evolution of subscriber and application control : …€¦ · appstores youtube fb mtc devices...
TRANSCRIPT
EVOLUTION OF SUBSCRIBER AND APPLICATION CONTROL :
BRIDGING THE GAP BETWEEN NETWORK AND APPLICATIONS
Jacopo Pianigiani
September 18th, 2012
2 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
AGENDA
The evolution of control in Service providers services
Juniper reference architecture
Use cases for Service providers monetization
3 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
THE EVOLUTION OF CONTROL IN SERVICE PROVIDERS
4 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
NEW WAYS TO MONETIZE THE NETWORK
Personalization of services
Tiered Subscriptions
Guaranteed Delivery
Location Based Services
Turbo Performance
Long-Tail Applications
Self Care
Virtual Reality
Zero Rating
Turbo Button
Assured Tele-presence
Capitalize on the Internet of
things
Secure Mobile Banking
Smart-Grid, M2M
Innovative Business Models
Targeted Advertising
Micro SLA
Revenue Share with Content
Providers by service exposure
The New
Network
$
6 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
AN EVOLVING RELATIONSHIP BETWEEN USER, NETWORK AND APPLICATIONS
Service Provider
User to network relationship
Subscriber
Subscriber
Service Provider
Service Provider WWW
Subscriber
User to content relationship
Applications over a
connected network
Service Provider
User to user through applications
User to applications
7 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Usage Control Session based charging
EVOLUTION OF CONTROL IN SP NETWORKS
Usage control
Single PDP
Limited bandwidth on
shared channels
Separate voice and
data infrastructures
Feature phones
predominant
3G device as ‘modem’ WiFi as PC add-on
Personalization
High access bandwidth
Smartphones and smart devices
Availability of WiFi in devices and locations
AppStores YouTube FB
MTC devices
Skype
Vulnerabilities
Application awareness and control Network context awareness
Federated identity management for delegated service control
Sponsored charging, split charging
Control and exposure to application functions, in house and external
Usage context awareness
8 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
JUNIPER REFERENCE ARCHITECTURE
9 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
NETWORK PLANE Network Capabilities For detection and control
APPLICATION PLANE End user application logic
FIRST PHASE: SERVICE AWARENESS AND CONTROL
CONTROL PLANE Decision layer
SUBSCRIBER / NETWORK /
SERVICE
STATE POLICY AND APPLICATION
CONTROL
SUBSCRIBER IDENTITY MANAGEMENT AND PROFILING
CHARGING CONTROL
SERVICE PROFILING
SERV
ICE D
ELIVER
Y, AC
TIVA
TION
AN
D
MA
NA
GEM
ENT C
ON
TRO
L
SERVICE EXPOSURE
In house applications Open Garden Applications
RCS
MMTEL
Branded
App
Selfcare
portal
Gaming Media
portal
Network VAS
Wired Access Network
Wireless Access Network Subscriber edge
UE
UE
RG
RG
BNG
ePC
DPI
TDF
Proxy
Opt Cache
FW
FW
Hosted Enterprise
Media events Surveillance
Remote training
10 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SOLUTION ARCHITECTURE
PCC REFERENCE MODEL
HSS/SPR
Network access
PCRF
Internet
App#1
AppSvr
OCS
Web
Gx
Sy Sp
TDF SDG
HTTP TDF
Gx
Gy Gy
Gx/Sd
OCS
AF
Web Svc
Rx
SOAP,Rx Internal
apps SOAP,Rx
PCEF with or without
colocated TDF
Standalone TDF with enhanced ADC
controls (QoS, per application steering,
usage controls) and Application-Based
Charging
Application-specific (HTTP)
TDF with per subscriber
Policy and charging controls
Network / RAN
CongestionMgmt
Collapsed Scenario: • Juniper MX MobileNext MBG or MX BNG as PCEF
with integrated TDF (application detection and
control)
• Application specific TDF functions orchestrated by
subscriber edge (PCEF) capabilities
Separated Scenario: • Juniper MobileNext MBG or MX BNG as PCEF
• Application detection and control on the MX SDG as TDF,
additional specific application functions as second-tier of
application specific TDF
Subscriber Edge
GGSN/PGW,BNG
11 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
App Detection and Control and VAS
Subs Edge
[Access Network]
MobileNext MBG, MX BNG
