Johannesburg, 06 Mar 2019
The world that the network service provider operates in is evolving. According to Peter Goodwin, Sales Director, Service Providers for EMEA at Infoblox, there are three main areas of focus, currently.
"A lot of network operators are looking forward to 5G and to push services as close to the subscriber as possible and improve the user experience by offering lower latency."
1. Network as a service
"This is achieved by going the network virtualisation route," says Goodwin. "Service providers take virtualised appliances and containerised software, then put everything on generic hardware, giving them the ability to spin up and spin down quickly. They save money by using the generic hardware and typically have an orchestration platform to automatically deploy the applications and functions where they need them."
This brings complexity into the mix: the hardware might be generic, but actually provisioning those virtual machines can be tricky, which is why there's a tendency to go the orchestration platform route. "When you create a service in the cloud, you need a good core network service, primarily DNS (domain name system), because you can spin a machine up really quickly, but you can't access it without an IP address and a DNS name. So automating the IP address allocation and DNS name creation, and being able to build up and tear down when needed, becomes a key part of the orchestration platform. This is referred to as the undercloud."
2. Reducing latency
The DNS is really key for subscriber or user experience, as up to 30% of Web page loading time is caused by DNS queries in the background. If you can lower the latency of the DNS requests that subscribers are making, the user experience improves. Once you have a stable, secure platform for the DNS, you can add an application for dedicated caching acceleration, making latency as low as possible.
3. Value-added services
Then you can start to layer a number of value-added services on top of the platform, while still retaining low latency. So, for example, you can start adding security products to mitigate against malware and to protect the network against any kind of untoward behaviour and identify users who are infected. Reputational feeds form part of this arsenal. The DNS is a good place to carry out reputational checking as it can cope with millions of indicators, while some firewalls can't quite scale with the high number of indicators that can be used by multiple feeds, bearing in mind that most feeds overlap by 5% at the most.
The majority of companies subscribe to multiple feeds to ensure they're alerted to all potential malware, spam and new domain registrations. Referring to the latter, Goodwin explains: "History has shown that the majority of new domain names registered will probably be used to distribute malware, so blocking new domain names for an initial period gives the threat feed time to detect whether those domain names are being used for that purpose or not. New domain names are usually registered well ahead of a service deployment, allowing the company time to detect and monitor them for threat-related activity on the network. Where possible, all threat intelligence can be shared with other security infrastructure, with automated action initiated such as blocking domains that routinely send malware requests."
This ability to track devices and requests has other applications, such as being used to provide parental control over access in a home network environment. A converged network, with the right CPE device installed, can identify devices within the home that are making certain queries and assign them different policies. You can have one policy for adults, another for younger children, a third for teenagers that will allow them to access different sets of categories. Should they attempt to access something they shouldn't, they get sent to a blocking page and a report is generated saying what they've done to trigger the blocking page.
Operators today have access to similar services, using deep packet inspection to track the traffic, but opt-in is traditionally very low, at between 10% and 20%, says Goodwin. "Using the DNS to track users and requests reduces the cost and speeds up the process and might increase adoption rate."
In conclusion, Goodwin says a solid network strategy for subscription service providers must encompass the ability to reduce latency through DNS caching; giving operators the flexibility to deploy where they want, as and when they need, and to license them based on consumption of DNS; and then have value-added services layered on top.
Share