How the AAA server ensures security in telecom networks

How the AAA server ensures security in telecom networks

How the AAA server ensures security in telecom networks

 05th of April 2021

Introduction

In 2020, around 22 billion internet of things (IoT) connected devices were in use worldwide, a number that’s expected to reach 50 billion by 2030, according to Statista. As networks become more complex and vast, configuring and controlling access to ensure security in the absence of Authentication, Authorization, and Accounting (AAA) is virtually impossible. Put simply, AAA is one of the gatekeepers of the modern telecommunications network. And while we all know that it is integral to every network today, it deserves more credit than its usually given in ensuring the security of a modern network.

Device use continues to surge as 5G and the IoT ecosystem become more widespread. Plus, operators now offer more granular and contextual plans for different customers, as well as advanced billing and charging plans for an ever-increasing array of services. As the number of devices connected to a network as well as the services available to them proliferate, networks are more susceptible not only to accounting errors but also to security breaches and threats such as identity theft. AAA assumes a significant role in ensuring security for these dynamically changing network needs.

How AAA works

The AAA server does just as its name suggests: it authenticates or validates subscribers and their credentials, verifies what services and QoS each subscriber is authorized to access, and ensures proper accounting so that customers are accurately billed for the services they use.

Authentication

The first step in AAA security is Authentication. It serves as the first line of defense in protecting network resources against fraud and identity theft, employing multimodal authentication methods.

Whenever anyone tries to access the network, the job of the Authentication function is identifying whether they are meant to be granted access, and also ensuring that the user is in fact who they claim to be. It does so by ensuring the user enters valid credentials, such as username, password, biometrics, or any other security measures that have been implemented by the operator. These credentials are stored in the operator’s database, against which the Auth server verifies the input given by the user. This database is constantly updated and monitored by network and system administrators.

If the user’s credentials are valid, they are granted access. Those with fraudulent or erroneous credentials are denied access. All network use of verified users is monitored and logged for future reference.

Authorization

Once authenticated, the next step for the AAA is determining what policies apply to the user. These policies will govern the user’s authorization levels, defining what resources, services, and QoS the user can access.

AAA policies can be defined on a host of parameters, such as the time or day, the user’s location, how often they’ve logged in, how much bandwidth they’ve consumed, fair usage, and so on. These policies can also restrict certain actions, such as retrieving and/or changing passwords.

Accounting

The final step for the AAA server is to take stock of the network resources accessed by the user, such as data consumption and duration of their session.

These usage details serve two purposes. One, they ensure the user is accurately invoiced for their consumption. Another important aspect of accounting is to enable administrators to access audit logs to review how and by whom the network was accessed. This usage data is useful to gain valuable insights into customer behavior, usage patterns, and more. These business intelligence (BI) insights help operators create more contextual offerings and enable them to anticipate network use.

Benefits of AAA security

AAA offers a host of technical benefits for operators in implementing network security:

  • AAA forms a multi-layered security barrier to secure, measure, and monitor how the network is accessed and by whom, thwarting malicious attempts by cybercriminals to steal and misuse data.
  • As cases of data breaches such as identity theft continue to increase, telecom AAA assumes a vital role in strengthening a telco’s data assets by enabling sound practices in identity and access management.
  • With AAA, controlling access does not require a statically configured network, pre-defined connectivity modes, fixed or immovable systems, or even fixed IP addresses by enabling operators to secure the network using more granular techniques such as integrating user directories to provide access to specific groups of users. This dynamic approach is especially relevant given the growing number of devices accessing the network through various means.
  • It grants operators more control and flexibility in configuring network access, and also lets operators implement multiple standardized authentication methods.
  • It employs several back-up systems to ensure redundancy if one security server is down or there is excessive network congestion.
  • A centralized security database grants specific access to each user using their unique credentials, enabling easy and swift access termination for inactive or banned users.

How Alepo AAA can help mitigate network risks

Alepo’s modern and scalable AAA Server enables flexible configuration and control over how network resources are used. It provides failsafe systems to ensure that there are no lapses in security even during network outages.

The NFV- and 5G-compliant AAA overcomes the previous limitations of physical hardware. With its evolved architecture, Alepo’s future-proof virtualized AAA (vAAA) helps operators optimize infrastructural resources and ensure the network remains secure even when traffic increases. (Also read the whitepaper: The Evolution of AAA Infrastructure For NFVi Compliance.)

The stateless AAA stores sessions and application states in a centralized database, distributing the transaction load for faster response times while ensuring high levels of security.

The dual-stack AAA supports RADIUS and Diameter protocols for full convergence, enabling a single system to enable secure access to services across all networks (fixed, wireless, and mobile). This includes modern services such as IoT, WiFi calling and offload, and more.