3° party
HTTP Proxy
+ Optimizer
Bearers
Bearers PCEF TDF
(Integrated
DPI) VAS
VLANs
MobileNext SDG (Routing, forwarding and interconnect)
COMBINING APPLICATION AWARENESS WITH EDGE DISTRIBUTION OF CONTROL AND ENFORCEMENT FUNCTIONS
PCRF OCS Sy
Internal
Apps,
content,
portals
External
Apps/
content
/web
Gx
Gx/Sd Gy Gy
• Policy control and Charging control
• at session and application level
• Steering at L4 or L7 (e.g. HTTP URL)
• Detection of events
• Policy control (and
eventually charging) for
specific flows (HTTP video,
software downloads etc)
• Session and application events
correlation
• Sessions linking
• Policy control (usage control, events,
time based controls, QoS, ADC,
integration with IT Portals)
• Coordination of policy and charging (Sy)
• Charging control
• Exposure of service controls APIs
(SOAP) to apps or Web Svc Gateway
12 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
App Detection and Control and VAS
MobileNext SDG (Routing, forwarding and interconnect)
DISTRIBUTED EDGE AND APPLICATION CONTROL DISTRIBUTION OF CONTROL AND ENFORCEMENT FUNCTIONS
Subscriber Edge
PCRF
OCS
Sy
[Access Network]
Internal
Apps,
content,
portals
External
Apps/
content
/web
MobileNext MBG, MX BNG
MobileNext SDG
PCEF
TDF VAS
VAS
3° party
HTTP Proxy
+ Optimizer
Bearers
Bearers
Gx
Gx/Sd Gy Gy
Gx/Sd
Policy control and Charging control
at session level (if appllicable for use case)
Detection of events
Policy control (and eventually
charging, limited to specific use
cases) for specific flows (HTTP
optimized video, software
downloads etc)
Policy and charging control at
L4 to L7
Per subscriber steering (L4 to
L7)
• Session and application events correlation
• Sessions linking
• Policy control (usage control, events, time
based controls, QoS, ADC, integration
with IT Portals)
• Coordination of policy and charging (Sy)
• Charging control
• Exposure of service controls APIs (SOAP)
to apps or Web Svc Gateway
VLANs
13 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
APPLICATION AWARE NETWORKING BUILDING FOUNDATIONS FOR CONTROL
2G/3G
Access
4G Access
Wireline
Access
Wifi Access
Wifi
Access
Juniper MobileNext
Broadband Gateway SGW, PGW-GGSN,
SaMOG Gateway
Juniper MobileNext
Control Gateway SGSN, MME MME
Juniper MX BNG
Broadband Gateway BNG, WiFi AG
Juniper MX Service
Delivery Gateway Enhanced TDF
IPS, SFW , CGNAT, IPSEC,
FW
Policy controlled services
and ADC
Converged
PCRF
Converged
OCS
HSS
Gx
Gx Gx, Sd
S6a
AAA
Gy
Sgi/Gi/AA
Gy
Juniper MX/SRX
Network Firewall Enhanced Security
and app detection
TDF
Firewall
IPS
Policy
mediation
Gx / Sd
Sy
WWW
Cloud
Juniper
J Pulse
client SSL , Access
selection,
device control
and detection
Caching
Gx, Sd
CDN
CGNAT
FW
Caching
Tunnel svc
Juniper MFC
Cache HTTP TDF
17 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
2ND STEP OF SERVICE ARCHITECTURE EVOLUTION
FROM INTEGRATED SERVICES, TO NETWORK-DISTRIBUTED
Hardware accelerated throughput
Universal edge / VAS node
Open Development environment on Juniper platform
Virtual plane on/off box , OS/Language of choice
Distributed edge / VAS architecture
Integration of third party native software as onboard services
18 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
DataCenter sites (2-8)
Core sites (2-8)
Metro edge sites
(10-100)
Data Center
SECOND STEP TOWARD VAS DISTRIBUTION
Network VAS
Wired Access Network
Wireless Access Network
Subscriber edge
UE
UE
RG
RG BNG
ePC
DPI
DPI
Proxy
Opt Cache
FW
FW TDF/ DPI
End user Application
End user Portals
Content
Physical element
Physical element
Physical
element
Physical
element
Physical
element
Independent software modules implementing Application aware
capabilities and application specific functions
Independence of physical nodes vs. logical functions
Capacity at scale Service velocity Elasticity
19 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
DATA PLANE WITH JunosV APP ENGINE
Service Engineered Path (SEP) tethers Services plane to the MX
Tethered Services appear identical to integrated onboard Services
JunosV orchestrates SEPs from MX to VM applications
