Disclaimer: The views expressed in this article are those of the author and do not necessarily reflect the views of the Economic Times – ET Edge Insights, its management, or its members

Data Center 4

With new, cloud-enabled services and IoT architectures to manage, Telcos need to re-think their network and security architectures. Here are some new technology enablers.

Anil Chopra, VP-Research and Consulting, CMR

Just about every industry has undergone huge disruption in the recent past and the telecom sector is no exception. Voice is no longer the core service, but just one of the many services offered by the sector. Many other industries now rely on telcos for their data connectivity needs, be it e-commerce services, OTT and other streaming services, social media apps, various messenger services to name a few. Telcos must therefore re-think their data center, network, and security architectures to cater to these growing requirements. At the recently held ET Digital Warriors conference, a fireside chat was held with Mathan Babu Kasilingam, the newly appointed CISO of Vodafone Idea, and Sajan Paul, the MD and Country Manager for India and SAARC, Juniper Networks  to discuss some of the technologies that can address the new requirements. It was moderated by Anil Chopra, VP-Research and Consulting, CyberMedia Research. Here are the key takeaways.

Network Architecture Critical for Complete Visibility and Quality of Service

According to Mathan Babu, security is key for such a complex network, so complete network visibility is his top priority. Typically, when it comes to network visibility, telecom equipment is usually delivered as a black box and doesn’t really fall under the purview of such visibility. So if the visibility for IT assets is 100%, it’s between 10-40% for non-IT ones. “My intent is to improve the overall visibility, as I can only protect what’s visible to me”, he said.

The second most important priority for Kasilingam is to improve the security posture of such a complex network is to study the packets flowing through it. With consumer devices becoming more powerful, they can be put to malicious use. Therefore, doing a deep packet inspection of every packet that enters the teleco’s network becomes critical to provide the right Quality of Service to consumers.

Sajan Paul, MD and Country Manager for India and SAARC at Juniper Networks agrees that network visibility is probably the first step to identifying an issue and then creating a framework to respond to that. Being a key player globally in the telecom infra space, he feels that Telcos act as conduits in providing services like OTT to consumers. The visibility into this conduit is limited for them as they can’t just keep watching every packet flowing from the clients to cloud. “Instead, what’s more important is to get the state of the network behaviour and intelligently assess how the network behaves against certain traffic patterns”, he said. “That’s the level of visibility that Juniper offers, especially with our two recent acquisitions—Apstra and Netrounds”, he added. He also feels that a security layer on top of this network is critical to protect all services being offered, since most of them are monetizable assets. “We have visibility from ongoing operation, and to give monetizable assurance reports”, he added.

Network Virtualization Necessary for Scalability

VI has been ahead of the curve in deploying edge data centers and NFV (Network Function Virtualization). These are necessary in order for the infrastructure to scale as the number of services increases. Mathan feels that though they’ve not completely virtualized their network function, but they recognize it as a core function, and have prepared the backend infrastructure to cater to their growing needs. “To that extent, we’re ahead of the curve and makes us ready even for the upcoming 5G roll-outs”, he said.

Technologies to Manage Everything from Client to Cloud

The journey to the cloud requires looking at everything from the client to the cloud. That’s because client is where data is consumed and cloud is where it’s consumed from. There’s a lot of legacy and modern systems as well as security frameworks in between. It’s essential to look at the complete journey in order to offer best services. “We’re looking at the full journey from client to cloud”, said Paul.

Juniper has been on an  acquisition spree to manage this client to cloud journey. Their Netrounds acquisition brings them an assurance tool that ingests the visibility that the company offers from their data mining tools and provides measurable assurance record that can either be monetized, used as CSAT proof, or used as an input into the planning exercise.

Another Juniper acquisition, 128G (named after a street in Boston) is in the SDWAN space. “It’s a completely de-coupled architecture that creates an experience fabric between the data center, network, and client applications’, added Paul. Juniper calls it session smart routing, where the user’s experience is used as a metric to route traffic. Juniper’s other acquisition, Apstra is a multi-vendor data center visibility and automation tool with orchestration capabilities.

Cloud-Based Security Frameworks Need DevSecOps

According to Mathan Babu, the key thing to do in security is to bring it closer to whatever’s being protected. If it’s Infrastructure security, then bring security close to the infrastructure. If it’s information security, bring security close to the information, etc. In case of cloud, where DevOps kicks in, security becomes a challenge with vendors opening up API interfaces to connect to. The concept that becomes important here is DevSecOps, which requires thinking about application and infrastructure security from the start. This is a challenge as it involves taking security as close to DevOps as possible. Security of DevOps is to ensure you have visibility into what’s happening as applications run on the infra–How to hook into the memory, how to see the processes running, what’s getting spun up, etc.

AIOps Key to Managing Scalability and Network Complexity

Scalability is crucial in today’s telco data center infrastructure and automation is a key part of it, where machines themselves take decisions. For instance, as part of the QoS, if a certain bandwidth has been allotted to a client, and there’s a sudden spike in usage, the system should automatically be able to detect that and do the necessary provisioning and spin up the required number of machines. This avoids unnecessary investments in over-provisioning infrastructure based on a thought that a spike might happen. “Automation here will enable us to run cloud native applications like DevOps to run effectively”, said Mathan.

On this, Sajan said that “Modern architectures involve unlimited compute, storage, and probably even connectivity. The scale and complexity we’re now addressing is an order of magnitude different from what we used to in the last decade or so. We’re trying to do scale and complexity at the speed of light.” He said that the success in doing this is in hiding the complexity of the infra. “That’s what we’re trying to do in our automation landscape, and we call this AI Ops, which is done using tools like Apstra”, he added.

5G a Must for Serious IoT Deployments

Nowadays, IoT is becoming critical for many industries. Telcos can offer a range of critical services by taking data from all the IoT devices and managing them. On this Mathan feels that there’s a huge difference between conventional infra that we’re connecting today as compared to an IoT device that we’re connecting to like car, fridge, etc. Though the packet size of data from the sensors in these devices will be small, their frequency will be very high. Traditional networks like 2G, 3G, and 4G are relatively less equipped to handle such smaller size, high frequency packet flow. It must expand to 5G if we’re serious about getting the most out of IoT deployments.

5G Networks Need Network Slicing

When it comes to 5G, Sajan feels that a new network architecture called network slicing brings more efficiency. It’s very different from MPLS, VPN, etc. which are the static way of doing things. Network slicing enables multiplexing of virtualized and independent logical networks on the same physical network infrastructure. Here, each network slice is an isolated network tailored to fulfil the requirements of a particular application. “It’s like you slice a thing into certain pieces to ensure that each piece functions for a dedicated work and set of time”, he added.

Scalable Connectivity a Must in Age of IoT

The founding vision for Juniper Networks was to connect every “Thing” and empower everyone. During that time, nobody would have thought that there will come a time when the number of “Things” getting connected to the network will far outpace the number of people. “The idea here is to create scalable connectivity with the help of techniques like automated slicing that give guaranteed access to all devices”, said Sajan. He gave the example of their Juniper’s Contrail portfolio, which is an open stack horizontal cloud architecture that’s being deployed in many telecom edge cloud architectures. It makes the network becomes agile, so if a virtual machine can be spun up in a few seconds, the network will exactly follow, even before the virtual machines are imaged, at scale and in a predictable manner.

Disclaimer: The views expressed in this article are those of the author and do not necessarily reflect the views of the Economic Times – ET Edge Insights, its management, or its members

Leave a Comment

Your email address will not be published.