With five-nines availability, Alepo AAA Server ensures network performance is always high while keeping the network safe from external security threats.

Alepo has regarded AAA as a crucial network function and has been at the forefront of AAA innovation from its inception. Today, Alepo AAA Server is at the heart of operations for some of the largest telcos in the world, with millions of subscribers benefiting from its capabilities. The cutting-edge solution is high-performance, self-healing, open (via REST and API gateway), and highly configurable, serving diverse use cases. Its AAA Transformation enables even large operators to seamlessly replace the core network functionality without impacting existing systems, ensuring transparent integration with other core components such as BSS and CRM.

Gayatri Sarang

Gayatri Sarang

Lead Content and Engagement Specialist – Marketing

Gayatri is part of the content and communications brigade at Alepo. Having locked focus on the telecom domain in recent years, she has vast and diverse experience in writing for leading publications. She moonlights as a volunteer urban wildlife rehabber and is a passionate baker.

Subscribe to the Alepo Newsletter

Top six ways AI and CX automation revolutionize telcos

Top six ways AI and CX automation revolutionize telcos

Top six ways AI and CX automation revolutionize telcos

14th of December 2020

The evolution of CX

It’s no secret that customer experience (CX) is emerging as the key differentiator for service providers: a Gartner study reports that over two-thirds of marketers say their companies compete primarily on CX. And two modern technologies are facilitating richer and more advanced CX than ever before: artificial intelligence (AI) and automation.

AI is used to mimic human intelligence in responding to situations and conversations. Automation, on the other hand, enables repetitive tasks to run with limited to no human intervention through preset programming. AI and automation, along with customer insights, enhance a telco’s capability to deliver an intelligent customer experience. This powerful combination also revolutionizes the way telcos interact with customers, facilitating them to monitor, track, and manage the customer experience 24x7x365. Artificial intelligence helps operators analyze complex customer behavioral patterns and offer contextual services, plans, and content, whereas automation accelerates these personalized offerings.

Customer care processes have drastically eased with the help of modern, automated, AI-based omnichannel self-care, enabling instant query redressal anytime, anywhere, and on a host of convenient platforms. NLP-based bots and emotional AI can even gauge customer emotions and moods in real-time, enabling personalized support that mimics human responses.

How AI and CX automation transform a telco’s offerings

1. Automated support

A telco’s support and self-care offerings are a major factor in influencing CX. Customers today are less inclined to contact call centers or visit physical stores for support. Instead, they prefer having more control over their accounts to resolve their own issues – using the platform and language of their choice. More telcos are turning to AI technology to improve customer engagement by automating self-care and support offerings. In fact, Servion predicts that, by 2025, AI will power 95% of all customer interactions.

AI chatbots are available for a host of platforms, including web and mobile apps, voice assistants such as Alexa and Cortana, and social platforms like WhatsApp, Skype, Facebook, Twitter, and more. Having steadily gained popularity, they offer a direct and instant link between customers and the operator. Available round-the-clock, they help customers bypass long wait times to speak with CSRs and avoid lines at physical stores. AI chatbots mimic the experience of interacting with a human agent, understanding the customer’s sentiments and responding accordingly.

Chatbots also offer many benefits to service providers. They reduce burden on support staff at stores and in call centers. All interactions are recorded for operator analysis to improve future offerings. And using machine learning, the bots continue to become “smarter” at responding to customer queries, further reducing resolution times and improving CX. Moreover, AI assistants are also good at cross-selling products.

2. Personalized recommendations

AI helps target the right subscriber or group of subscribers at the right time using an in-depth analysis of customers’ past actions, preferences, and needs, which are collected in the form of data and algorithms. It is a powerful tool that encompasses a variety of statistical techniques to evaluate customers’ future actions, making it easier for telcos to showcase products and services that exactly match customers’ requirements in real-time. Operators capture buying preferences and complete historical data, which is then processed using advanced analytical tools to create targeted contextual offers.

AI empowers marketers to design custom campaigns and promotions based on customer preferences and behavior instead of applying a one-size-fits-all strategy. The predictions equip service providers to be future-ready to monetize offerings and respond efficiently to changing market dynamics, helping them not only offer relevant products to the customer but also to manage the supply chain more efficiently as they modify their offerings. This helps boost customer satisfaction and reduce churn while increasing ARPU, facilitating cross-selling and upselling, and more.

3. Omnichannel experience

A digital-first approach that empowers customers with more than just support through multiple channels, an omnichannel experience consolidates all customer interactions and history on a single converged platform. Using AI as part of a cohesive engagement strategy enables a seamless CX, empowering customers to engage with the service provider no matter what device or platform they use. It enables operators to enhance support offerings, reduce resolution times, and improve CX. AI can be integrated with support to offer insights on customer interactions across channels – insights that CSRs can be granted access to, helping reduce response and resolution times, lessen the burden on CSRs, and boost CX.