SEPs built using stateless GRE
Routing Engine (RE)
VSE Appliance
KVM Hypervisor
Centos (Host OS)
Virtual
Junos
Juniper
App
Linux
(Guest OS)
Other
App
Ingre
ss
MP
C
Anchor
MP
C
Egre
ss
MP
C
SEP Mobile
Traffic
MX COTS
Service Engineered Paths
20 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SERVICE CHAINING WITH JunosV & SEP
VSE Appliance
KVM Hypervisor
Centos (Host OS)
Virtual
Junos
Juniper
DPI
Linux
(Guest OS)
3rd party VAS
e.g.HTTP
Proxy
COTS Support of in house or third party VAS
on COTS hardware via JunosV
Appengine
JunosV enables VM to VM
connectivity through SEP’s
Service Chaining optimizes VM –
VM traffic
MX-switched tunnels supported
today
SEP
Subscriber Anchor/
edge
Subscriber Anchor
(IP)
21 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
USE CASES 3RD PARTY CHARGE, DYNAMIC QOS, DYNAMIC PRICING, TIME SHIFT CONTENT DELIVERY
23 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
CUSTOMER SATISFACTION
3RD PTY /SPONSORED CHARGING
HSS/SPR
network access
PCRF
Internet
App#1
AppSvr
SAE GW MBG
Web
Gx
Sy Sp
TDF SDG
HTTP TDF
Gx Gx/Sd
Gy
OCS
AF
Web Svc
Rx
SOAP,Rx Internal
apps SOAP,Rx
Visited network access
Third party paid connectivity for specific application flows
Application detection and control •Preconfigured PCC rule with L7 detection of app X1 (HTTP, other non encrypted
apps, encryted apps) or Dynamic ADC rules
•Charging on MBG (combined edge and DPI) or on SDG for distibuted scenario
Application control • Usage of sponsor identity and ASP Identity
in Rx
• Query user by IP
• SOAP based sponsored connectivity Allocation of specific PCC / ADC
rules for sponsored flows •Usage Monitoring and reporting at sponsor
connectivity level
•QCI/QoS mapping to applicaiton
•Accounting logs of API interaction Different rating groups / service
Ids for sponsored-non sponsored flows
24 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
CUSTOMER SATISFACTION
ZERO RATING / DROP RATING / GRACE PERIOD / SHARED DATA
Allow zero rated or discounted usage for specific content and apps up to a
certain volume - HSS/
SPR
network access
PCRF
App#1
Internet
App#1
AppSvr
Edge PGW, BNG
OCS
App#2
AppSvr
Gx
Gy
Sy
Sp
App#2
App#3
TDF SDG
HTTP TDF
Gx Gx/Sd
Gy
Classification of user traffic at application
level •Preconfigured PCC rule with L7 detection of app X1 (HTTP,
other non encrypted apps, encryted apps), Dynamic ADC rules
•PCC Rules with UM for volume cap at app level (e.g.
Facebook free up to 100MB)
Usage monitoring control applied to
PCC/ADC rule
Or OCS Gy Usage Control (e.g. Separate Service Id or Rating Group) for zero rated /
discounted content
Bolt-on data plan: • PCC rulebase (including PCC rule for
identifying the zero rated app) By day/hour:
• ToD procedures within PCC rule (e.g.
For Grace period) For specific app
• Preconfigured PCC rule definition with
AppID = X1, QoS
Volume Cap or Balance
shared across multiple
subscriptions Shared Data cap across community
members
Shared tarif plan
Different rating groups • Different rating group based on customer
data, ToD, topup/boost, applications
28 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
CUSTOMER SATISFACTION
BUSY HOUR VIDEO QUALITY CONTROL/DRIPCASTING
Allow the user lower cost viewing experience (deferring access to content in
BH or controlling the quality of content being delivered)
HSS/SPR
network access
PCRF
App#1
Internet
App#1
AppSvr
SAE GW MBG
OCS
App#2
AppSvr
Gx
Sy
Sp
App#2
App#3
TDF SDG
HTTP TDF
Gx Gx/Sd
Gy
Engagement layer communicate with user:
• Provide options for users
to select
• Video overlay with
messages to user
Bolt-on data plan: a) PCC rulebase combining other PCC
features (e.g. Volume caps via UM for
video and fore rest of traffic)
By day/hour: a) ToD procedures within PCC rule to
define BH / non BH slots for activation of
specific BH/ non BH rules
For specific content Preconfigured PCC rule definition with
AppID = X1 e.g. Netflix URL, Port 80,
Enabling/Restricting Access Gating or strict/ loose QoS controls on
PCC rule (BH, non BH)
Per subscriber per AppId steering (e.g. URL=Netflix) steering
and PCC/ADC Controls.
