Network visibility is imperative for mobile operators. Whether the motivation is to identify new revenue streams or reduce operational costs, mobile operators need ways to monitor and mine their networks specifically focusing on subscribers, applications, networks, and devices. To this end, they replicate traffic from the mobile packet core, funneling flows to network packet brokers which aggregate, replicate, filter, optimize and forward relevant traffic flows to network monitoring and analytics tools.
Figure 1. Network Visibility and Analytics solutions
Network visibility architectures have evolved through multiple generations as mobile radio technology evolved from 2G to 3G and then to 4G.
During the 2G era, when traffic was predominantly legacy voice, monitoring tools were primarily used to analyze quality of experience (QOE) of voice calls. Because bandwidth requirements were low, mobile operators directly forwarded replicated voice traffic from the Mobile Switching Center (MSC) to voice quality monitoring tools.
With the advent of 3G, the share of mobile data traffic began to grow steadily requiring operators to deploy new tools to monitor data traffic. As the number of these tools grew (to monitor security, application and network performance, customer experience etc.), feeding them replicated data from the network became challenging. Further, the escalating costs associated with scaling tools became prohibitive.
The first generation of network packet brokers came into existence to address these challenges. They provided traffic aggregation and replication at scale, enabling operators to deploy a large number of tools. We refer to the first generation of network packet brokers as Brocade Packet Broker 1.0 Architecture (figure 2).
Figure 2. Brocade Packet Broker 1.0 Architecture
The Advent of 4G and the Evolution of Network Packet Brokers
With the advent of 4G and the shift in the share of network traffic from voice to data, the cost of deploying monitoring tools skyrocketed. To help contain escalating tool costs, network packet brokers evolved to support deep-packet filtering capabilities which minimized the volume of traffic that tools needed to process. IMSI based filtering and Application based whitelisting are some examples. With deep-packet filtering, network packet brokers could now inspect tunneled traffic to determine subscriber identity, type of application and network parameters, providing a rich set of criteria for forwarding flows.
Another key challenge mobile operators contend with is session handovers between 3G and 4G access.
When a subscriber using, say, WhatsApp is moving, the layer-3 tunnel IP address associated with his device may change frequently. And monitoring tools need to correlate mobile control and user traffic to effectively analyze the session. This process, referred to as GTP Correlation often consumes more than 25% of the compute resources of the tool, leaving less capacity for the tool’s core functions.
Brocade addressed this challenge by offloading GTP correlation from tools, providing pre-correlated traffic which freed up tool compute resources. Brocade’s network visibility solution evolved to introduce an SDN architecture, with a software-based control element called the Session Director that processes mobile control traffic and intelligently programs flows in the packet broker hardware in real-time.
A third key challenge involved the growing need for real-time traffic monitoring. Monitoring tools are most effective when they can request and receive the flows they require in real-time. This is especially critical for use cases like security monitoring and video QOE assurance solutions.
With Brocade’s SDN-based Packet Broker architecture, tools can make flow requests via APIs in real-time and receive the flows they require on-demand (in under 1 millisecond). We refer to this architectural evolution as Brocade Packet Broker 2.0 Architecture (figure 3).
Figure 3. Brocade Packet Broker 2.0 Architecture
Network Visibility in the era of 5G and the Internet of Things
The growth of mobile data traffic continues on an exponential curve and operators are preparing to support hundreds of billions of network connections - largely driven by machine-to-machine traffic from the Internet of Things. As operators chart the course to 5G and migrate to software-based, virtualized network infrastructures, their visibility infrastructure needs to follow suit.
To achieve the scale and performance needed for 5G and IOT, Brocade has continued on the path of innovation to disaggregate the hardware packet broker by introducing the , leading to Brocade Packet Broker 3.0 Architecture (figure 4).
Figure 4. Brocade Packet Broker 3.0 Architecture
Mobile Networks are evolving to support the explosive growth of Machine to Machine (M2M) communications and IOT.
Legacy, hardware-centric network packet brokers can’t meet the growing need for scale, agility and programmability as operators plan virtual EPC (vEPC) and/or 5G rollouts to support M2M traffic. Operators should therefore explore scalable, SDN-enabled and NFV-based packet brokers to ensure that they are able to monitor their next-generation networks under demanding conditions cost effectively. The days of proprietary, hardware-centric packet brokers are numbered. Stay tuned for more on this.