4. Automated digital onboarding

Customers today increasingly prefer signing up for new services online rather than visiting a store, even more so considering pandemic-related social distancing norms prevalent in many countries. From order to delivery, the entire process of purchasing a new connection can be automated, assuring customers of a quick, easy, and paperless process using the web, mobile, or any other digital channel of their choosing. Digital onboarding solutions help capture key customer information, documents, biometrics, and more, verifying this information in real-time using for secure onboarding.

5. Delightful innovations

Customers expect a constantly advancing service provider who keeps up with technologies to make their life easier. With the widespread adoption of tools like chatbots and voice assistants, it’s only natural for telcos to keep pace and delight their customers with new and useful technologies driven by AI and automation. One such advancement is voice and speech recognition technology, which has meant that customers can clear their bills using voice-activated payments. The process is automated, and PCI-compliant systems assure the cardholder that their payment data is protected. Operators can offer secure round-the-clock services for customers who prefer to call and speak rather than pay online.

6. Instant satisfaction

Automation streamlines the purchase cycle for customers, easing buying decisions and payments to accelerate turnaround. Fully automated background processes use mature workflows or Robotic Process Automation (RPA) to enable instant service and, by reducing human intervention, eliminate the possibility of manual error. This enables operators to deliver the instantaneous support and service that customers demand today.

Alepo’s role in boosting CX

At the forefront of digitization, Alepo provides an industry-leading Digital Business Support System (BSS) integrated with AI-powered modules and automated processes. The BSS suite includes Omnichannel Self-Care with NLP-based AI chatbots, advanced BI reports and analytics, workflow automation in all modules such as interconnect and wholesale billingdistributor managemententerprise management, and much more.

Pankaj Garg

Pankaj Garg

Associate Director, Product Management

Pankaj Garg is a telecom and FinTech expert with over 15 years of experience in the software industry. Handling digital BSS offerings is among the many hats he wears at Alepo. Always up to speed with the newest advancements in the products he handles, he takes it slow only when he’s road-tripping across India to discover new places.

Subscribe to the Alepo Newsletter

Role of AAA in 5G and the IoT Ecosystem

Role of AAA in 5G and the IoT Ecosystem

Role of AAA in 5G and the IoT Ecosystem

 

24th of June 2020

Evolution of the Mobile Network

According to a report from the GSMA, the number of fifth-generation (5G) users worldwide is expected to reach 1.4 billion by 2025, which is 15 percent of the global total. 5G means a significant upgrade from the last generation of mobile networks. With its higher bandwidth, low-latency, and virtualization capabilities, it has unleashed a massive IoT ecosystem, and this is expected to rapidly boost the number of devices and users on the data network, making proper IT planning imperative. As the mobile network evolves, the AAA will play a key role in acting as a bridge between devices and networks, ensuring operators are able to maximize ROI on their 5G investment.

AAA Evolution

AAA is an important service and policy control framework, enabling CSPs to control how their subscribers access and consume data services over WiFi, FTTx, 5G, and other IP-based broadband networks. It touches a number of areas within the core network and back office, from security and provisioning to billing and, most significantly, customer experience.

Over a decade ago, the core functions of AAA were in line with dialup and, later on, DSL internet networks. Today, the ever-increasing need for improving customer experience, along with rapid growth in subscriber numbers and data usage, has placed new demands on AAA functionalities.

Diameter – the next-gen industry-standard protocol used to exchange authentication, authorization, and accounting information in LTE and IP Multimedia Systems (IMS) networks – provides a generic framework for exchanging AAA messages and defines a standard set of AAA request-and-response commands and attributes. Having evolved from RADIUS, it provides more reliable, secure, and flexible transport mechanisms for mobile data networks. It is used by LTE and IMS network functions, including the Policy and Charging Rules Function (PCRF), Home Subscriber Server (HSS), and Online Charging System (OCS) elements.

In modern networks where CSPs deliver services across multiple access networks such as fixed-mobile convergence (WiFi and mobile), the broadband network requires seamless user experience while accessing services. Within broadband networks, CSPs may have multiple types of network elements acting as service delivery points and policy enforcement points. In wireless networks such as 5G, the technology goal is to expand service capabilities in various industries using high-speed mobile broadband, Internet of Things (IoT), and virtualization by embracing key technologies like RESTful APIs. This ensures optimum performance, stateless and secured network functions (NFs), and a high level of quality of service (QoS) in the 5G Service Based Architecture (SBA).