Charging control via Gy on MBG or SDG (depending whether
TDF is integrated or distributed)
Optional Gy charging on HTTP TDF: (charging on volume of
unoptimized video)
Dynamic (e.g. BH, non BH) policy control on optimization
-Video trancoding and trans-rating
-Image compression
-e.g. BH optimized, non BH=unoptimized
- Per subscriber policy controlled restriction on content access (e.g. BH
restricted, non BH non restricted)
-Eventually, charging on optimized content
30 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
WHAT ABOUT SDN ?
31 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SERVICE CONTROL A TIERED TIME-SCOPE
Subscriber
lifetime
Services
Network
mgmt
User
Behaviours
Provisioning
Activation
Modifcation
Config Mgmt
Prov. Mgmt
App1,2 App 3
Online and
offline ntw
controls Online e.g
PCRF or OCS
Offline e.g.
analytics
session
App 4,5
App6
Application centric
behaviours mandate a
closed loop control
between control layers
which are separate, today
32 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
W O R K F L O W
ARCHITECTURAL CHALLENGES DOES SDN ADDRESS THE FULL SCOPE ?
NMS / Provisioning NMS / Provisioning
A Z
A Z
Controller (optional)
The biggest problem to be solved is the near non-existent feedback loop
between applications and the network.
applications
network
Applications
Network
Make networks relevant
to applications and v.v. They interact through orchestration
Network APIs unlock useful information
Augment and enable existing workflows A larger scope than SDN
33 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
PROGRAMMABLE NETWORK MODEL
Application
Control Plane
Data Center
SOAP, SAML, Diameter, REST
RADIUS, Diameter, COPS, CLI, OpenFlow
“In network”
Application
Network
34 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
PUTTING SDN & OPENFLOW IN CONTEXT
SDN focus
OpenFlow focus
focus
35 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
OUR DIFFERENTIATORS
36 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
The principles of
dynamic service orchestration and steering allow service providers to evolve their architecture toward a
virtualized service-delivery infrastructure without forklift changes in the architecture design
The architecture allows
flexible deployment scenarios
while ensuringoptimization of resource usage for subscriber and application control
Full support of
monetization use cases. Esisting ones, more challenging ones based on dynamic PCC e.g.
Network congestion, dynamic charging , sponsored usage
OUR DIFFERENTIATORS
Personalization and
monetization
support
Flexible Deployment
scenarios
Creating the basis
for virtualization
38 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
API WEB SERVICES
USER AND
APPLICATION
LAYER
OPEN GARDEN / SERVICE FEDERATION DOMAIN
MEDIUM TERM 2015 APPLICATION ABSTRACTION VIEW - TOP VIEW
SERVICE EXPOSURE
• Identity
• User Location
• User Status
• Charging Control
WEB SVCS PARLAYX
Subscriber
DB
REST Partner API
NETWORK ASSETS
GGSN/PGW
BNG
NETWORK ENABLERS
AAA
HLR
HSS
P-CSCF/ SOFT SW
LEGACY VAS/IN
SPR
IT ENABLERS
DNS/ENUM
IMS AS
GMLC
PRESENCE
CDN / CACHE
CONTENT SVRS
SIP, Diameter, INAP/CAP,
SMPP, MLP, ICAP, ISUP
IN HOUSE APPLICATIONS
• QoS Control
• Network Status Control
• Messaging
• Rich Comm Control
Device
Application 1..n
Device
Application 1..k
TELSTRA WEB
PORTALS
OCS
OFCS
MMSC
SMSC
OSS ENABLERS PERFORMANCE MGMT FAULT MGMT PROVISIONING MGMT
• Application Identity
• Application Usage SLA
SERVICE QUALITY MANAGEMENT
WEB
APPSERVER
APP 1
WEB
APPSERVER
APP N
NP CS CALL CTRL
DPI PROXY
SOAP/XML, CORBA,
LDAP, SQLNet, etc.
PCRF
POLICY
HTTP, RTP, RTSP, RTCP,
etc..
• Content Delivery control
• Service activation status
and change
• FCAPS exposure, Service
quality mgmt
NETWORK IT PROTOCOL LAYER
SELFCARE
Telstra Device
Application 1..k
TELSTRA WEB
SERVICES /
APPS
Telstra Device
Application 1..k Browser
PORTALS
Browser STB
GUI
WEB SVCS PARLAY X REST WEB EXPOSED
ZONE
SECURE
NETWORK /IT/OSS
ZONE
SECURE WEB
ZONE
WEB SERVICES
LAYER
Subscriber and Service State
Datastore
Historic Knowledge
Base
Online Status
SERVICE
ACTIVATION
/ MODIFY
NETWORK
SERVICE
INVENTORY
SERVICE CATALOG
CONTENT CATEGORIZATION
ANALYTICS
CRM / WORKFLOW
FUTURE