Network Function Virtualization (NFV) helps service providers transform deployment and operational processes. The maturing of NFV means that AAA can now be deployed virtually – a game-changer that optimizes resource utilization and network operations. From our experience in deploying virtualized AAA (vAAA), we’ve noticed there are some frequently occurring challenges. The good news is, we’ve also identified how to address them.
First things first: the most important thing about NFV
Conventional hardware infrastructure deployments mean the installation of application-specific servers or appliances on the customer’s premises. Network Function Virtualization (NFV) technology introduces a well-defined cloud architecture that eliminates the bind between application and physical server by virtualizing network services.
Deploying virtualized network functions (VNFs) reduces the need to maintain vendor-specific or customized physical infrastructure. Applications can now be deployed on standardized and shared infrastructure, significantly reducing operational costs and making it faster to implement.
What objectives do NFV-based deployments meet?
Important outcomes that make NFV software-defined networking (NFV SDN) increasingly valuable include reduced complexity of networks, faster services, and lowered dependence on expensive physical storage. Further, NFV-based deployments aim to maintain a standard-based infrastructure shared by all VNF vendors, keeping OPEX and CAPEX low. Its core objectives include:
The NFV platform must have availability-adjusted NF SLAs that are identical to SLAs offered with dedicated services, specifying, for instance, the average delay, bandwidth, and availability of all services provided to the subscribers. To ensure SLA compliance, it needs to closely track network performance and dynamically adjust resources.
The NFV platform should support a large number of VNFs and scale as traffic volumes and application usage increase. The ability to deliver a variety of NFs per subscriber could lead to the creation of new services, opening new ways for operators to monetize their networks.
The NFV platform must comply with reliability requirements to offer high service availability, which is defined as end-to-end service availability including end-to-end service elements (VNF and infrastructure components).
How to overcome challenges in NFV AAA (vAAA) deployments
Let’s take a look at the top six NFV implementation challenges and the ideal solutions we’ve developed to address them.
Managing file-based configurations for AAA nodes becomes complex and error-prone when each AAA node runs with its own copy of the configuration and requires syncing as nodes are dynamically added or removed.
|Centralized configuration management
This helps manage the configuration changes (scripts or license files) through a web-based configuration portal, allowing changes to every AAA node in real-time. Alternatively, all configurations can be held in a centralized configuration database.
|Lack of compatibility for VNF management interfaces|
Many NFV infrastructure (NFVi) vendors require a custom interface for VNF management than standard-based, making them incompatible with other vendors.
|Flexible VNF management
Selecting AAA vendors that offer flexible VNF management interfaces based on ETSI-compatible interfaces or custom interfaces based on NFVi instances is ideal to expedite deployment.
|Vendor-specific user access management systems |
Different vendors have their own access management system for their applications. This adds to operational overheads as user logins and access permissions are maintained in multiple systems.
|Centralized access management
A centralized user access management system for all vendor applications eases operations, improves control over access controllers, and enhances application security.
|Impact of session cache synchronization|
In NFV deployment, each AAA node is dynamically added or removed based on traffic needs. This requires each node to replicate the session cache to other nodes, increasing complexity and introducing errors.
It is important to externalize application states and stores session contexts in a centralized database that can be shared across all AAA nodes. A stateless AAA ensures any node can process an ongoing user session request previously handled by another node and that simplifies dynamic scaling without having to worry about session cache synchronization.
|Low variety of load balancers|
For virtualized AAA deployment, load balancers are needed to distribute signaling traffic across multiple AAA nodes. In the NFVi environment, very few software-based load balancers support RADIUS/UDP messages.
|In-built load balancer
Software-based load balancer VNFs are part of new-generation vAAA solutions and this helps implement RADIUS/UDP as well as HTTP traffic load-balancing.
|Common network interface for all network traffic|
AAA deployed with a common network interface for handling applications and database traffic leads to security concerns and also prevents resource optimization based on traffic type.
|Multiple networks for different traffic
Separate network interfaces address key security challenges and optimize network resources. Each AAA node has multiple virtual network interfaces to handle different data traffic, applications, and database, making it more secure and scalable.
NFV reduces dependence on dedicated infrastructure. As a result, a vAAA solution enables significant customization and scalability that cuts across the operator’s entire network framework. Operators can, therefore, earn additional revenue without investing in any new hardware.
One of just a handful in the market, Alepo’s NFV- and 5G-compliant virtualized AAA (vAAA) can be deployed in any NFVi environment according to ETSI standards. Manage the entire AAA VNF life cycle with Alepo using its specific Virtual Network Function (sVNF), or integrate with a generic Virtual Network Function (gVNF) from any NFVi vendor. The carrier-grade 3GPP AAA is designed to optimize mobile, WiFi, and fixed network performance. Equipped with a proven and scalable integration framework, it optimizes scalability and resource utilization through orchestration. It can be rapidly deployed and offers quick insights into the way IP data services are accessed and consumed.