Cutting up the perfect piece: DPI-enhanced traffic intelligence for 5G network slicing
By John Bonzey
Published on: 26.05.2021
Nowadays, 5G has become synonymous with unlimited bandwidth. It represents a major leap in wireless transport capacity and capability. 3G introduced mobile data, and 4G mobile broadband. 5G takes these technologies several steps further. With 5G, cellular networks can provide general purpose internet services. But 5G can do more: It can be used to radically grow capabilities for other computing applications such as the Internet of Things (IoT) and edge computing. And it’s already happening – the global 5G infrastructure market is expected to grow from $3.5 billion in 2020 to a staggering $53.8 billion by 2026.1
The International Telecommunications Union specifies three classes of usage for 5G. The first class is Enhanced Mobile Broadband (eMBB), which is simply an upgrade of existing functions of 4G. 5G will offer speeds that are at least 10 times faster than 4G, with zero to low latency, which 4G is not even remotely achieving.2 With better speed, throughput and capacity, eMBB will enhance hotspot connections, for example at stadiums, and enable higher quality multimedia streams.
The second 5G usage class is Ultra-Reliable Low-Latency Communications (uRLLC), which uses 5G for critical applications that necessitate uninterrupted and stable connections. Use cases will include remote surgery and industrial automation. The third class is Massive Machine-Type Communications (mMTC), which is used for connecting lots of devices that come together for IoT applications such as fleets of autonomous vehicles and city-wide utilities. On top of these, 5G can also be used for fixed wireless access, which enables communications between any two fixed points like buildings or towers.
As a network, 5G encompasses various network components such as radio, transport and core infrastructure and traffic processing software, and a plethora of endpoint devices. Unlike its predecessor networks, 5G involves a new network management technicality, i.e., network slicing. Network slicing overlays logical or virtualized networks on the same shared physical network infrastructure, creating different ‘slices’ that act as separate networks. Each of these slices can be customized with different speeds, latencies, routing policies and security rules to meet the various service level agreements (SLA) that correspond to different use cases. While eMBB places a greater emphasis on higher speed, uRLLC needs very low latency. Network slicing is needed to implement these different configurations over the same network without one configuration impairing the other.
Deep packet inspection (DPI) is a method for analyzing network traffic. It identifies protocols, applications and application attributes (for example VoIP in a chat app). In addition to IP traffic classification, DPI engines can also extract protocol- and application-based metadata, providing insight into user behavior and application usage. The metadata extraction functionality enables detailed understanding of network transactions and behavior. All in all, DPI is a valuable tool to manage a mobile network. It can be used to gain insights into data passing through a network. This allows managers to privilege more important traffic to fulfill SLAs, gauge consumer trends, and prevent cyberattacks.
As 5G grows in prominence, so does DPI’s role in it. By having a comprehensive purview over a data packet, DPI software brings knowledge about what applications or protocols make up the network traffic, e.g. audio or video calls, or streaming, or transmitting files. Advanced DPI engines, such as our OEM software R&S®PACE 2, can even inspect encrypted data, which, according to FortiGuard Labs, made up about 85% of web traffic in 2020 compared to just 55% in 2017.3 By knowing what application is being used, DPI can adjudicate which network slice traffic should be processed through. As each slice has its own traffic rules, this will decide the implementation of traffic management rules such as enforcement of security policies, content caching, edge processing and routing through premium routes.
DPI software can also see what is happening within each network slice and measure issues in network performance or data traffic. If, for example, bottlenecks or congestions are identified within a network slice, DPI can look through the traffic to see if there are certain applications that could benefit from compression. DPI can also determine if some applications need to be held back so that other more important ones can go through first. Likewise, DPI can spot suspicious data packets, while identifying sophisticated obfuscation technology used by anonymization software, preventing cyberattacks.
The above capabilities, however, need not be restricted to a single slice. A DPI engine can analyze all slices of a network and enable traffic management solutions to manage resources between different slices. For example, if a particular slice experiences more traffic, it can be allocated more bandwidth. If more attack patterns are noticed in a certain slice, that slice can be provided more security resources and policies can be adjusted for it. This reallocation of resources can take place either through human-made adjudications, or through artificial intelligence (AI).
By knowing what’s going on in different slices, 5G network providers can develop optimum pricing rules. They can use the knowledge gained from DPI to capture value that may be lost in an unsliced, monolithic network. DPI provides information about the source and destination of network traffic, the bandwidth requirements of different kinds of clients, the speed and latency norms of different applications, peak hours, season peaks, susceptibility to attacks, etc. These analytics allow mobile operators to charge appropriately for different slices and applications. Each different type of customer may be willing to pay more for a particular bundle of services that may not fulfill another customer’s needs. DPI facilitates such pricing plans and bespoke terms for different customer types.
The above analytics, along with knowledge about the kind of applications and devices being used, can also enable intelligent offloading of data in 5G networks. An operator’s 3G, 4G as well as WiFi hotspots can be used as alternative traffic routes in congested locations or during peak hours. DPI-driven real time traffic intelligence enables fine-grained quality of service (QoS) control. It also allows for the creation of service bundles that incorporate intelligent offloading. This saves bandwidth while optimizing network resources across heterogeneous networks. R&S®PACE 2 more specifically, drives cross-network optimization with a library that comes with no external dependencies. That means it can be hosted and shared across different servers, or embedded in different network devices. It fits together in custom software-defined networking schemes that support the management of heterogeneous networks.
DPI was already very useful for mobile network operators in 4G. With 5G it is even more so. 5G operators need the most precise and subtle information about the data that passes through their networks to slice them most effectively and then manage those slices to the best effect. DPI is the way to get that information.
Download our white paper on DPI for 5G use cases such as network slicing. Find out why application awareness provided by DPI helps network operators to manage an array of new applications and services introduced by 5G.
Sources
15G Infrastructure Market - Growth, Trends, COVID-19 Impact, and Forecasts (2021 - 2026) - Mordor Intelligence - 2021 - https://www.mordorintelligence...
2What is 5G? Your questions answered - CNN - 2020 - https://edition.cnn.com/intera...,around%207%20minutes%20with%204G.
3Keeping Up With the Performance Demands of Encrypted Web Traffic- https://www.fortinet.com/blog/...,55%25%20in%20Q3%20of%202017