, 5G allows service providers to move to a horizontal stack approach, making it possible to scale edge sites as needed for the enterprises they serve.
A cloud-native, service-based architecture has brought about a paradigm shift that enables service providers to migrate from a vertical to a horizontal stack implementation.
Figure 2a: Vertical stack approach
Figure 2b: Horizontal stack approach
Table 1 highlights the key drivers for 5G disaggregation, which enables service providers to realize the complete benefits of a cloud-native infrastructure.[1]
DRIVERS FOR DISAGGREGATIONS
Dynamic and real-time network maintenance
Automated and closed-loop maintenance predicated on model- and policy-driven processes, open application programming interfaces (APIs), and cross-domain and real-time data and telemetry
Multi-vendor 5G network deployments
Multi-vendor, modular, and horizontal stack for 5G Core deployments that are interoperable among multiple clouds (for example, telco cloud, edge, public)
Cloud-native methodologies and technologies
Underpinning technologies including Kubernetes, microservices, state-optimized design, service mesh, network service mesh, Platform as a Service (PaaS), machine learning, and artificial intelligence
Malleable software design
Software design is pegged to fine-grained, isolated, and elastic functions (microservices) based on declarative (model-like) DevOps and cloud principles. This is in contrast to physical appliances characterized by coarse-grained component granularity, linear processes, and a prescriptive/imperative (script-like) model.
Table 1: Drivers for disaggregation in a 5G network[1]
Cloud-Native Challenges for Service Providers
Kubernetes has become the enterprise standard for cloud-native architecture container management and orchestration. However, service provider networks have unique requirements that Kubernetes doesn’t meet. The challenges that service providers face with Kubernetes include:
F5 5G Service Provider Solutions
F5 provides solutions that address these cloud-native infrastructure challenges and support the networking and security requirements for the vRAN, 5G Core, and enterprise applications. The company also supports service providers as they transition from 4G to 5G. F5 solutions and services include:
Figure 3: F5 solutions across a distributed 5G network
F5 BIG-IP Service Proxy for Kubernetes
Within the 5G micro-container based architecture, service providers must have a way to maintain real-time application visibility and analytics. They must also be able to scale to meet application delivery demands, ensuring applications are available during development and production.
The F5 BIG-IP Service Proxy for Kubernetes (SPK) is a unique offering specifically designed to help service providers monitor the health of their container-based applications. BIG-IP SPK provides ingress/egress control with multi-protocol signaling support and critical cloud security, helping to deploy a cloud-native infrastructure across a service provider network. BIG-IP SPK aligns with Kubernetes design patterns for configuration and orchestration. It also provides industry-leading networking and security features to a Kubernetes-based infrastructure. BIG-IP SPK delivers:
Ingress/egress control
Security
Visibility
F5 Carrier-Grade Aspen Mesh
F5 Carrier-Grade Aspen Mesh helps service providers improve application traffic visibility, security, and policy management. The service mesh is designed specifically for service provider cloud-native infrastructures and is built on the open source platform Istio with added features critical for a service provider network. F5 Carrier-Grade Aspen Mesh delivers:
In addition to these features, F5 Carrier-Grade Aspen Mesh provides packet capture capabilities, which standard Kubernetes does not. Packet capture is important for troubleshooting communication issues between CNFs within the cluster and to support governmental requirements such as lawful intercept.
5G SA Core Example
BIG-IP SPK and Carrier-Grade Aspen Mesh solve different challenges of using Kubernetes in a 5G cloud-native infrastructure. BIG-IP SPK meets the need for multi-protocol signaling support, security, and visibility of traffic into the Kubernetes cluster, while Carrier-Grade Aspen Mesh addresses communication between CNFs. Both are critical to the deployment of a 5G cloud-native infrastructure.
Figure 4: An SA 5G Core, cloud-native networking architecture utilizing BIG-IP SPK and Carrier-Grade Aspen Mesh
F5 N6 LAN Services
5G networks deliver dynamic applications that can be deployed at the core data center, edge, and far edge. As a result, network functions that used to be located in the S/Gi-LAN in 4G are now service-based CNFs that can move to the location of the applications.