The 5G SBA’s modular framework comprises components such as AuSF (Authentication Server Function), NEF (Network Exposure Function), NRF (NF Repository Function), PCF (Policy Control Function), NSSF (Network Slice Selection Function), and UDM (Unified Data Management), allowing deployment of diverse network services and applications. A robust AAA (like Alepo’s) facilitates seamless authentication for 5G network services, including authenticating and authorizing device access:

  • To enterprise slices by integrating with an enterprise AAA server
  • From non-3GPP networks such as WiFi and broadband

Top Ways AAA Can Help Telcos

Secure Access Control

The AAA server manages user profiles, holds access credentials, device identifiers, access policies, and so on. This helps enable various access control mechanisms such as barring access for blacklisted devices, allowing limited or walled-garden access. AAA helps implement corporate access control, allowing specific devices to offer connectivity to corporate network resources.

Revenue via Service Differentiation

AAA helps manage access profiles, data caps, time limits, and more, helping launch different bandwidth plans and implement data caps that are integral to driving revenue in broadband networks. Real-time usage monitoring helps control revenue leaks.

M2M/IoT Connectivity Management

Serving an important role in managing device connectivity for M2M or IoT networks, AAA holds device-specific network parameters that allow access to a specific enterprise network. It collects usage or event details from the network and helps identify device cell location and device online status, handles usage alerts, and pushes CDRs to the billing system to charge network usage.

Enhance Customer Experience

AAA helps push changes in service parameters and policies to different subscribers without disconnecting or resetting their connections. Operators can offer better customer experience through seamless session updates whenever a customer:

  • Purchases a turbo boost bandwidth speed
  • Surpasses their fair usage policies
  • Refills balance for a prepaid account

Monitor Usage and Notifications

While monitoring usage and notifications, AAA supports enforcement of fair usage policies on reaching the defined time- and volume-based cap. It also helps standardize customer experience based on usage levels.

Monetize WiFi Access

AAA assists businesses to unlock a new revenue stream using the WiFi hotspot business model. The AAA server helps:

  • Access time- and data-based passes
  • Enable location-based services and offers
  • Allow dynamic redirection to customized captive portals

Role of AAA in 5G-IoT Ecosystem

Authenticating Slice Access

5G and network slicing are often concurrently used, though network slicing is an architectural component that helps operators design and customize different slices that run on a common physical interface. Network slicing supports a multitude of use cases and new services through 5G and also establishes multi-vendor and multi-tenant network models using shared infrastructure. According to ABI Research, network slicing creates approximately US $66 billion additional value for telecom companies.

When a device requests connectivity for a specific slice, besides 5G network authentication, the enterprise or tenant may also want to authenticate the device. This is handled by AAA, which holds the profiles of devices that can connect to the enterprise slice.

5G Slice Authenication

Authorizing Data Connectivity

As a device attempts to connect an enterprise data network, such as a mobile device that accesses streaming services, or a drone camera trying to upload images to the data center, the enterprise or tenant may want to check the device requesting connectivity and restrict access to the network resource to certain devices. AAA authenticates the device, checks whether it is authorized to access the resource, and then provides the connection parameters such as IP address and QoS for data connectivity.

5G Slice Authenication

Multi-Service Access

Enterprise AAA plays a key role in connecting and authenticating devices to an enterprise network (slice), authorizing connectivity from non-LTE/5G networks such as WiFi and broadband. When the device tries to connect to 5G networks from non-LTE/5G networks such as WiFi, broadband, AAA plays an important role in authenticating the device, authorizing connectivity to the 5G core network function to allow seamless connectivity for mobile devices from non-5G networks.

5G Slice Authenication

Popular 5G-IoT Use Cases

Smart City

5G rollout will not only deliver high-speed connectivity globally but will facilitate the ability to handle massive network connections and unlock new life-enhancing services. Smart cities will integrate devices over 5G networks to build an intelligent city with smart traffic, smart homes, parking, waste management, public safety, and smart utility facilities. Coupled with enterprise IoT, AI, AR, and VR, 5G will offer maximum potential for service innovations in building smart cities, including use cases (slices) such as healthcare, drone, education, energy, and more. Additionally, use cases like connected vehicles, high streaming voice, and video transmission from crime sites, air pollution monitoring, and surgeries using AR and VR will further enhance lives.

