How to tackle NFV AAA deployment challenges

 

12th of June 2020

 

 

 

Network Function Virtualization (NFV) helps service providers transform deployment and operational processes. The maturing of NFV means that AAA can now be deployed virtually – a game-changer that optimizes resource utilization and network operations. From our experience in deploying virtualized AAA (vAAA), we’ve noticed there are some frequently occurring challenges. The good news is, we’ve also identified how to address them.

First things first: the most important thing about NFV

Conventional hardware infrastructure deployments mean the installation of application-specific servers or appliances on the customer’s premises. Network Function Virtualization (NFV) technology introduces a well-defined cloud architecture that eliminates the bind between application and physical server by virtualizing network services.

Deploying virtualized network functions (VNFs) reduces the need to maintain vendor-specific or customized physical infrastructure. Applications can now be deployed on standardized and shared infrastructure, significantly reducing operational costs and making it faster to implement.

What objectives do NFV-based deployments meet?

Important outcomes that make NFV software-defined networking (NFV SDN) increasingly valuable include reduced complexity of networks, faster services, and lowered dependence on expensive physical storage. Further, NFV-based deployments aim to maintain a standard-based infrastructure shared by all VNF vendors, keeping OPEX and CAPEX low. Its core objectives include:

Efficiency

The NFV platform must have availability-adjusted NF SLAs that are identical to SLAs offered with dedicated services, specifying, for instance, the average delay, bandwidth, and availability of all services provided to the subscribers. To ensure SLA compliance, it needs to closely track network performance and dynamically adjust resources.

Scalability

The NFV platform should support a large number of VNFs and scale as traffic volumes and application usage increase. The ability to deliver a variety of NFs per subscriber could lead to the creation of new services, opening new ways for operators to monetize their networks.

Reliability

The NFV platform must comply with reliability requirements to offer high service availability, which is defined as end-to-end service availability including end-to-end service elements (VNF and infrastructure components).

How to overcome challenges in NFV AAA (vAAA) deployments

Let’s take a look at the top six NFV implementation challenges and the ideal solutions we’ve developed to address them.

ChallengeSolution
Configuration management

Managing file-based configurations for AAA nodes becomes complex and error-prone when each AAA node runs with its own copy of the configuration and requires syncing as nodes are dynamically added or removed.
Centralized configuration management

This helps manage the configuration changes (scripts or license files) through a web-based configuration portal, allowing changes to every AAA node in real-time. Alternatively, all configurations can be held in a centralized configuration database.
Lack of compatibility for VNF management interfaces

Many NFV infrastructure (NFVi) vendors require a custom interface for VNF management than standard-based, making them incompatible with other vendors.
Flexible VNF management

Selecting AAA vendors that offer flexible VNF management interfaces based on ETSI-compatible interfaces or custom interfaces based on NFVi instances is ideal to expedite deployment.
Vendor-specific user access management systems

Different vendors have their own access management system for their applications. This adds to operational overheads as user logins and access permissions are maintained in multiple systems.
Centralized access management


A centralized user access management system for all vendor applications eases operations, improves control over access controllers, and enhances application security.
Impact of session cache synchronization

In NFV deployment, each AAA node is dynamically added or removed based on traffic needs. This requires each node to replicate the session cache to other nodes, increasing complexity and introducing errors.
Stateless AAA

It is important to externalize application states and stores session contexts in a centralized database that can be shared across all AAA nodes. A stateless AAA ensures any node can process an ongoing user session request previously handled by another node and that simplifies dynamic scaling without having to worry about session cache synchronization.
Low variety of load balancers

For virtualized AAA deployment, load balancers are needed to distribute signaling traffic across multiple AAA nodes. In the NFVi environment, very few software-based load balancers support RADIUS/UDP messages.
In-built load balancer

Software-based load balancer VNFs are part of new-generation vAAA solutions and this helps implement RADIUS/UDP as well as HTTP traffic load-balancing.
Common network interface for all network traffic

AAA deployed with a common network interface for handling applications and database traffic leads to security concerns and also prevents resource optimization based on traffic type.
Multiple networks for different traffic

Separate network interfaces address key security challenges and optimize network resources. Each AAA node has multiple virtual network interfaces to handle different data traffic, applications, and database, making it more secure and scalable.

Conclusion

NFV reduces dependence on dedicated infrastructure. As a result, a vAAA solution enables significant customization and scalability that cuts across the operator’s entire network framework. Operators can, therefore, earn additional revenue without investing in any new hardware.

One of just a handful in the market, Alepo’s NFV- and 5G-compliant virtualized AAA (vAAA) can be deployed in any NFVi environment according to ETSI standards. Manage the entire AAA VNF life cycle with Alepo using its specific Virtual Network Function (sVNF), or integrate with a generic Virtual Network Function (gVNF) from any NFVi vendor. The carrier-grade 3GPP AAA is designed to optimize mobile, WiFi, and fixed network performance. Equipped with a proven and scalable integration framework, it optimizes scalability and resource utilization through orchestration. It can be rapidly deployed and offers quick insights into the way IP data services are accessed and consumed.

Rajesh Mhapankar

Rajesh Mhapankar

Director, Innovations

A seasoned professional, technologist, innovator, and telecom expert. With over 20 years of experience in the software industry, Rajesh brings a strong track record of accelerating product innovations and development at Alepo. He supports the company’s mission-critical BSS/OSS projects in LTE, WiFi and broadband networks, including core policy, charging, and control elements.