These new NFs are self-contained, independent, and reusable. Each network function service exposes its functionality through a service-based Interface (SBI), which employs a well-defined REST interface using HTTP/2. This functionality, called N6 LAN, is at the N6 interface between the packet gateway and the data network.
F5 N6 LAN network functions include traffic management, network security, DNS services, policy enforcement, and carrier-grade network address translation (NAT). Until recently, most of these services have been implemented as dedicated hardware devices, but the rise of network functions virtualization (NFV) has led a gradual transition to virtualized appliances running on common server infrastructure or commercial off-the-shelf solutions.
To meet service provider needs, F5 provides the industry’s most comprehensive set of N6 services in a consolidated and virtualized solution. Consolidating and virtualizing N6 services can result in up to a 60% reduction in capital and operating expenditures—while boosting performance and lowering latency.[2]
The F5 N6 services solution integrates a wide range of services from security to video optimization into a single platform. Service expansion is simplified, and the unified framework ensures there is a common technology to help service providers optimize their network and transition to 5G.
Figure 5a: Gi-LAN/N6 services offered
Figure 5b: F5 simplifies the design, deployment, and operation of critical N6 services
With F5 N6 solutions and services, service providers can:
F5 Security Solutions
5G delivers more connection points, higher throughput, and new protocols that increase the number of security attack surfaces. Comprehensive security is required throughout the network including at the core, edge, and far edge. F5 security tools include:
F5 DDoS protection: Delivers seamless, flexible, and easy-to-deploy solutions that enable a fast response, no matter the type of distributed denial-of-service (DDoS) attack. DDoS protection products include F5 DDoS Hybrid Defender and F5 Silverline DDoS Protection.
F5 AFM: Provides comprehensive protection for networks and protocols to ensure subscriber’s experience to reduce churn and increase revenues. Actionable visibility enables fast mitigation of attacks.
F5 Advanced Web Application Firewall (WAF): Protects apps with behavioral analytics, proactive bot defense, and application-layer encryption of sensitive data. Defends against the most prevalent attacks against apps without requiring updates to the apps themselves.
F5 Shape security: Leverages artificial intelligence and machine learning to defeat attackers and prevent fraud. Protects web and mobile applications and API endpoints from sophisticated automation attacks that would otherwise result in large-scale fraud.
Why Use Service Provider 5G Solutions from F5
Smooth the transition to 5G
Maintain the 4G infrastructure and foster interoperability with Kubernetes and the 5G Core with help from F5 that includes:
Achieve cloud-native performance and security
Build a cloud-native, container-based architecture by leveraging Kubernetes and advanced security. With F5, service providers can:
Maximize traffic visibility and control
Gain service provider-related functionality for the control and visibility that are critical for transitioning to 5G with Kubernetes containers. F5 delivers:
Conclusion
5G networks are poised to deliver high bandwidth, low latency, and faster performance—both driving and enabling application innovation and new business models. To deliver cost-effective 5G performance, service providers are taking advantage of the microservices-based, cloud-native containerized architecture already in use by enterprises. These new solutions give service providers the ability to dynamically place workloads within a network and build out their MEC platform to support the next generation of applications.
Leading-edge solutions from F5 help service providers deliver new 5G functionality while maintaining their existing 4G core networks. F5 BIG-IP Service Proxy for Kubernetes (SPK) and F5 Carrier-Grade Aspen Mesh enable service providers to maintain real-time application visibility, scale to meet demand, and increase traffic visibility and security. At the same time, F5 N6 LAN solutions help service providers deliver network functions where they are needed, saving cost and improving performance. These solutions work in conjunction with F5 security solutions designed to protect networks from new attack vectors and threats. With the right solutions in place, service providers can take advantage of the many benefits of a cloud-native infrastructure from the core to the far edge of the network as they embark on the 5G journey.
[1] ABI research, “Cloud-Native Networking for a 5G Era”
[2] F5 Solution Overview, “Gi LAN Simplification”