Entertainment and Gaming

In both the entertainment and gaming fields, IoT solutions have played a major role in helping track emerging trends and consumer tastes in entertainment and giving users highly immersive gaming experiences. IoT caters to the entertainment industry’s three major needs: strong knowledge of the latest trends and user preferences, creating immersive content, and targeted ad campaigns. Today, users enjoy a whole new level of user-engaging visual content and gaming procedures with features such as:

  • Visible texts in the screenplay of video games
  • High-level 3D and reporting models
  • Content productions via AR and VR approach

Smart Home and Smart Building

IoT, combined with 5G-enabled tools and technologies, brings more control and efficiency to intelligent buildings and at home. These tools help control the connected home, comprising appliances, lighting, entertainment, safety, security, HVAC, temperature, energy management, and more from smart devices like smartphones, tablets, or laptops over the WiFi network. Smart home solutions leverage connected and automated homes by enabling users to centrally manage all devices from one location and provide device-specific instructions at just one click. IoT-enabled or smart buildings with AI-driven analytics help restructure key aspects of commercial buildings: construction, habitation, and maintenance enhancing the quality of life of occupants and staff. Building automation 2.0 covers smart building solutions covering space management, asset management, cleanliness and hygiene management, and environmental monitoring.

Smart Manufacturing

5G gives manufacturers and telecom operators the greatest opportunity to collaborate and build smart manufacturing units. By truly exploiting automation, artificial intelligence, and industrial IoT (IIoT), manufacturers can change the game of their business and discover innovative ways to adopt industry 4.0 practices. 5G RAN, network slicing, cloud infrastructure, and real-time data collection through AI build a strong vision of fully connected and automated factories. Having broader access to greater amounts of data, this use case revolutionizes the production capabilities of the manufacturing units by enabling manufacturers to generate meaningful data, which can be further used to enhance digitalization, create new revenue streams, identify operational obstacles, optimize industrial processes, and save manufacturing costs. Smart manufacturing has the maximum scope to transform businesses with complex device communications and stringent, costly, time-consuming manual processes.

Steps To Create A Winning Deployment

Virtualization

Virtualization plays an important role in any product deployment as it helps automate product delivery by using the latest NFV technologies. It helps enhance performance as it monitors network resources and can scale and heal automatically. Virtualizing the core network can also bring the benefit of network slicing and customized use cases such as smart cities, autonomous vehicles, entertainment, gaming, and remote healthcare. This helps build networks that boost performance, capacity, latency, security, reliability, and coverage of the application developed.

Open Standards

Standardization like 3GPP and REST APIs are the foundation on which different products and services are developed. They bridge the gap between work processes and deliverables to ensure performance and interoperability across the mobile supply chain. This helps eliminate vendor lock-in as it is always possible to get another vendor to deploy a solution that meets industry standards.

AAA Transformation

AAA Transformation helps CSPs streamline processes and reduce all of their ownership costs. With support for all access technologies, it equips them with a single platform to deliver AAA needs across broadband, mobile, WiFi, and M2M/IoT segments. Operators can boost performance and security by integrating multivendor legacy AAA deployments into a centralized cloud environment.

Digital BSS

A digital BSS stack helps CSPs deliver digital-first customer experience and automate business processes in both 5G and IoT deployments by upgrading their legacy BSS with a new 5G-ready stack. A modular BSS delivers a complete digital transformation that helps greenfield operators with full-stack deployment and replaces legacy systems that operate in a phased approach.

Conclusion

A high-performance and robust AAA Server integrated with 5G and IoT networks can be used for multiple use cases across various industrial sectors. It helps provide cost-saving network optimizations for end-to-end business processes. Advanced virtualized AAA solutions, combined with system integrations and data migration solutions, will deploy market-leading and cost-efficient services without affecting the current system or customer experience.

Rajesh Mhapankar

Rajesh Mhapankar

Director, Innovations

A seasoned professional, technologist, innovator, and telecom expert. With over 20 years of experience in the software industry, Rajesh brings a strong track record of accelerating product innovations and development at Alepo. He supports the company’s mission-critical BSS/OSS projects in LTE, WiFi and broadband networks, including core policy, charging, and control elements.

Subscribe to the Alepo Newsletter

How operators can leverage network slicing for 5G monetization

How operators can leverage network slicing for 5G monetization

How operators can leverage network slicing for 5G monetization

 

18th of June 2020

Mobile communication technology has been driving digitization and is now an essential pillar across industries such as manufacturing, automobile, retail, supply chain, transport, healthcare, and more. Different business verticals have varying needs: one sector could require high-bandwidth communication, another may demand ultra-reliable communication, while a third needs extremely low-latency communication. The ideal 5G network will fulfill these diverse requirements at the same time, and this is possible through network slicing.

What is network slicing?

It is theoretically possible to build multiple dedicated networks where each is customized to support the needs of one type of business customer, but this is economically unviable. The most efficient approach is to segment a single physical network into multiple logical networks, each catering to unique service needs. This technique is called network slicing.

Network segmentation is available to an extent in legacy networks through Access Point Names (APNs) and dedicated core networks. But it is now more seamless and practical to use with advances in virtualization technology that is adopted by 5G. 5G networks, along with network slicing, allow business customers to enjoy connectivity in line with unique business specifications that are negotiated with a mobile operator in a Service Level Agreement (SLA). The parameters of customization include data speed, quality of service (QoS), latency, reliability, security, and services.

A network slice is an autonomous end-to-end logical network operating on shared physical infrastructure capable of providing the agreed QoS. The scope of the network slice could cover multiple parts of the network, such as a terminal, core network, access network, and transportation network. One network slice includes dedicated and/or shared resources, which can vary in terms of bandwidth, storage, processing power, and more.

From the end-user perspective, the network slice serves as a normal mobile network. A slice often offers seamless and uninterrupted service when a device roams outside the home network.

Potential vertical applications

Network slices can be used for many use cases in several industries such as:

Consumer: enhanced Mobile Broadband (eMBB) for high bandwidth users.

Automotive: ultra-low latency (1 ms), high-availability, and effective isolation from other services for autonomous vehicles.

Logistics: high availability to track goods.

Healthcare: ultra-low latency and high availability for remote surgeries.

Warehouse: low-latency and high-availability for efficient collaboration between smart robots.

Media (entertainment/AR/VR): high-bandwidth for an immersive and seamless experience.

Smart cities, governments, SOS services: dedicated QoS to ensure connectivity of first responders.

Detailed network slicing use cases

Slices have limitless possibilities for industry, some of which include:

Slice for automobiles
Designed for a modern connected vehicle, it enables a highly versatile network that can deliver ultra-reliable and low-latency communication (URLLC) service for self-driving, car-to-car communication, and emergency services as well as high-throughput for in-car entertainment using high-bandwidth.

Slice for industry automation
A smart factory can use the operator’s URLLC slice for industrial automation, allowing monitoring and control of robotic parts. An edge computing data center (as network resource service) is used to deploy the system.

Slice for massive IoT
An operator can deploy a dedicated slice for IoT users to manage the complex network requirements for a massive IoT device ecosystem. It can have lower latency, and a separate charging and control function to simplify network management and speed-up deployment. This slice can support one million devices per square kilometer.

Slice for live broadcasts in AR/VR
A dedicated high-bandwidth slice can be used by an operator to transmit news and events such as sports and concerts. To manage AR/VR video processing, it can support one-to-many downlink connections with high-density computing. The slice will ensure high-bandwidth and lower-latency QoS.

What capabilities do Alepo’s solutions extend?

Alepo’s 5G Core solution offers converged subscriber data management, policy, charging functions, and 3GPP AAA. It empowers the operator’s network team to create and manage slice profiles, their technical attributes, and associate them with subscriptions or group subscriptions. As a device connects to the network, slice profile details are provisioned towards the network to connect the device to a specific slice based on its service subscription. This empowers operators to create, manage, and charge different slices based on each customer’s business requirements.

Nitish Muley

Nitish Muley

Senior Engineer

Nitish has spent years building mobile apps for technologies like VR, AR, IoT, and is currently working on Alepo’s newest products. Always up to speed with the latest in the industry, Nitish is a voracious reader – and fervent writer – about all things related to tech and wireless standards. After hours, he wears a traveler’s hat, pursuing his love for photography as he explores different countries.

Subscribe to the Alepo Newsletter

How to tackle NFV AAA deployment challenges

How to tackle NFV AAA deployment challenges

How to tackle NFV AAA deployment challenges

 

12th of June 2020

Network Function Virtualization (NFV) helps service providers transform deployment and operational processes. The maturing of NFV means that AAA can now be deployed virtually – a game-changer that optimizes resource utilization and network operations. From our experience in deploying virtualized AAA (vAAA), we’ve noticed there are some frequently occurring challenges. The good news is, we’ve also identified how to address them.

First things first: the most important thing about NFV

Conventional hardware infrastructure deployments mean the installation of application-specific servers or appliances on the customer’s premises. Network Function Virtualization (NFV) technology introduces a well-defined cloud architecture that eliminates the bind between application and physical server by virtualizing network services.

Deploying virtualized network functions (VNFs) reduces the need to maintain vendor-specific or customized physical infrastructure. Applications can now be deployed on standardized and shared infrastructure, significantly reducing operational costs and making it faster to implement.

What objectives do NFV-based deployments meet?

Important outcomes that make NFV software-defined networking (NFV SDN) increasingly valuable include reduced complexity of networks, faster services, and lowered dependence on expensive physical storage. Further, NFV-based deployments aim to maintain a standard-based infrastructure shared by all VNF vendors, keeping OPEX and CAPEX low. Its core objectives include:

Efficiency

The NFV platform must have availability-adjusted NF SLAs that are identical to SLAs offered with dedicated services, specifying, for instance, the average delay, bandwidth, and availability of all services provided to the subscribers. To ensure SLA compliance, it needs to closely track network performance and dynamically adjust resources.

Scalability

The NFV platform should support a large number of VNFs and scale as traffic volumes and application usage increase. The ability to deliver a variety of NFs per subscriber could lead to the creation of new services, opening new ways for operators to monetize their networks.

Reliability

The NFV platform must comply with reliability requirements to offer high service availability, which is defined as end-to-end service availability including end-to-end service elements (VNF and infrastructure components).

How to overcome challenges in NFV AAA (vAAA) deployments

Let’s take a look at the top six NFV implementation challenges and the ideal solutions we’ve developed to address them.

ChallengeSolution
Configuration management

Managing file-based configurations for AAA nodes becomes complex and error-prone when each AAA node runs with its own copy of the configuration and requires syncing as nodes are dynamically added or removed.
Centralized configuration management

This helps manage the configuration changes (scripts or license files) through a web-based configuration portal, allowing changes to every AAA node in real-time. Alternatively, all configurations can be held in a centralized configuration database.
Lack of compatibility for VNF management interfaces

Many NFV infrastructure (NFVi) vendors require a custom interface for VNF management than standard-based, making them incompatible with other vendors.
Flexible VNF management

Selecting AAA vendors that offer flexible VNF management interfaces based on ETSI-compatible interfaces or custom interfaces based on NFVi instances is ideal to expedite deployment.
Vendor-specific user access management systems

Different vendors have their own access management system for their applications. This adds to operational overheads as user logins and access permissions are maintained in multiple systems.
Centralized access management


A centralized user access management system for all vendor applications eases operations, improves control over access controllers, and enhances application security.
Impact of session cache synchronization

In NFV deployment, each AAA node is dynamically added or removed based on traffic needs. This requires each node to replicate the session cache to other nodes, increasing complexity and introducing errors.
Stateless AAA

It is important to externalize application states and stores session contexts in a centralized database that can be shared across all AAA nodes. A stateless AAA ensures any node can process an ongoing user session request previously handled by another node and that simplifies dynamic scaling without having to worry about session cache synchronization.
Low variety of load balancers

For virtualized AAA deployment, load balancers are needed to distribute signaling traffic across multiple AAA nodes. In the NFVi environment, very few software-based load balancers support RADIUS/UDP messages.
In-built load balancer

Software-based load balancer VNFs are part of new-generation vAAA solutions and this helps implement RADIUS/UDP as well as HTTP traffic load-balancing.
Common network interface for all network traffic

AAA deployed with a common network interface for handling applications and database traffic leads to security concerns and also prevents resource optimization based on traffic type.
Multiple networks for different traffic

Separate network interfaces address key security challenges and optimize network resources. Each AAA node has multiple virtual network interfaces to handle different data traffic, applications, and database, making it more secure and scalable.

Conclusion

NFV reduces dependence on dedicated infrastructure. As a result, a vAAA solution enables significant customization and scalability that cuts across the operator’s entire network framework. Operators can, therefore, earn additional revenue without investing in any new hardware.

One of just a handful in the market, Alepo’s NFV- and 5G-compliant virtualized AAA (vAAA) can be deployed in any NFVi environment according to ETSI standards. Manage the entire AAA VNF life cycle with Alepo using its specific Virtual Network Function (sVNF), or integrate with a generic Virtual Network Function (gVNF) from any NFVi vendor. The carrier-grade 3GPP AAA is designed to optimize mobile, WiFi, and fixed network performance. Equipped with a proven and scalable integration framework, it optimizes scalability and resource utilization through orchestration. It can be rapidly deployed and offers quick insights into the way IP data services are accessed and consumed.

Rajesh Mhapankar

Rajesh Mhapankar

Director, Innovations

A seasoned professional, technologist, innovator, and telecom expert. With over 20 years of experience in the software industry, Rajesh brings a strong track record of accelerating product innovations and development at Alepo. He supports the company’s mission-critical BSS/OSS projects in LTE, WiFi and broadband networks, including core policy, charging, and control elements.

Subscribe to the Alepo Newsletter

Top 5 ways telcos can adapt to the virtual cultural shift

Top 5 ways telcos can adapt to the virtual cultural shift

Top 5 ways telcos can adapt to the virtual cultural shift

 

5th of May 2020

Telecommunications today is more essential than ever. Data and mobility have taken on a pivotal role across sectors like healthcare, education, transportation, smart cities, oil and gas, utilities, and more. Now, there is unprecedented demand on networks with cultural shifts due to the pandemic. Given the unpredictability of the future, and with many companies considering the possibility of permanently adopting remote work, the focus is directed to network contingency plans. One thing is clear: service providers with digitally advanced systems will adapt more easily to this cultural shift. And to enhance their systems, these are the top five factors they need to focus on:

Maintain high-performing and scalable networks

More people around the world are working from home due to lockdowns, and those isolating and in quarantine are spending more time on high-bandwidth streaming services such as Netflix, Youtube, and other entertainment channels, further increasing the network load. To serve this surge in demand and long-term cultural shift, telcos must invest in robust AAA infrastructure that is highly available, scalable, and stateless. Operators facing network challenges can transform AAA seamlessly and virtually, ensuring zero impact on their existing IT systems and integrations.

Automate workflows and processes

As their customers do more from home, telcos should also aim to reduce manual and in-person touchpoints. An advanced digital business support systems (BSS) stack helps automate business processes, including complex and repetitive tasks, freeing up network resources, and minimizing errors. Telcos can create, launch, deliver, and manage communications services entirely through a digital-first customer experience, keeping them ahead of the competition. Operators can introduce innovative plans, bonus policies, cashbacks, and targeted offers on-the-fly as the market evolves. Increased digitalization and personalization keeps customers engaged and loyal to the brand.

Digital transformation facilitates rapid implementation and customization as it possesses the following features:

  • Cloud-native services
  • Open APIs and standardized workflows
  • Automated provisioning, fulfillment, testing, chatbots
  • Microservice architecture

In addition, better internal processes and automated workflows mean higher productivity and efficiency in interacting with customers and vendors, while maintaining high operational excellence.

Deliver a digitally-advanced experience

It is crucial for telcos to adopt a digital-first approach to their business, not only because the majority of young consumers prefer interacting with brands through smartphones or online, but long-term cultural shifts due to the pandemic demand a rapid change to conducting business and serving customers virtually.

For example, customers prefer visual assistance to solve their problems. Vodafone has capitalized on this and uses the power of video to relieve the burden on their call centers that used to receive a staggering 5.2 million calls for technical assistance per year. They are now able to resolve customer issues remotely using AI and AR, helping their agents interpret and visually guide the customer, resulting in faster and more accurate problem resolution.

The main areas of focus for digitalization include:

  • Shift in-store customer experience to a digital channel
  • Reduce physical contact through virtual troubleshooting
  • Automate customer touchpoints to improve customer experience
  • Have IT systems that can support the cultural shift

Provide omnichannel support

With an increasing number of digital channels and a growing focus on customer experience, operators need to adopt an omnichannel strategy to keep pace with the expectations of customers. And its applications are two-fold.

For one, omnichannel engagement options extend a seamless, consistent, and unified shopping experience to customers across all touchpoints, whether they are shopping on the operator’s portal or through an online marketplace, physical stores, product catalogs, social media platforms, or chatbots.

Second, omnichannel self-care plays a significant role in the operator’s customer experience strategy, helping customers to play an active role in managing their accounts. Customers can manage their plans and services, create friends and family groups for special calling rates, and control data usage. The added transparency and increased ability to monitor accounts improves customer satisfaction and helps build trust. Automated and intelligent interactions through the web, mobile, and multiple social media channels further enhance the digital experience and empower customers with:

  • Automated digital onboarding
  • Simplified purchases
  • Automated support
  • Multiple payment modes
  • Swift complaint redressal
  • Gifting options
  • Parental controls

Move to SaaS to relieve IT

With the long-term shift to working virtually, a huge strain is put on a company’s IT infrastructure. SaaS software can relieve a huge burden on the IT infrastructure and ensure connectivity and reliability. One of the top priorities for all service providers must be shifting their infrastructure to the cloud because it lets them focus on digitization opportunities with limited investment. SaaS BSS architecture provides the telco with advanced modules, preconfigured fixed and mobile broadband plans, and 24×7 managed service operations, while a dedicated customer success manager ensures faster return on investment and reduced time-to-market. It also helps with reduced expenditure on hardware, infrastructure, maintenance, and more. The SaaS solution helps operators rapidly transform and adapt their business to modern technology trends that facilitate back-office process automation and digitize customer experience for their staff and subscribers.

Conclusion

To capitalize on cultural shifts and surging demand in data, telecom providers need to concentrate on a digital makeover, either as a complete network overhaul or a phased digital transformation. This includes not just offering better network capabilities but also implementing innovative tools and strategies to enable process automation and enhanced customer experience. Service providers must consider investing in digital technologies to build next-gen offerings and streamline business and IT operations, using SaaS software and agile methodologies to analyze and understand overall market demands, business requirements, customer data, and real-time delivery needs. It’s certain there is opportunity for companies to evolve in these challenging times.

Anand Ramani

Anand Ramani

Director R&D

A senior professional with more than 20 years of experience in the telecom BSS domain, Anand is passionate about adapting newer technologies and building digital products. He heads the company’s R&D activities for core products such as Digital BSS, WiFi, and AAA.

Subscribe to the Alepo Newsletter